How to use JWT to authenticate user on a custom server?
I want to write a custom server where I need to authenticate the user, that has made a request.
Unfortunately I am a complete beginner when it comes to authentication.
Current state
Currently I am getting the refresh token from an authenticated user like this:
I copy and pasted this value(for now) and set it as a parameter on the server:
Inside the servers middleware, I set
to use the users credentials on the server.
Questions
1) I have read that I can verify an accessToken by using the JWT secret of my project to make sure the request if from a real user. However, I am a bit confused here because the
2) How/where do I set the tokens value? Do I include it in the request header?
Unfortunately I am a complete beginner when it comes to authentication.
Current state
Currently I am getting the refresh token from an authenticated user like this:
I copy and pasted this value(for now) and set it as a parameter on the server:
Inside the servers middleware, I set
to use the users credentials on the server.
Questions
1) I have read that I can verify an accessToken by using the JWT secret of my project to make sure the request if from a real user. However, I am a bit confused here because the
.setSession() requires a refreshToken. Do I need to send both the accessToken and the refreshToken to the server? If not, how can I authenticate the user on the server?2) How/where do I set the tokens value? Do I include it in the request header?
