65-Nodejs Course 2023: Auth: Decoupling JWT
Hasan Zohdy
Posted on November 16, 2022
In our previous article, we'have made our first successful login, now let's decouple the JWT handler.
Decoupling JWT
Why would we do that? well, because of two main reasons, the first one is to make it accessible from everywhere in the application not in the http folder only and secondly if we wanted to change the JWT handler later, we can easily do it when it is decoupled.
Let's create a new folder called jwt
in src/core/auth
and create a new file called jwt.ts
in it, then let's move the JWT handler from src/core/auth/registerAuthRoutes.ts
to src/core/jwt/jwt.ts
.
// src/core/auth/jwt.ts
import request from "core/http/request";
import { getServer } from "core/http/server";
const jwt = {
/**
* Generate a new JWT token for the user
*/
async generate(payload: any, options?: any) {
return getServer().jwt.sign(payload, options);
},
/**
* Verify Current token from request which will be in the `Authorization` header
*/
async verify() {
return await request.baseRequest.jwtVerify();
},
};
export default jwt;
So basically what we did here is we created an object with tw methods, one to generate a new JWT token and the other to verify it, then we exported it, both methods are async
because we are using await
in the verify
method.
Now let's import the JWT handler in src/core/auth/registerAuthRoutes.ts
and use it instead of the old one.
// src/core/auth/registerAuthRoutes.ts
import { Response } from "core/http/response";
import { getServer } from "core/http/server";
import router from "core/router";
import jwt from "./jwt";
import AccessToken from "./models/access-token";
export default function registerAuthRoutes() {
// get server instance
const server = getServer();
// now let's add a guests route in our routes to generate a guest token to our guests.
router.post("/guests", (_request, response: Response) => {
// use our own jwt generator to generate a token for the guest
const token = jwt.generate({ userType: "guest" });
AccessToken.create({
token,
userType: "guest",
});
return response.send({
accessToken: token,
userType: "guest",
});
});
// now let's add an event to validate the request token
server.addHook("onRequest", async (request, reply) => {
if (request.url === "/guests") return;
try {
// use our own jwt verify to verify the token
await jwt.verify();
} catch (err) {
reply.status(401).send({
error: "Unauthorized: Invalid Access Token",
});
}
});
}
Now what remains is that we need to create the current user
function which returns the current user model, which can be an instance of Guest
model or User
model and so on.
This is what we're going to do in our next chapter.
🎨 Conclusion
In this chapter, we've decoupled the JWT handler, so we can use it from everywhere in the application.
🚀 Project Repository
You can find the latest updates of this project on Github
😍 Join our community
Join our community on Discord to get help and support (Node Js 2023 Channel).
🎞️ Video Course (Arabic Voice)
If you want to learn this course in video format, you can find it on Youtube, the course is in Arabic language.
📚 Bonus Content 📚
You may have a look at these articles, it will definitely boost your knowledge and productivity.
General Topics
- Event Driven Architecture: A Practical Guide in Javascript
- Best Practices For Case Styles: Camel, Pascal, Snake, and Kebab Case In Node And Javascript
- After 6 years of practicing MongoDB, Here are my thoughts on MongoDB vs MySQL
Packages & Libraries
- Collections: Your ultimate Javascript Arrays Manager
- Supportive Is: an elegant utility to check types of values in JavaScript
- Localization: An agnostic i18n package to manage localization in your project
React Js Packages
Courses (Articles)
Posted on November 16, 2022
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.