Excellent video that captures node, postgres and jwt for authentication. Would be great to see an example now of postgres row level access for a user to only be able to edit their row in the users table.
Thank you so much. It helped a lot. I have a question. When accessing the API on client side, jwt-decode is not giving me the correct data. Refresh token is not generated correctly. Please make a second part how to access it from client server
@@caleb-codes Just depends on use-case. If it's something that you may want to instantly revoke access for, then sure. For things where read access does not need to be instantly revoked, JWT is always an option. When using JWT, create, update and delete actions can simply be verified against the user profile's version (any time status, password, etc, is changed, create new version number, or string) I'm assuming you've heard someone say that it isn't secure, or something along those lines and it's completely untrue. There is absolutely nothing unsecure about JWT authentication, as long as it is implemented properly. On most projects, it's more than adequate enough with it's access revoke limitations and will cost less money than sessions.
You are a really great tutor sir. Thank you for taking your time to create such a lesson.
Excellent video that captures node, postgres and jwt for authentication. Would be great to see an example now of postgres row level access for a user to only be able to edit their row in the users table.
Good content, it would be nice if you have a created part 2 just for the front end.
@Morgan Page,
It would be awesome if you make this process together with a simple react app.
very good tutorial for postgres!!
This was super helpful. cheers.
Thank you for this tutorial, It helps a lot.
Thanks for this wonderful tutorial
Good job! Excelent project!
Thank you so much. It helped a lot.
I have a question. When accessing the API on client side, jwt-decode is not giving me the correct data.
Refresh token is not generated correctly.
Please make a second part how to access it from client server
Thank you! It was very helpful!
thanks men! 🔥
very helpful video! thank U!
I am getting the following error: bash: syntax error near unexpected token `('
I'd really love to see a tutorial on the use of passwordless e.g. 'magic link' implementations. most of the documentation out there is really vague.
How i insert refresh token add into database
Thanks a lot
хороший курс. смотрите с яндекс браузером он переводит аудио автора
What is the password for user postgres, sir?
signup would have made this complete, and accessing a private page
i noticed you didn't store the access token anywhere. How are you supposed to send it as a header if it's not stored?
Hey, did you get any answer to this, or is it alright the way it is ?
@@nicmic4999 I decided not to do token cause they're bad. Do sessions
@@caleb-codes for real? Can you give me any link or stuff like that for more info?
@@caleb-codes Just depends on use-case. If it's something that you may want to instantly revoke access for, then sure. For things where read access does not need to be instantly revoked, JWT is always an option. When using JWT, create, update and delete actions can simply be verified against the user profile's version (any time status, password, etc, is changed, create new version number, or string)
I'm assuming you've heard someone say that it isn't secure, or something along those lines and it's completely untrue. There is absolutely nothing unsecure about JWT authentication, as long as it is implemented properly. On most projects, it's more than adequate enough with it's access revoke limitations and will cost less money than sessions.
Thanks a lot