JWT Authentication Tutorial - Node.js

If you're building your own authentication system, it's a really good idea to include a flag in your payloads, to indicate whether that token was generated by authenticating with user credentials, or by using a refresh token. You can use this flag to authorize sensitive operations, such as changing your password or making payments - so if the user didn't log in recently, you can prompt them to log in again for sensitive operations. I would say this is a must for most applications.

The single tutorial a dev should ever watch to get their heads wrapped around auth. Great pace and flow, pure English, pleasure to watch and listen to!

I discovered your channel 30 minutes ago and I have already subscribed. Your way of explaining things with minimum jargon and straight forward approach is so refreshing.Keep up the good work!

You nailed these tutorials! I actually understand what you are explaining. You don't dilute it with unnecessary lingo in an attempt to sound smart. Thank you!

I am so close to start crying of joy. I just spent so long trying to figure this out and then I found this video. Thank you so much. Honestly, you make my favourite tutorials.

It took me only 27 minutes to understand a simple concept that has been overly complicated by some bloggers. Thanks man, that was great.

Kyle has an amazing talent for teaching and this demystifies a lot of how to implement JWTs on the server end. If I may, one caveat I would add is adding access and refresh tokens in the body payload may be prone to being stolen in an XSS attack and depending on how secure you would like to make your site you might want to instead store them on http-only & secure cookies with a samesite set to at least lax so they're not read by Javascript and easily stolen. Again, this tutorial is on point on so many levels and amazing!

this is how code tutorial video should look like! Simply, precize, no overtalking, just exact content we need, very good job!

Thanks for keeping it simple! You are living up to your name.
I watched 5 other jwt videos from well-known vloggers, and was still left confused.
This one was spot on. I get it now. Thanks!

No nonsense just straight to the point.
Clear and precise explanation.
Thanks you for time for a good tutorial, cheers!

I'm from South Korea, Kyle explains in a concise and straight plus simple easy way which makes me understand way better than Udemy courses.

Thank you Kyle for another great video!! Especially by making some confusing topics much clearer and understandable in such little time. I think that many of us could benefit a thousand times more from this jwt knowledge if you created a sequel to this video, or even simply a separate video all together explaining how this backend logic is tied in with the front end via a js framework or keeping it simple like ejs or regular html. There is not a whole lot of good quality educational videos or documentation covering how it can all be connected and implemented into a true fullstack application. It took me a very long time to figure out how to serve my front end as well as authenticate users with jwt using ejs. I would love to see a good video on this from you. Thank you again!

Yoooo, I just found your channel this week and wanted to let you know I love your content. Super informative, clear explanations, all around great videos. Keep up the good work!

Yeah, I appreciate tutorials like this, a perfect blend of explanation and implementation. Thanks a million!

Hi, I would particularly like to praise your clear explanations and your super clear pronunciation. So it is very easy to understand, even for someone like me, who doesn't have a lot of experience in English and who often has trouble following English-language content with a strong accent. Really great!

You blink a lot, but holy crap! You speak so clearly and teach so well without any cuts! AMAZING! Thank you so much!

Have to say this was short and loaded with information. I really liked the part where you also explained the Auth and Resource server. Really appreciate the content :)

Exactily what I need! You just got a new subscriber. Simple, direct to the point, no use of database and other things, really direct to the point! Saves a lot of time. Thank you!

Its really hard to explain how valuable this channel is to me. Thank you for existing

Man! every video of yours are most simplified on the web one could ever find.....Great work

Kyle is a really good teacher. His tutorials helping me a better developer.

Your tutorials are some of the best on YT and I watch a LOT of programming tutorials! 👍🏻👍🏻👍🏻👍🏻👍🏻 🌟🌟🌟🌟🌟

Damn this is amazing. Wasted 4 hours watching shitty videos and then came through this. Just 30 mins and everything well explained on point. Thanks a lot bro. You got a new subscriber!!!

Thank you for explaining complex concepts in very simple and straight forward way I watched many of your videos and I learnt a lot of things that no body could teach in 1 video but you are way of explaination is awesome, you are one of the best teacher in the universe, thank you so much :)

In just 30 mins i've learned what a ton of books couldn't explain clearly.

i love how effortless and efficient you explain everything. and all the tools you use are really cool and easy to setup. thanks!

This lives up to its name. Truly simplified. 💙

The absolute clearest tutorial I've ever seen on the topic. I wish I had found this earlier.

This is probably the first time I'm writing a comment to a video. The reason - just wanted to acknowledge the quality of content. Especially how nice & simple everything is explained.

Very distinct skill of explanation, could not be more lucid than this, 2 days of here and there in 20 min

Great video as always! Just wanted point out that what's being covered here is called authorization, not authentication. Authentication is when you confirm a user's identity and authorization is giving that user access to parts of the website

Superb tutorial, video and sound! It's rare to find such quality. Subscribed and looking forward to more of your content.

The greatest video about jwt implementation on node i've found at internet!
Thanks a lot!

i echo the sentiment that i have learned more with this video then reading books for hours.. Well done :)

Man, this is the most efficient tutorial on the topic. Where is your applause button dude.

Thanks youtube for recommend this channel. I just started to learn programming two weeks ago and find your channel. It is great content for me even i still did not really understand it most of the part so i need to learn a lot from the scratch.

Thanks for the video, I never saw tutorial video without skipping its part, but you broke that with the great way of story telling. Very helpful video.

I'm using sails JS and their documentation is a hit or miss with a lot of things. They also have support for sessions instead of JWT. Your explanation and walkthrough were so nicely made that I was able to translate the logic of signing and verifying JWT into helpers for my project. Thank you!

Dude this was the best video I've seen about JWT and how easy you made it to implement.

Great stuff on JWT! I needed this info for my current project at work, and this came in extremely handy! Subbed!

You did a really good job with this video dude. Simple and clean.

Kyle your video inspires me to learn more...and makes easy to understand all the aspects. Thank you so much.

The best JWT video ever! You are amazing! Keep doing things like this.

I tried to implement JWT by watching different tutorials but i couldnt understand it, your video was the only video i understood, best node js videos keep it up; great work

I LOVE anything you make related to Node.js. Thanks always

This video is perfect for me to understand a concept of JWT token and refresh token. I really appreciate it. Thanks Kyle. :)

Thank you man, you are one of the rarest who gives real solutions

Thank you, Kyle, for this informative content. I filled many gaps watching your videos and following your advices

Bro you are the best. That is all I can say. you simplify the complex. ...keep it up.

God bless you dev. This tutorial was fantastic! I understand what you're saying. You don't dilute it with unnecessary jargon. Thank you very much.

Amazing quality, thank u. Just watched your jwt intro.

this is amazing, the way you explain all this concepts make it look easy

You're the JWT mastermind :)

I always pick up something new from your videos. Thanks

This video cleared up a lot of things regarding JWT. Thanks a lot!

Really nice video, i just leared all I needed to know about jwt in order to use it in my project. Thanks a lot dude! Really big thumbs up

Kyle. Your videos are so helpful. Thanks so much.

Your videos are always brilliant. A big 🙏

I know this is kind of older, but great presentation, very clear! I have a similar video for doing this in c# (also pretty old), but love how you explained it all here. Thanks!!

thank you so much for the clear and concise explanation. I am looking forward to watching more videos from you.

It is just awesome. Unbelievable clear and useful explaining. So many thanks to you!

Best tutorial on JWT token. You are straight forward and that's why I have already subscribed to your channel.

That Rest Client plugin is so useful! Works like a charm.

Thanks a lot from France for your video, this is so simple doing things with your explainations, please never stop ;)

Nice video man, just found your channel. You explain things very well. I didn't have any trouble following what your doing.

Kyle, it would be amazing if you could make a video on how to handle JWTs on the client-side, particularly in React, in order to close the loop on this topic. As always, awesome video :)

Great video Kyle. Straight to the point! 👍

You have such a fantastic way of teaching!

Thanks for making this! Fun fact for anyone else watching: you can configure dotenv from your package.json scripts so that you don't have to write require in every file by using the -r flag and dotenv/config like so:
"scripts": {
"dev": "nodemon -r dotenv/config index.js"
},

Excellent video. Probably one of the best explanations I have seen. Also, fast - in a good way.

Where have you been all my life Bro. --- THANK YOU for making my job eaaaaaaasy.

Thank u for your tutorials Kyle!

Great pacing, great delivery. Well done!

Hello Fireship, I love your 100 seconds videos.

Awesome video! Thank you for taking the time to do this type of content 🙌🙌

Amazing! Your content always fascinates me and I learnt many things from you man!

Best programming ASMR channel 💓

I am very grateful for this tutorial, thank you! My hobby project is one step closer to not being a hobby project.

certified beginner-friendly
enlighten my noob jwt knowledge in less than an hour

Thank you for this tutorial. You nailed it.

Thank you for that great video Kyle! Really usefull and well explained!

Thanks a lot Kyle. Great video as always

Exactly what I was waiting for

Another epic from the best dude on youtube ever!! thanks a ton, Kyle!

God Bless you man, this is great within 30 minutes JWT and auth isn't mystery anymore, keep it up, you're going to help a lot of people. God Bless you!

You have won a subscriber! Good content, thank you for sharing!

Really great videos! Awesome explanation! Thank u so much :)

Amazing content! You teach us so much in 30 mins at the right pace and the right way. Thank you so much!

Amazing stuff, keep on with the great work!

Amazing content. Learning a lot. Keep up the good work!

Kyle.....You are a gem for developers....

Awesome content, really well explained and nicely done, kudos!

These are really excellent tutorials!!

Thanks for posting this, lots of learning from this video

Thank you very much, Kyle. Your video helped me find a job. Thanks for sharing.

great video man. you made it so easy to understand

Thanks Kyle, very helpful to learn using JWT with JavaScript!

Very good! Likewise I subscribed as soon as a recognized the clear approach!

Thanks bro amazing content! God bless you and your family!

Have a good day you too...👍🎊
You just SIMPLIFIED my WEB DEV query in few minutes... ❤️🙏