Generating tokes from backend
-
First of all, configure
.env
to provide a secret and it won’t be accessible from code.jwtSecret="A SECRET REALLY SECRET"
Page to generate greats passwords:
-
In our
auth.routes
configure secret such as we did in the last lessonrouter.post('/login', //We are using the local strategy and not using sessions passport.authenticate('local', { session: false }), async(req, res, next) => { try { const user = req.user; **const payload = { sub: user.id, role: user.role }** **const token = jwt.sign(payload, config.auth.jwtSecret);** res.json({ user, token }); } catch (err) { next(err); } } );
-
Finally, try it in insomnia/postman!
¿Quieres ver más aportes, preguntas y respuestas de la comunidad?