Hey I’m back with a second post today, and an exciting one. I actually made something that I listed in the last post. I made a JWT service. It’s really simple and doesn’t control adding users to the list, which means that everyone can add users which is probably not the best. It’s fairly easy to add some more authorisation though, which is what I’ll do if I need to use this for an actual project.
I’ve used a couple of libraries to create it and they’ve made it very easy to
build the app. I used express as the server framework.
For JWT I used the
jsonwebtoken library, which
is also very simple. To store users I used
keyv. It’s a very simple key/value store
that has usernames as keys and hashes as values. I don’t need to store the JWTs
anywhere because they can be verified with just the secret. Keyv has a couple of
adaptors that make it easy to connect it to a persistent database, personally I
use postgres. Lastly I needed bcrypt to hash the stored passwords. With these
three libraries the whole service (without user creation auth) is only a single
file of 81 sloc (single lines of code). It only has four methods:
/user. For specific information on how it
works and to try it out check
the Github repo.
Create an issue if you think something should be better, I’ll probably extend it a little bit more with extra data on users and authorization on creating users but for now it works.