Authentication with JWT

Token Based Authentication using JWT
In this example, we’re going to build 2 Endpoints for token-based authentication:
1.Create a JWT Token
2.Verify a JWT Token
Before we get started with building the Endpoints, let’s create the needed Environment Variables. Head over to the “Environment Variables” section in the Sidebar, located on the right-hand side of the app, and create the following variables:
1.JWT_SECRET - A secret value that JWT will use to encrypt your data
2.JWT_ISSUER - The issuer of your token
Specify the value to be used for both the Development and Production environment.
Endpoint #1: Create a JWT Token
1.Create an Endpoint named create-jwt-token and set the method type to POST
  2. Paste the following code into the Code section
const jwt = require("jsonwebtoken");
​
async function response({ body, headers, env }) {
  const { JWT_SECRET, JWT_ISSUER } = env;
  const { username, email, firstName, lastName } = body;
  
  const token = jwt.sign({
    username, 
    email, 
    firstName, 
    lastName
  }, JWT_SECRET, { 
    audience: "users",
    issuer: JWT_ISSUER,
    expiresIn: "90d",
  });
​
  return {
    status: 200,
    headers: {},
    body: {
      token
    },
  }
}
Given a body payload that contains a username, email, firstName, and lastName, this Endpoint will return a JWT token! Give your Endpoint a try with this sample body payload:
{
  "username": "johndoe",
  "email": "[email protected]",
  "firstName": "John",
  "lastName": "Doe"
}
Sample Success Response:
{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImpvaG5kb2UiLCJlbWFpbCI6ImpvaG5kb2VAZXhhbXBsZS5jb20iLCJmaXJzdE5hbWUiOiJKb2huIiwibGFzdE5hbWUiOiJEb2UiLCJpYXQiOjE2NjQyOTY0MDAsImV4cCI6MTY3MjA3MjQwMCwiYXVkIjoidXNlcnMiLCJpc3MiOiJidWlsZGFibGUifQ.FXNfaiu-EnQ7QHyM_rVj_XM3X6wXgjpF1622rgKTVKs"
}
Endpoint #2: Verify a JWT Token
1.Create an Endpoint named verify-jwt-token and set the method type to POST
  2. Paste the following code into the Code section
const jwt = require("jsonwebtoken");
​
async function response({ body, headers, env }) {
  const { JWT_SECRET, JWT_ISSUER } = env;
  const { token } = body;
​
  const responseBody = {
    success: true,
    data: null
  };
​
  try {
    const decodedToken = jwt.verify(token, JWT_SECRET, {
      issuer: JWT_ISSUER,
      audience: "users"
    });
​
    responseBody.data = decodedToken;
  } catch (error) {
    responseBody.success = false;
  }
​
  return {
    status: 200,
    headers: {},
    body: responseBody
  }
}
Given a body payload that contains a token, this Endpoint will return a JWT token! Give your Endpoint a try with this sample body payload:
{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImpvaG5kb2UiLCJlbWFpbCI6ImpvaG5kb2VAZXhhbXBsZS5jb20iLCJmaXJzdE5hbWUiOiJKb2huIiwibGFzdE5hbWUiOiJEb2UiLCJpYXQiOjE2NjQyOTY0MDAsImV4cCI6MTY3MjA3MjQwMCwiYXVkIjoidXNlcnMiLCJpc3MiOiJidWlsZGFibGUifQ.FXNfaiu-EnQ7QHyM_rVj_XM3X6wXgjpF1622rgKTVKs"
}
Sample Success Response:
{
  "success": true,
  "data": {
    "username": "johndoe",
    "email": "[email protected]",
    "firstName": "John",
    "lastName": "Doe",
    "iat": 1664296400,
    "exp": 1672072400,
    "aud": "users",
    "iss": "buildable"
  }
}
​
Fundamentals - Previous
Deploying & Monitoring
Next - USE CASES
Query Data from MongoDB
Last modified 5mo ago