As a developer I would like to be able to implement JWT by default about express-typescript-boilerplate HOT 5 CLOSED

This project doesn't work. Good idea but, it doesn't work

from express-typescript-boilerplate.

Hi @sinner

Please have a look at authorizationChecker.ts in auth for validating the token.

from express-typescript-boilerplate.

Hi @dweber019!

Thank you very much for your response.

It's difficult to know that, moreover, I think there will be a list of URLs enable to manage a JWT connection (sign-up, sign-in, logout, refresh-token...).

Do I need to put this logic inside the authorizationChecker.ts file or it's already there?

from express-typescript-boilerplate.

Hi @sinner

We mostly use Auth0 or an other authorisation party which will provide the JWT management urls.
The authorizationChecker.ts is only for checking that a token is provided and valid. So it's like a hook and is no opinionated.

If you use the @Authorized decorator, then the authorizationChecker.ts is used to check if the user is authorised => has a valid token.
See here for usage of @Authorized: https://github.com/w3tecch/express-typescript-boilerplate/blob/develop/src/api/controllers/PetController.ts#L7

If you like to have management urls like provisioning a token for user you have to implement that by your self. I would suggest you use passportjs. Here a good example how to implement jwt with a node app: https://scotch.io/tutorials/authenticate-a-node-js-api-with-json-web-tokens
According to the tutorial you would also create a route like authenticate and check the token in the authorizationChecker.ts with jwt.verify(token, ....

from express-typescript-boilerplate.

@sinner Sorry to hear that.
Our goal is to be not opinionated on authentication. Additionally we use this boilerplate in a more mature architecture, where the authentication is done by a other system. This is because of SSO, audit trails and a lot of other security reasons.

from express-typescript-boilerplate.