Auth0 + JWT + NodeJS + Express End-user authentication (Login)

Cristian Tala Sánchez
Cristian Tala Sánchez used Ask the Experts™
on
Has been almost a year that I switch to Auth0 in order to manage my customer's access to the dashboard of my application. Nowadays I need to implement access for a RESTFULL API.

If I follow the instructions in order to secure the NodeJS app using JWT it works like a charm. The issue is that I am not properly sure on the implementation for the end user in order to get the token needed for access this API.

I thought of creating the tokens on the dashboard or just use a server side implementation for the login/authentication. I did the last using the access to my own database before and worker amazingly. My issue is that I am not completely sure on how to do it for the end user using Auth0.

Would be great if you can guide me in order to implement the login/authentication side of the API using auth0 and nodejs.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
David FavorFractional CTO
Distinguished Expert 2018

Commented:
So long as your connection is SSL/TLS wrapped, then you can create tokens any way you like + no one will be able to figure these out by just scrapping the line.

Just create a random 32 byte alpha-numeric code. I suggest sticking with alpha-numeric, so these strings are easy to cut + paste.

Remember, adding special characters provides no real security benefits. Real security comes from length of random string. The longer, the better.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial