Ask HN: API Authentication Using Passport.js
Hello everyone. I am trying to implement API authentication in my nodejs, reactjs application using passport.js github authentication and need to clarify some confusion.
First of all, I want to authenticate my API endpoints via JWT tokens ( and not by session cookies ). So, I disabled the default `session: false`.
I created all routes `/auth/github` and `/auth/github/callback` and attached them with my react frontend.
So, it works. I am prompted with github sign-in. And github gives me my user information, access token. refresh token etc.
Now my questions are
what should I have to do next?
What informations do I need to store in my database?
Do the `accesstoken` provided by github enough for me to secure the API routes or Do I have to generate *JWT* token (with the payload provided by github) and then follow the common JWT authentication procedure?
Thank you for your time to listen to my question. I am confused about passport.js and integration between frontend and backend.
No comments yet.