Which data put in jwt-tokens (node.js + mongoose)?
Question
Sorry for bad English. To generate JWT-token i'm using
jwt = require('jsonwebtoken');
/* some code */
//function to create jwt-token
function createToken(user) {
return jwt.sign(user, config.secret, { expiresIn: 60*60*5 });
}
/* some code */
//after registration/authorization (if success) createToken token function is calling
createToken(user);
I would like to learn the best practices, what data must be passed to a function to create the token. For example, can this be as:
login (John) and id( ObjectId("5821d94dbb021a1360582da3") when using MongoDb)?
And here, I think, will be relevant question:
If I store in token some information that allows initialize user, I can pull its data from the database. Is this correct, initialize the user from authorization header from JWT? For initialization I'm using express-jwt , which, if successful, sets req.user ? Thanks.
1 answers
solution1
0 2016-11-09 13:33:29
you can put the generated token in browser local storage, if you are using browser. You can also store session values in the token itself, those values will be decoded on the server side by nodejs.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.