A major component of any modern authentication strategy is the management of a user’s devices. With different forms of stateless authorization allowing accessibility from browser and native clients simultaneously, knowing which device is accessing a resource can be critical for application functionality and the user’s security.
In this article, we will discuss one possible authentication strategy and then demonstrate how it can be implemented with a NodeJS REST API.
We will be discussing the use of refreshable JWT’s to maintain authentication across multiple devices. There are two types of tokens discussed in this example: a short-lived access token (JWT) and…
Self-taught developer from Charleston, SC. Computer Science and Business student at the University of South Carolina.