Skip to content

Complete JWT Token Implementation #38

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
rxmox wants to merge 5 commits into
base: backend
Choose a base branch
from
Open

Complete JWT Token Implementation #38

rxmox wants to merge 5 commits into from

Conversation

@rxmox
Copy link
Collaborator

@rxmox rxmox commented Jan 15, 2026
edited
Loading

Summary

Completes JWT token implementation by adding token generation to login response and demonstrating route protection with a protected endpoint.

Changes

  • Add JWT token to login response (auth_controller.ts)

    • Import generateToken from jwt_utils
    • Generate JWT token after successful login
    • Return token in login response alongside userId

  • Add protected /me endpoint (user_route.ts)

    • Import and apply authMiddleware to protect the route
    • Returns current user's profile (excluding passwordHash)
    • Demonstrates JWT authentication working correctly

Testing

1. Login to get token

POST http://localhost:4000/api/auth/login
Content-Type: application/json

{
  "email": "test@example.com",
  "password": "password123"
}

Response includes token:

{
  "message": "Login successful",
  "userId": "673abc123...",
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}

2. Test protected endpoint

GET http://localhost:4000/api/users/me
Authorization: Bearer <token-from-login>

Should return current user's profile.

3. Test without token

GET http://localhost:4000/api/users/me

Should return 401 Unauthorized.

Test Results

✅ JWT token generation - Working
✅ JWT token verification - Working
✅ Protected route with valid token - Working
✅ Protected route without token - Correctly rejected (401)
✅ Protected route with invalid token - Correctly rejected (401)
✅ TypeScript compilation - Success

Notes

  • Token expiration is set to 30 days (configurable in jwt_utils.ts)
  • The /me endpoint serves as an example for protecting future routes (events, etc.)

Next Steps After Merge

  • Apply authMiddleware to event creation and management endpoints
  • Add user profile update endpoints
  • Test JWT authentication with event operations

rxmox added 5 commits November 27, 2025 16:04
@rxmox
setup jwt utility functions
90554cf
@rxmox
updating json files
9d33f6d
@rxmox
started auth middleware
69ca14d
@rxmox
created Auth middleware
8511c2b
@rxmox
Complete JWT token implementation (TICKET-17 & TICKET-18)
8d4b7c1 
- Add JWT token to login response in auth_controller.ts
  * Import generateToken from jwt_utils
  * Generate token after successful login
  * Return token alongside userId in response

- Add protected /me endpoint in user_route.ts
  * Import and apply authMiddleware
  * Returns current user's profile (excluding password)
  * Demonstrates JWT authentication working

This completes the JWT authentication implementation.
Users now receive a token on login that can be used to
access protected routes.
@rxmox rxmox changed the title Complete JWT Token Implementation (TICKET-17 & TICKET-18) Complete JWT Token Implementation Jan 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lnqminh3003 lnqminh3003 Awaiting requested review from lnqminh3003

@rodolfo-gp rodolfo-gp Awaiting requested review from rodolfo-gp

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rxmox