Skip to content

New lesson: JSON Web Tokens #29711

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 19 commits into
base: main
Choose a base branch
from
Open

New lesson: JSON Web Tokens #29711

wants to merge 19 commits into from

Conversation

@mao-sz
Copy link
Contributor

@mao-sz mao-sz commented May 17, 2025

Because

As part of the Node revamp's 2nd milestone

This PR

  • Adds a new lesson for stateless auth with JWTs

Issue

Closes #29519

Additional Information

Pull Request Requirements

  • I have thoroughly read and understand The Odin Project curriculum contributing guide
  • The title of this PR follows the location of change: brief description of change format, e.g. Intro to HTML and CSS lesson: Fix link text
  • The Because section summarizes the reason for this PR
  • The This PR section has a bullet point list describing the changes in this PR
  • If this PR addresses an open issue, it is linked in the Issue section
  • If any lesson files are included in this PR, they have been previewed with the Markdown preview tool to ensure it is formatted correctly
  • If any lesson files are included in this PR, they follow the Layout Style Guide

mao-sz added 10 commits May 10, 2025 13:17
@mao-sz
Write introduction and lesson overview
3fcd2f0
@mao-sz
Write section on JWT structure
4a86ca9
@mao-sz
Start stateless auth intro
fbff69d
@mao-sz
Set up minimal app example code
617aaf5
@mao-sz
Change tutorial setup to example snippet
1aed4b3 
No need for a full handholdy tutorial. Just highlight the differences
between stateful/stateless and session/JWT
@mao-sz
Write example of JWT verification middleware
2f9008f
@mao-sz
Use Express method to get authorization header
56d1db8 
req.headers is a Node built-in getter as part of the Message interface
(which extends Request). Not as intuitive to find docs for since people
will likely look at the Request interface first.

It'll be easier for learners to find an Express method in Express docs - consistent with
other Express methods used in this and other lessons.
@mao-sz
Adds brief caveats section
51f8010 
More detail left for a future Sessions vs JWTs lesson
@mao-sz
Complete lesson assignment/knowledge check sections
8d6c3dd
@mao-sz
Fix grammar issues
63f87f0
@github-actions github-actions bot added the Content: NodeJS Involves the NodeJS course label May 17, 2025
Zadag
Zadag reviewed May 18, 2025
View reviewed changes
Copy link
Contributor

@Zadag Zadag left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Various grammar and tonal improvements.

@mao-sz @Zadag
Streamline wording flow
6f7f8fa 
Co-authored-by: Kevin Browne <[email protected]>
@01zulfi 01zulfi added the Project Node Revamp Issues/PRs related to the Node Revamp project label May 24, 2025
01zulfi
01zulfi requested changes May 24, 2025
View reviewed changes
Copy link
Member

@01zulfi 01zulfi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking real good, just a few comments below

mao-sz added 3 commits May 31, 2025 01:13
@mao-sz
Remove "Caveats" section
8f1d4d7 
Content to be covered in a later planned lesson.
@mao-sz
Query DB for user details
10a0cd0 
Closer parallel with sessions example, only omitting DB query for session
@mao-sz
Add brief mention of browser storage options for JWTs
b546d37
@mao-sz mao-sz force-pushed the node-revamp-jwt branch from 7f8ab31 to b546d37 Compare May 31, 2025 00:32
@mao-sz mao-sz requested a review from 01zulfi May 31, 2025 00:33
01zulfi
01zulfi approved these changes May 31, 2025
View reviewed changes
Copy link
Member

@01zulfi 01zulfi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔥

@mao-sz mao-sz requested a review from 01zulfi June 28, 2025 22:23
@mao-sz
Copy link
Contributor Author

mao-sz commented Jun 28, 2025

@01zulfi Just realised with the caveats section gone, there's nothing about logging out with stateless auth. Added a little bit about logging out but leaving the caveat details for the comparison lesson. This little bit should be sufficient and allow the learner to figure out what code they might need based on the mechanism.

01zulfi
01zulfi approved these changes Jun 29, 2025
View reviewed changes
Copy link
Member

@01zulfi 01zulfi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice catch

@mao-sz
Rephrase JWT encoder/decoder instructions
d6a19c8 
jwt.io now has a slightly different decoder/encoder interface.
@mao-sz
Fix code example formatting
4735c7d
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@01zulfi 01zulfi 01zulfi approved these changes

+1 more reviewer

@Zadag Zadag Zadag left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

Content: NodeJS Involves the NodeJS course Project Node Revamp Issues/PRs related to the Node Revamp project

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

New Lesson: JSON Web Tokens

3 participants

@mao-sz @Zadag @01zulfi