-
Prisma
Next-generation ORM for Node.js & TypeScript | PostgreSQL, MySQL, MariaDB, SQL Server, SQLite, MongoDB and CockroachDB
-
SurveyJS
Open-Source JSON Form Builder to Create Dynamic Forms Right in Your App. With SurveyJS form UI libraries, you can build and style forms in a fully-integrated drag & drop form builder, render them in your JS app, and store form submission data in any backend, inc. PHP, ASP.NET Core, and Node.js.
-
postman-app-support
Postman is an API platform for building and using APIs. Postman simplifies each step of the API lifecycle and streamlines collaboration so you can create better APIs—faster.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
And finally, you have a secure REST API with JWT Authentication 🥳🥳🎉 Remember to see the GitHub repo to see all code. Github repo link
For this tutorial, I will be using Express.js + Bcrypt + Prisma to create a simple SQLite database to manage the users.
As you can see, this solution worked as expected, but it still has a big concern. The idea of using user email and checking their permission will not prevent malicious people from using an admin email, which can be easy to get with social engineering, and use programs like Insominia or Postman to get the same response as an unprotected endpoint.
We need a unique token that dynamically changes according to the user, where no one could decorate it like an email. And this is where JWT joins the party. 🎉
For this tutorial, I will be using Express.js + Bcrypt + Prisma to create a simple SQLite database to manage the users.