Tour the Application

Sign Up for MongoDB Atlas

Clone the Repo and Install Dependencies

Run the React App and Express API

Checkout the Start Branch

Anatomy of a JSON Web Token

Sign a JSON Web Token

JSON Web Token Dos and Don'ts

View the Signup and Login Endpoints

Complete the User Signup Form

Complete the User Login Form

Set Auth State After Login

Use Auth State in UI Elements

Persist Auth State on Page Refresh

Check if the User is Currently Authenticated

Navigate Conditionally Based on Auth State

Add Logout Functionality

Check the User's Role

Conditionally Display Sidebar Items

Guard Client Side Routes Based on Auth State

Guard Client Side Routes Based on Role

Add a JWT to an Axios Request

Add an HTTP Interceptor to Axios

Add a JWT Verification Middleware

Attach a User to the Request Object

Limit Access to Admin Users

Get the User ID from Requests

Use Lazy Loading to Limit Access to Code

Maintain an Allowed Origin List for Tokens

Sanitize Content when Setting InnerHTML

Carry Out a Cross-Site Scripting Attack

Steal a JSON Web Token

Sanitize a Cross-Site Scripting Attack

How Cookies Work

Add a Proxy to the API

Set a Cookie on Login and Signup

Stop Storing JWT in Local Storage

Verify JWT from Cookie

Add a Cross-Site Request Forgery Token