Skip to content

New lesson: JSON Web Tokens #29711

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 17 commits into
base: main
Choose a base branch
from
Open

New lesson: JSON Web Tokens #29711

wants to merge 17 commits into from

Conversation

MaoShizhong
Copy link
Contributor

Because

As part of the Node revamp's 2nd milestone

This PR

  • Adds a new lesson for stateless auth with JWTs

Issue

Closes #29519

Additional Information

Pull Request Requirements

  • I have thoroughly read and understand The Odin Project curriculum contributing guide
  • The title of this PR follows the location of change: brief description of change format, e.g. Intro to HTML and CSS lesson: Fix link text
  • The Because section summarizes the reason for this PR
  • The This PR section has a bullet point list describing the changes in this PR
  • If this PR addresses an open issue, it is linked in the Issue section
  • If any lesson files are included in this PR, they have been previewed with the Markdown preview tool to ensure it is formatted correctly
  • If any lesson files are included in this PR, they follow the Layout Style Guide

MaoShizhong added 10 commits May 10, 2025 13:17
@MaoShizhong
Write introduction and lesson overview
3fcd2f0
@MaoShizhong
Write section on JWT structure
4a86ca9
@MaoShizhong
Start stateless auth intro
fbff69d
@MaoShizhong
Set up minimal app example code
617aaf5
@MaoShizhong
Change tutorial setup to example snippet
1aed4b3 
No need for a full handholdy tutorial. Just highlight the differences
between stateful/stateless and session/JWT
@MaoShizhong
Write example of JWT verification middleware
2f9008f
@MaoShizhong
Use Express method to get authorization header
56d1db8 
req.headers is a Node built-in getter as part of the Message interface
(which extends Request). Not as intuitive to find docs for since people
will likely look at the Request interface first.

It'll be easier for learners to find an Express method in Express docs - consistent with
other Express methods used in this and other lessons.
@MaoShizhong
Adds brief caveats section
51f8010 
More detail left for a future Sessions vs JWTs lesson
@MaoShizhong
Complete lesson assignment/knowledge check sections
8d6c3dd
@MaoShizhong
Fix grammar issues
63f87f0
@github-actions github-actions bot added the Content: NodeJS Involves the NodeJS course label May 17, 2025
Zadag
Zadag reviewed May 18, 2025
View reviewed changes
Copy link
Contributor

@Zadag Zadag left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Various grammar and tonal improvements.

@MaoShizhong @Zadag
Streamline wording flow
6f7f8fa 
Co-authored-by: Kevin Browne <[email protected]>
@01zulfi 01zulfi added the Project Node Revamp Issues/PRs related to the Node Revamp project label May 24, 2025
01zulfi
01zulfi requested changes May 24, 2025
View reviewed changes
Copy link
Member

@01zulfi 01zulfi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking real good, just a few comments below

@MaoShizhong
Remove "Caveats" section
8f1d4d7 
Content to be covered in a later planned lesson.
@MaoShizhong
Query DB for user details
10a0cd0 
Closer parallel with sessions example, only omitting DB query for session
@MaoShizhong
Add brief mention of browser storage options for JWTs
b546d37
@MaoShizhong MaoShizhong requested a review from 01zulfi May 31, 2025 00:33
01zulfi
01zulfi approved these changes May 31, 2025
View reviewed changes
Copy link
Member

@01zulfi 01zulfi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔥

@MaoShizhong MaoShizhong requested a review from 01zulfi June 28, 2025 22:23
@MaoShizhong
Copy link
Contributor Author

@01zulfi Just realised with the caveats section gone, there's nothing about logging out with stateless auth. Added a little bit about logging out but leaving the caveat details for the comparison lesson. This little bit should be sufficient and allow the learner to figure out what code they might need based on the mechanism.

01zulfi
01zulfi approved these changes Jun 29, 2025
View reviewed changes
Copy link
Member

@01zulfi 01zulfi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice catch

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Zadag Zadag Zadag left review comments

@01zulfi 01zulfi 01zulfi approved these changes

Assignees
No one assigned
Labels
Content: NodeJS Involves the NodeJS course Project Node Revamp Issues/PRs related to the Node Revamp project
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

New Lesson: JSON Web Tokens
3 participants
@MaoShizhong @Zadag @01zulfi