2019-07-30
1783
#node#react
Praveen Kumar
4049
Jul 30, 2019 ⋅ 6 min read

Creating a full-stack MERN app using JWT authentication: Part 1

Praveen Kumar Blogger, MVP, Web Developer, Computer Software and UX Architect.

Recent posts:

How to use CSS line-clamp to trim lines of text

Master the CSS line-clamp property. Learn how to truncate text lines, ensure cross-browser compatibility, and avoid hidden UX pitfalls when designing modern web layouts.

Daniel Schwarz
Oct 30, 2025 ⋅ 3 min read
7 react Hooks you need to know

7 custom React Hooks every developer should be using

Discover seven custom React Hooks that will simplify your web development process and make you a faster, better, more efficient developer.

Murat Yüksel
Oct 30, 2025 ⋅ 8 min read
Understanding Promise.all in JavaScript

Is Promise.all still relevant in 2025?

In 2025, async JavaScript looks very different. With tools like Promise.any, Promise.allSettled, and Array.fromAsync, many developers wonder if Promise.all is still worth it. The short answer is yes — but only if you know when and why to use it.

Leonardo Maldonado
Oct 29, 2025 ⋅ 7 min read
the replay october 29

The Replay (10/29/25): Tiny AI agents, Next.js 16, and more

Discover what’s new in The Replay, LogRocket’s newsletter for dev and engineering leaders, in the October 29th issue.

Matt MacCormack
Oct 29, 2025 ⋅ 34 sec read
View all posts

3 Replies to "Creating a full-stack MERN app using JWT authentication: Part 1"

  1. OMFG!!! Do *NOT* put passwords or any secrets in your claims… the JWT itself is *NOT* encrypted/secure, the payload is only base64 encoded, the signature only confirms authority.

    JSON.parse(atob(YOUR_TOKEN.split(‘.’)[1]))

    This is a *REALLY* bad example.

      1. The problem is, even putting it in the example is really bad form and should be updated… should include stuff like created, expires, and the user’s id. Having the password in the example could lead to false confidence and others following by this example.

Leave a Reply

Hey there, want to help make our blog better?

Join LogRocket’s Content Advisory Board. You’ll help inform the type of content we create and get access to exclusive meetups, social accreditation, and swag.

Sign up now