beginner

What does JWT stand for and what is its main purpose?

JWT stands for JSON Web Token. It is used to securely transmit information between parties as a JSON object, often for authentication.

Click to reveal answer

beginner

Which npm package is commonly used in Express to create and verify JWT tokens?

The 'jsonwebtoken' package is commonly used to create and verify JWT tokens in Express applications.

Click to reveal answer

beginner

What are the three parts of a JWT token?

A JWT token has three parts separated by dots: Header, Payload, and Signature.

Click to reveal answer

intermediate

In Express, how do you create a JWT token with a payload containing a user ID and a secret key?

Use jsonwebtoken's sign method: jwt.sign({ userId: user.id }, 'your-secret-key', { expiresIn: '1h' })

Click to reveal answer

beginner

Why should the secret key used to sign JWT tokens be kept safe?

Because anyone with the secret key can create valid tokens or decode sensitive information, risking security.

Click to reveal answer

Which method from the 'jsonwebtoken' package creates a JWT token?

Ajwt.create()

Bjwt.verify()

Cjwt.sign()

Djwt.decode()

What is the purpose of the 'expiresIn' option when creating a JWT token?

ATo encrypt the token

BTo verify the token

CTo add user roles

DTo set how long the token is valid

What does the payload of a JWT token usually contain?

AThe secret key

BUser data or claims

CThe token signature

DThe server IP address

Which part of the JWT token ensures it has not been tampered with?

ASignature

BHeader

CPayload

DIssuer

In Express, where should you store the secret key used for JWT signing?

AIn environment variables

BIn the client-side code

CIn the public folder

DHardcoded in the source code

Explain how to create a JWT token in an Express app including the key steps and important options.

Describe why JWT tokens are useful for authentication and what security practices should be followed.