JSON Web Token
A JSON Web Token (JWT) is a JSON object encoded as a long string. We use them to identify users.
When the user logged in, we generate a JWT on the server and return it to the client.
We store this token on the client and send it to the server every time we need to call an API endpoint that is only accessible to authenticated users.
JWT Token includes 3 properties they are Header, payload, Signature.
The payload includes a few public properties about a user. These properties cannot be changed because doing so requires re-generating the digital signature.
To generate JSON Web Tokens in an Express app use jsonwebtoken package.
const jwt = require(‘jsonwebtoken’);
const token = jwt.sign({ _id: user._id}, ‘privateKey’);
//We should not store private keys in the code.
Refer the below link to know more about JWT token