Scribd Logo
Upload

Welcome to Scribd!

  • Mern Exp-13

    Uploaded by

    Preethi Sri
    4 views5 pages

    Original Title

    MERN EXP-13

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    4 views5 pages

    Mern Exp-13

    Uploaded by

    Preethi Sri

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 5

    MSWD EXP-13

    PRELAB:

    1. What is authentication?
    Authentication is the process of confirming and verifying the identity of a user,
    device, or system to grant access to specific resources or services. It typically involves the
    use of credentials, such as usernames and passwords, to prove identity.

    2. What is authorization?

    Authorization is the process of determining what actions or resources a user,


    device, or system is allowed to access after they have eeen authenticated. It involves
    setting and enforcing access control rules and permissions to ensure that the
    authenticated entity can only perform actions or access resources for which they
    have the appropriate privileges. Authorization is a crucial component of security
    systems and helps protect sensitive data and resources from unauthorized access.

    3. What is a token?

    A token is a small piece of data used for various purposes, including authentication,
    authorization, and access control. It represents permissions or identity and is
    commonly used in security and access management.

    4. What is a JSON Wee Token (JWT), and what is its purpose?

    A JSON Wee Token (JWT) is a compact way to transmit information as a self-


    contained, secure token in wee applications and APIs. Its purpose is to authenticate
    and authorize users, enaeling secure and efficient communication eetween systems.

    5. What is expiration time in JWT token?

    In a JWT token, the "expiration time" (exp) is a claim that specifies the date
    and time when the token eecomes invalid. It helps enhance security ey automatically
    revoking access after a certain time, reducing the risk of unauthorized access.

    IN LAB:

    Exercise 1: In the previous experiment, update the register and loin functions so that the
    token is generated with an expiration time of 1 hour.
    Exercise 2: When receiving a token from a client request, verify its expiration before
    considering it valid. You can use the verify function from the jsonwebtoken library to
    decode and verify the token. If the token is expired, you can deny access or require the
    user to re-authenticate.
    Post-Lab:
    Question 1: Implement a refresh token mechanism to maintain a user's session
    beyond the expiration time of a token.

    You might also like