Authentication of API's using Node.js

0

I'm developing an API and a question about user authentication has come up.

I currently use the Json Web Token (JWT) to perform authentication. In summary, when the user logs in to the tool, it receives a token generated by JWT and this token is passed by header to all endpoints that need authentication.

My question is: can I trust this type of authentication? What are the possible security issues I may face?

In addition, I'm passing the token via header by POST, is this the best method?

Thank you!

    
asked by anonymous 28.11.2018 / 14:04

0 answers