javascriptnode.jsexpressjwtmultipage

What happens if I generate JWT Token upon login compared to upon register?


I'm working on a multi-page app with ExpressJS. However, I came across at a dilemma, which is what happens if I generate the JWT token upon login compared to register and what are the differences if any.


Solution

  • The JWT generation is required to be used later to identify the user in subsequent requests without re-login (provide user credentials).

    On registration, you can save user data then generate token in the same request. If you only used login for that, that means after registration user needs to login and provide credentials to access protected endpoints.

    I can't see any difference between both in terms of security, so it's dependent on project requirements/flow.