I’ve been trying to learn authentication with Passport for an embarassingly long time. Most tutorials I’ve come across just don’t click with me, and it’s making me feel pretty stupid. I sort of know I’m not stupid, but I just don’t get these tutorials. It feels like they’re not explaining exactly why certain parts of the code should be used in certain places. As a result I feel like I have to use code without fully understanding it to get something done, and I don’t like doing that at all. Can anybody relate to this, and help me out? I’ve been looking at Passport-JWT mainly. I think I understand the basic theory of a JSON web token - you log in, and the back end will send you a token, which is a little like a name tag or security card. Whenever you want to make a request (say, to the edit page of your profile, or to your message inbox), you send that token in that request, and the back end checks the request before allowing it to proceed.
Thanks in advance!