I’m new to Node JS backend, trying to understand high level design flow for authentication.
My project details;
– All users (login credentials) are in MongoDB as a “document”.
– Express JS is the server, communicates with MongoDB via MongoClient for data
I came across passport.js for authenticating with MongoDB but really didn’t understand how the “document” in MongoDB is connected with token and used by Passport for authentication.
Here is my understanding, kindly correct me if I’m wrong.
- The app makes Login POST request
- Express JS retrieves the user credentials from the POST call and validates against the user’s “document” in MongoDB
- If it matches, then creates the token via Passport.js, like below;
Another question; this token got nothing to do with the user’s document/data in MongoDB. Right?