Retrospect: JWT Authentication using Node.js Workshop in Amrita Vishwa Vidyapeetham, Chennai
Nov 14, 2023
Couple of months back, I was invited to give a talk to the Cybersecurity students of Amrita Vishwa Vidyapeetham, Chennai by my professor Dr. S. Udhayakumar. When I was looking for topics, I zeroed down to JSON Web Tokens using Node.js as I have implemented it multiple times and having quite a good knowledge on it.
Since I don’t believe in having a bunch of slides, going through it, and calling it a day, I always design my talks in a way it’s all hands on live coding. Students should be able to see it live, including the mistakes we make and how we solve it.
I was given the whole day. It was a workshop environment, students brought their laptops and had the necessary softwares installed. Some of the students don’t know Node.js, so I had to give an intro to Node.js and then move up to setting up a web server and then finally to JWT. Following was my agenda.
- Introduction to Node.js (9:30 am)
- Event driven nature
- Simple HTTP Server
- Discuss about the HTTP Protocol (10:15 am)
- Structure of Request
- Structure of Response
- Explain with sample API and Postman (Hands-on)
- Break (11:00 am)
- Creating a simple server using Express.js (11:15 am)
- HTML Response
- JSON Response for APIs
- How to Secure the API? (12:00 pm)
- Introduction to JWT
- Structure of a JWT Token
- Explain the flow with an analogy
- Lunch Break (12:30 pm)
- Implement JWT in backend (1:30 pm)
- Test with Postman
- Optional (If time permits)
- Working with MongoDB
- Client side Authentication Stuff
This is not the first time, I had conducted a React workshop on the same university last year. At that time, I had developed a leaderboard application to keep the students engaged. I used to reward points to the students to who answers questions in the middle of the session and give a special appreciation to the top 3 at the end of the day. A little bit of gamification will always increase the attention students give to the content. I used the same application this year as well. I wanted to improve the application but never found the time to do it. You can find it on https://github.com/fareez-ahamed/node-leaderboard.
It is always an absolute joy to interact with the students. The moment we try to break down the concepts to make the students understand, we get to rediscover and see the same concept in different perspective which in turn makes us learn more about the same. The best feedback I received was that a student coming to me after the session and said “I thought it will be boring, but you made it very interesting and we really learnt something”.