Jwt auth libraries have one issue. Jwt tokens are base64 encoded and easily decoded so user information like user id, expiration date can be exposed to others.
In order to prevent this, Node.js provides a Npm package called crypto
. The token generated by crypto
package is not decoded.
https://nodejs.org/api/crypto.html