Auth controller

The auth controller functions in server/controllers/auth.controller.js will not only handle requests to the sign-in and sign-out routes, but also provide JWT and express-jwt functionality to enable authentication and authorization for protected user API endpoints.

The auth.controller.js file will have the following structure:

import User from '../models/user.model'
import jwt from 'jsonwebtoken'
import expressJwt from 'express-jwt'
import config from './../../config/config'

const signin = (req, res) => { … }
const signout = (req, res) => { … }
const requireSignin = … 
const hasAuthorization = (req, res) => { … }

export default { signin, signout, requireSignin, hasAuthorization }

The four controller functions are elaborated on in the following to show how the backend implements user auth using JSON Web Tokens.