This repository is the source code for the JWT server to server communication in Node.js tutorial series on Youtube on YouTube provided by productioncoder.com.
For updates, please follow @_jgoebel on Twitter.
Install the dependencies by running
npm install
To initiate an HMAC server to server communication, you need to spin up two server so they can talk to each other
We recommend opening two terminal windows for this. In the first terminal run
npm run serverA
In the second terminal window run:
npm run serverB
You now have two servers running on port 3000 and on port 8080.
Make sure that you create two RSA keypairs and paste it in the root directory with the following file names
serverA-private.key
serverA-public.key
serverB-private.key
serverB-public.key
If you do not want to generate an RSA keypair with openssl via the command line, you can use an online service like jsencrypt if you just want to try out the project locally.
To let one server send a message to the other server, you can hit the following unprotected REST endpoint with curl or with Postman:
POST localhost:8080/produce
Note that both servers support the POST /produce endpoint. Therfore, you can also hit
POST localhost:3000/produce
Both servers will not print log messages that indicate that they just exchanged information with JWT tokens in the header.
To make this communcation truly secure, we would need to make use of a secure transport protocol such as https.
Since this is a tutorial and we did not want to complicate it further by using self-signed certificates, we just use http for the sake of simplicity.
We do this, so the tutorial is easier to understand. In a _production scenario you need to use a secure protocol such as https / TLS to ensure a secure communication.