How to setup JWT_KEY ?

[phoenixvk]

Hello sir, Will you please tell me how to setup JWT_KEY? and elaborate meaning the meaning of

Create a JWT secret key (e.g. using openssl rand -base64 32) and either: Setup the env variable JWT_KEY Add it to the configuration file at config/development in app.jwtKey.

i.e. 6th step in guide.

I've setup the JWT but im getting error like JWT_KEY is malformed. thank you.

[andrecrt]

Hi,

The JWT secret is used to sign/validate the tokens and, thus, should be a strong and hopefully hard to crack/guess. You can set it to whatever you want, I just gave the suggestion of using the "openssl" CLI tool to generate a random string.

Did you try setting the value of your JWT to other strings and see how it went? Are you setting a string value?

[phoenixvk]

Created JWT using crypto. And testing backend api its simply increadible. Thank you so much for sharing this really very valuable code :1st_place_medal:

[phoenixvk]

This is not issue I want to add OTP registration feature. How should I setup OTP verification in atlas I just want overview. As you have designed this product.

[andrecrt]

Hi,

One-time password? Like using SMS tokens?

[phoenixvk]

Yes it's something like that

On 14-Jan-2017 4:13 PM, "André Tavares" notifications@github.com wrote:

Hi,

One-time password? Like using SMS tokens?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/yoonic/atlas/issues/10#issuecomment-272616240, or mute the thread https://github.com/notifications/unsubscribe-auth/ANaQ0TA4RnNBDoabkFVElqI3qHAl26QPks5rSKbZgaJpZM4LY2M5 .

[phoenixvk]

I just want overview, I will implement it.

[andrecrt]

I would perhaps update the Login API (POST /api/v1/login) so that, when OTP is enabled:

1) (Client) Send valid credentials 2) (Server) Creates OTP and sends it to client 3) (Server) Returns HTTP 202 Accepted (processing has not been completed) 4) (Client) Receives OTP 5) (Client) Send valid credentials + OTP 6) (Server) Returns valid session token

[phoenixvk]

thank you so much :+1:

[phoenixvk]

Done. Thank you for OTP thing! I want to publish this app to production. How should I do it? I ve customised nicistore too. I haven't published node app yet. What is the process for that.

[andrecrt]

My advice for deployment is to use Docker and I have provided a Dockerfile for both apps (nicistore and atlas).

[phoenixvk]

I have implemented OTP as you advised me to. Now I want to integrate Facebook and Google login how should I do it? Any idea?

[phoenixvk]

I haven't hosted a nodejs application to server. I got a vps server. Will anybody tell how to host it to production using docker file any tutorial available?

[andrecrt]

1) You can either try and use some existing library that integrates with 3rd-party authentication systems or you'll have to read the different flows for each one and integrate them with Atlas.

2) If you have no prior experience with hosting and docker, perhaps the easy route would be to install the app on the host system, using something like PM2 http://pm2.keymetrics.io/

[phoenixvk]

Thank you sir. It really helps.

[mateomorrison]

@andreftavares When sudo npm run dev the PWT Key it throws: SyntaxError: /home/.../atlas/config/development.js: Unexpected token (7:72)

Can't even get the app started. @phoenixvk did you encountered the same problem?

[andrecrt]

What's the value you put there?

[mateomorrison]

Got it fixed. You didn't specify to replace proccess.env with the JWT key but with " ".