Integrating JWT Authentication in React and Node.js (MERN Stack) | asadmukhtar.info
Step-by-Step Guide to Setting Up Authentication in Laravel 12 with Breeze   |   Manual Authentication in Laravel 12: Step-by-Step Guide   |   How to Build a REST API in Laravel 12 with Sanctum   |   Laravel 12 CRUD Application with Image Upload   |   Laravel 12 Multi-Auth System: Admin & User Login   |   How to Integrate Stripe Payment Gateway in Laravel 12   |   Building a Role-Based Access Control (RBAC) in Laravel 12   |   How to Use Laravel 12 Queues and Jobs for Background Tasks   |   Laravel 12 Livewire CRUD Example with Validation   |   Email Verification and Password Reset in Laravel 12   |   How to Use Laravel 12 API with Vue.js 3   |   Laravel 12 AJAX CRUD with jQuery and Bootstrap   |   Laravel 12 Multi-Language Website Setup   |   React Best Practices for 2025: Performance, SEO, and Scalability   |   How to Build a Full-Stack MERN App: A Step-by-Step Guide   |   React State Management: Redux vs. Context API vs. Recoil   |   Server-Side Rendering (SSR) in React with Next.js for SEO   |   How to Optimize React Apps for Faster Load Times   |   Building a REST API with Node.js and Express for a React App   |   Integrating JWT Authentication in React and Node.js (MERN Stack)   |   Real-time Chat App with React, Node.js, and Socket.io   |   How to Deploy a MERN Stack Application on AWS or Vercel   |   Connecting React Frontend to a Node.js Backend with Axios   |   Laravel Implement Flash Messages Example   |   How to integrate Angular 19 with Node.js and Express for full-stack development   |   Best practices for connecting Angular 19 frontend with Laravel API   |   Step-by-step guide to upgrading an existing project to Angular 19   |   How to implement authentication in Angular 19 using JWT and Firebase   |   Optimizing server-side rendering in Angular 19 with route-level render modes   |   Using Angular 19 signals for state management in large applications   |   How to create standalone components in Angular 19 for modular architecture   |   Building a CRUD application in Angular 19 with MongoDB and Express   |   Implementing lazy loading in Angular 19 to improve performance   |   How to integrate Angular 19 with GraphQL for efficient data fetching   |   Vue 3 Composition API vs Options API: A Comprehensive Comparison   |   Fetching and Displaying Data from APIs in Vue.js with Axios   |   Building a Todo App in Vue.js with Local Storage Integration   |   Handling Forms and Validation in Vue.js Using VeeValidate   |   State Management in Vue.js Applications Using Vuex   |   10 Most Important Tasks Every MERN Stack Developer Should Master   |   How to Build a Full-Stack CRUD App with MERN Stack   |   Best Practices for Authentication & Authorization in MERN Stack   |   1. MEAN Stack vs. MERN Stack: Which One Should You Choose in 2025   |   Top 10 Node.js Best Practices for Scalable and Secure Applications   |   How to Build a REST API with Laravel and Node.js (Step-by-Step Guide)   |   Mastering Angular and Express.js for Full-Stack Web Development   |   Top 10 Daily Tasks Every Frontend Developer Should Practice   |   Essential Backend Development Tasks to Boost Your Coding Skills   |   Real-World Mini Projects for Practicing React.js Daily   |   Laravel Developer Task List: Beginner to Advanced Challenges   |   How to Assign Effective Tasks to Your Intern Developers   |   10 Must-Try Tasks to Master JavaScript Fundamentals   |   Practical CSS Challenges That Improve Your UI Design Skills   |   Top Tasks to Learn API Integration in React and Angular   |   Best Task Ideas for a 30-Day Web Development Challenge   |   Top Git and GitHub Tasks Every Developer Should Know   |   30-Day Task Plan for Web Development Interns   |   Weekly Task Schedule for Junior Developers in a Startup   |   How to Track Progress with Development Tasks for Interns   |   What Tasks Should You Give to Interns in a MERN Stack Project   |   Build These 5 Projects to Master React Routing   |   Task-Based Learning: Become a Full-Stack Developer in 90 Days   |   Daily Coding Tasks That Will Sharpen Your Logical Thinking   |   Top 7 Backend Task Ideas to Practice With Node.js and MongoDB   |  

Integrating JWT Authentication in React and Node.js (MERN Stack)

In modern web applications, user authentication is a critical feature. One of the most secure ways to implement authentication is by using JSON Web Tokens (JWT). JWT allows for secure communication between a client and server, ensuring that only authorized users can access protected resources.

In this tutorial, we'll walk through the process of integrating JWT authentication in a MERN stack application. We'll use Node.js and Express for the backend and React for the frontend. This guide will cover the complete setup, from creating a JWT authentication system in Node.js to connecting it with a React application.

By the end of this tutorial, you'll have a secure authentication system in place that uses JWT for token-based authentication.

1. Setting Up the Backend with Node.js, Express, and JWT

What is JWT?

JWT (JSON Web Token) is an open standard for securely transmitting information between parties as a JSON object. It is commonly used for authentication and information exchange in web applications.

Steps to Set Up the Backend:

  1. Create a New Node.js Project: If you don't already have a Node.js project, initialize a new one

mkdir jwt-auth-backend
cd jwt-auth-backend
npm init -y

Install Required Packages: Install the necessary packages: express, jsonwebtoken, and bcryptjs (for hashing passwords):

npm install express jsonwebtoken bcryptjs dotenv

Create the Basic Server: Set up a basic Express server in a file called server.js:

const express = require('express');
const jwt = require('jsonwebtoken');
const bcrypt = require('bcryptjs');
const dotenv = require('dotenv');
dotenv.config();

const app = express();
const port = 5000;

app.use(express.json());

app.listen(port, () => {
  console.log(`Server is running on http://localhost:${port}`);
});

Set Up JWT Secret in .env: Create a .env file in the root of your project and add a secret key for JWT:

JWT_SECRET=your_jwt_secret_key

2. Implementing User Registration and Login

User Registration will involve hashing the password before saving it to the database, while User Login will involve comparing the entered password with the stored hash and issuing a JWT upon successful authentication.

Steps to Implement Registration and Login:

  1. Create a User Model: For simplicity, we'll use an in-memory array to simulate the database:

let users = [];

// User Registration Route
app.post('/api/register', async (req, res) => {
  const { username, password } = req.body;

  // Check if user already exists
  const userExists = users.find(user => user.username === username);
  if (userExists) {
    return res.status(400).json({ message: 'User already exists' });
  }

  // Hash the password
  const hashedPassword = await bcrypt.hash(password, 10);

  // Create and save the new user
  const newUser = { username, password: hashedPassword };
  users.push(newUser);
  res.status(201).json({ message: 'User registered successfully' });
});

// User Login Route
app.post('/api/login', async (req, res) => {
  const { username, password } = req.body;

  const user = users.find(user => user.username === username);
  if (!user) {
    return res.status(404).json({ message: 'User not found' });
  }

  // Check if password is correct
  const isMatch = await bcrypt.compare(password, user.password);
  if (!isMatch) {
    return res.status(401).json({ message: 'Invalid credentials' });
  }

  // Generate JWT token
  const token = jwt.sign({ username: user.username }, process.env.JWT_SECRET, { expiresIn: '1h' });

  res.json({ token });
});

Protect Routes with JWT Middleware: You can protect any route by verifying the JWT in the request header:

// Middleware to verify JWT token
const authenticateToken = (req, res, next) => {
  const token = req.header('Authorization')?.split(' ')[1];
  if (!token) {
    return res.status(403).json({ message: 'Access denied' });
  }

  jwt.verify(token, process.env.JWT_SECRET, (err, user) => {
    if (err) {
      return res.status(403).json({ message: 'Invalid token' });
    }
    req.user = user;
    next();
  });
};

// Protected Route
app.get('/api/protected', authenticateToken, (req, res) => {
  res.json({ message: 'Protected content', user: req.user });
});

3. Setting Up the React Frontend

Now, let’s set up the React frontend to interact with the backend for user registration, login, and accessing protected routes.

Steps to Set Up React:

  1. Create a React Application: Create a new React app using Create React App:

npx create-react-app jwt-auth-frontend
cd jwt-auth-frontend

Install Axios: Install Axios for making HTTP requests:

npm install axios

Set Up User Registration and Login Forms: Create Register.js and Login.js components to handle user registration and login:

Register.js:

import React, { useState } from 'react';
import axios from 'axios';

const Register = () => {
  const [username, setUsername] = useState('');
  const [password, setPassword] = useState('');

  const handleSubmit = async (e) => {
    e.preventDefault();
    try {
      const response = await axios.post('http://localhost:5000/api/register', { username, password });
      alert(response.data.message);
    } catch (error) {
      alert(error.response.data.message);
    }
  };

  return (
    <form onSubmit={handleSubmit}>
      <input type="text" value={username} onChange={(e) => setUsername(e.target.value)} placeholder="Username" required />
      <input type="password" value={password} onChange={(e) => setPassword(e.target.value)} placeholder="Password" required />
      <button type="submit">Register</button>
    </form>
  );
};

export default Register;

Access Protected Routes in React: In your App.js, after a successful login, you can store the JWT token in local storage and use it for authenticated requests.

import React, { useState } from 'react';
import Register from './Register';
import Login from './Login';

const App = () => {
  const [token, setToken] = useState(localStorage.getItem('token'));

  return (
    <div>
      {!token ? (
        <>
          <Register />
          <Login setToken={setToken} />
        </>
      ) : (
        <div>
          <h2>Welcome!</h2>
          <p>You are logged in</p>
        </div>
      )}
    </div>
  );
};

export default App;

 

4. Testing the Full App

  1. Test the Backend: Use Postman or Insomnia to test the registration, login, and protected routes.

  2. Test the Frontend: Ensure that the React frontend allows users to register, log in, and access protected routes using the JWT token.

Conclusion

Integrating JWT authentication in a React and Node.js (MERN stack) application is an essential feature for securing user data and resources. In this tutorial, you learned how to set up a JWT-based authentication system, from user registration and login to creating protected routes on the backend.

By following this guide, you can ensure that your application is secure, scalable, and ready for production with JWT-based authentication.

Related Tutorials

How to Build a Full-Stack MERN App: A Step-by-Step Guide
Building a REST API with Node.js and Express for a React App
Integrating JWT Authentication in React and Node.js (MERN Stack)
Real-time Chat App with React, Node.js, and Socket.io
How to Deploy a MERN Stack Application on AWS or Vercel
Connecting React Frontend to a Node.js Backend with Axios
10 Must-Try Tasks to Master JavaScript Fundamentals
@asadmukhtar
Recent Courses HTML and CSS Development Course Asad Mukhtar GitHub Series by Asad Mukhtar Bootstrap 4 Complete Course By Asad Mukhtar Python Flask Course by Asad Mukhtar Vue,js 3 Crash Course Asad Mukhtar
Tutorials Web Development GitHub CSS Backend Development MERN Stack
Recent Notes Programming in Scala The Pragmatic Programmer Agile Software Development, Principles, Patterns, and Practices Robert C. Martin First Edition Node.js Design Patterns The Rust Programming Language
Recent Blogs Free Download Jannah - Newspaper Magazine News BuddyPress WordPress Theme Free Downlods KMSpico 10.1.8 FINAL + Portable (Office and Windo… Free Downlods CapCut - Video Editor v11.8.0 b11800300 Premium Free Downlods TechSmith Camtasia Studio 9.0.4 Build 1948 Free DownlodsAdobe Premiere Pro CC 2015 v9.0