Monkey Bytes - Gain, entertain, retain

Back end

Authentication

Authentication is done by passing a JWT Token to the token config parameter. A secret to sign the JWT token will be provided to you by your key account manager. For more information on JWT you can see jwt.io. Generating the token must happen server side to not expose the secret in the frontend. The token should include the following payload:


{
  id: String,           // The unique identifier of your user
  username: String,     // A username that is displayed in the game
  exp: Number,          // Expiry of the token. Unix timestamp (seconds).
  iat: Number,          // Issued at. Timestamp of when the token was generated.
}

Node.js Express example of generating token.


const jwt = require('jsonwebtoken')
const moment = require('moment')
const config = require('../config')
const db = require('../services/database-connection')

module.exports = async function getToken(req, res, next) {
  const user = await db.query(`SELECT * FROM users WHERE id = ${req.user.id}`)
  const payload = {
    id: user.id,
    username: user.username,
    exp: +moment().add(1, 'hour').format('X'), // Unix timestamp
    iat: +moment().format('X'), // Unix timestamp
  }
Previous
Configuration parameters
Next
About callbacks