How to Implement JWT Authentication in React?

Secure user authentication is essential in modern web development for safeguarding sensitive data and delivering a seamless user experience. A well-liked and effective technique for handling authentication in web applications is JSON Web Tokens (JWT).

In order to improve security and user access management, we will look at how to integrate JWT authentication in a React application in this article.

What is JWT Authentication?

A condensed and self-contained method of conveying user information between two parties is through JSON Web Tokens (JWT). There are three components to them: a header, a payload, and a signature. Digital signatures on JWT tokens guarantee their integrity and guard against unwanted tampering.

JWT authentication works as follows:

  1. User login: When a user logs in with valid credentials, the server generates a JWT token containing user information, including user ID, roles, and expiration time.
  2. Token storage: The token is securely stored on the client side, typically in the browser’s local storage or an httpOnly cookie.
  3. Authorization: For each subsequent request to protected routes or APIs, the JWT token is included in the request header. The server validates the token’s signature, ensuring the user’s identity and access permissions.

Setting up the Backend Server

You must set up a backend server to handle user authentication and token creation before adding JWT authentication to a React application. This may be accomplished using widely utilized backend technologies like Node.js, Express, and MongoDB.

  1. Create user registration and login endpoints in your backend API to handle user authentication.
  2. Use a library like `jsonwebtoken` to generate and sign JWT tokens upon successful login.
  3. Ensure that your backend server includes CORS headers to allow communication with the React frontend from different domains.

Implementing JWT Authentication in React

Now that we have the backend server ready, let’s proceed with integrating JWT authentication in our React application.

  1. Install necessary packages:

npm install axios react-router-dom

  1. Create an AuthService.js file in your React application to manage authentication-related functions like login and logout.
// AuthService.js

import axios from 'axios';

const API_URL = 'http://your-backend-api-url';

class AuthService {
  login(username, password) {
    return axios.post(API_URL + '/login', { username, password })
      .then((response) => {
        if (response.data.token) {
          localStorage.setItem('user', JSON.stringify(response.data));
        }
        return response.data;
      });
  }

  logout() {
    localStorage.removeItem('user');
  }

  getCurrentUser() {
    return JSON.parse(localStorage.getItem('user'));
  }
}

export default new AuthService();

Code language: JavaScript (javascript)
  1. Set up a Login component to handle user login in your React application.
// Login.js

import React, { useState } from 'react';
import AuthService from './AuthService';

const Login = () => {
  const [username, setUsername] = useState('');
  const [password, setPassword] = useState('');

  const handleLogin = (e) => {
    e.preventDefault();
    AuthService.login(username, password).then((user) => {
      console.log(user); // You can redirect the user to a protected route here.
    });
  };

  return (
    <div>
      <h2>Login</h2>
      <form onSubmit={handleLogin}>
        <input
          type="text"
          placeholder="Username"
          value={username}
          onChange={(e) => setUsername(e.target.value)}
        />
        <input
          type="password"
          placeholder="Password"
          value={password}
          onChange={(e) => setPassword(e.target.value)}
        />
        <button type="submit">Login</button>
      </form>
    </div>
  );
};

export default Login;
Code language: JavaScript (javascript)
  1. Create a ProtectedRoute component to protect specific routes that require authentication.
// ProtectedRoute.js

import React from 'react';
import { Route, Redirect } from 'react-router-dom';
import AuthService from './AuthService';

const ProtectedRoute = ({ component: Component, ...rest }) => {
  const user = AuthService.getCurrentUser();

  return (
    <Route
      {...rest}
      render={(props) =>
        user ? <Component {...props} /> : <Redirect to="/login" />
      }
    />
  );
};

export default ProtectedRoute;

Code language: JavaScript (javascript)
  1. Set up the React Router in your App.js file.
// App.js

import React from 'react';
import { BrowserRouter as Router, Route, Switch } from 'react-router-dom';
import Login from './Login';
import ProtectedRoute from './ProtectedRoute';

const Home = () => <h2>Welcome to the Home Page!</h2>;

const App = () => {
  return (
    <Router>
      <div>
        <Switch>
          <Route path="/login" component={Login} />
          <ProtectedRoute path="/" component={Home} />
        </Switch>
      </div>
    </Router>
  );
};

export default App;

Code language: JavaScript (javascript)

Conclusion

For managing user authentication and authorization in React apps, JWT authentication is a strong and secure technique. By implementing JWT authentication as described in this blog, you can safeguard sensitive routes and APIs and make sure that only authorized users can access limited resources within your application.

This improves user experience and overall security, strengthening the stability and dependability of your React application.

Posted

in

by

Abdul Rehman (Software Developer)

Tags:

, ,

Recent Post

  • 12 Essential SaaS Metrics to Track Business Growth

    In the dynamic landscape of Software as a Service (SaaS), the ability to leverage data effectively is paramount for long-term success. As SaaS businesses grow, tracking the right SaaS metrics becomes essential for understanding performance, optimizing strategies, and fostering sustainable growth. This comprehensive guide explores 12 essential SaaS metrics that every SaaS business should track […]

  • Bagging vs Boosting: Understanding the Key Differences in Ensemble Learning

    In modern machine learning, achieving accurate predictions is critical for various applications. Two powerful ensemble learning techniques that help enhance model performance are Bagging and Boosting. These methods aim to combine multiple weak learners to build a stronger, more accurate model. However, they differ significantly in their approaches. In this comprehensive guide, we will dive […]

  • What Is Synthetic Data? Benefits, Techniques & Applications in AI & ML

    In today’s data-driven era, information is the cornerstone of technological advancement and business innovation. However, real-world data often presents challenges—such as scarcity, sensitivity, and high costs—especially when it comes to specific or restricted datasets. Synthetic data offers a transformative solution, providing businesses and researchers with a way to generate realistic and usable data without the […]

  • Federated vs Centralized Learning: The Battle for Privacy, Efficiency, and Scalability in AI

    The ever-expanding field of Artificial Intelligence (AI) and Machine Learning (ML) relies heavily on data to train models. Traditionally, this data is centralized, aggregated, and processed in one location. However, with the emergence of privacy concerns, the need for decentralized systems has grown significantly. This is where Federated Learning (FL) steps in as a compelling […]

  • Federated Learning’s Growing Role in Natural Language Processing (NLP)

    Federated learning is gaining traction in one of the most exciting areas: Natural Language Processing (NLP). Predictive text models on your phone and virtual assistants like Google Assistant and Siri constantly learn from how you interact with them. Traditionally, your interactions (i.e., your text messages or voice commands) would need to be sent back to […]

  • What is Knowledge Distillation? Simplifying Complex Models for Faster Inference

    As AI models grow increasingly complex, deploying them in real-time applications becomes challenging due to their computational demands. Knowledge Distillation (KD) offers a solution by transferring knowledge from a large, complex model (the “teacher”) to a smaller, more efficient model (the “student”). This technique allows for significant reductions in model size and computational load without […]

Click to Copy