💻 React TypeScript JWT Authentication Setup
To integrate JWT (JSON Web Tokens) authentication in a React TypeScript app, follow these key steps. This guide shows how to implement secure login, store JWT tokens, and protect routes that require authentication.
🛠 Step-by-Step Guide
- Set Up Your React TypeScript Project
- Start by creating a new React TypeScript project using Create React App or your preferred setup.
bash
npx create-react-app my-app --template typescript
- Install Dependencies
- You'll need packages like axios for HTTP requests and jsonwebtoken to handle JWTs.
bash
npm install axios jsonwebtoken
- Create API Service for Authentication
- Create a service to handle API requests (login, logout, etc.) and manage JWT storage.
- Example (
AuthService.ts):
typescript
// AuthService.ts
import axios from 'axios';
interface LoginResponse {
token: string;
}
export const AuthService = {
login: async (username: string, password: string): Promise<string | null> => {
try {
const response = await axios.post<LoginResponse>('/api/login', { username, password });
const { token } = response.data;
localStorage.setItem('token', token); // Store token securely
return token;
} catch (error) {
console.error('Login failed:', error);
return null;
}
},
logout: (): void => {
localStorage.removeItem('token');
},
getToken: (): string | null => {
return localStorage.getItem('token');
},
};
- Create a Protected Route Component
- To secure routes, create a ProtectedRoute component that checks if the user has a valid JWT token.
- Example (
ProtectedRoute.tsx):
typescript
// ProtectedRoute.tsx
import React from 'react';
import { Route, Redirect, RouteProps } from 'react-router-dom';
import { AuthService } from './AuthService';
interface ProtectedRouteProps extends RouteProps {
component: React.ComponentType<any>;
}
const ProtectedRoute: React.FC<ProtectedRouteProps> = ({ component: Component, ...rest }) => {
const token = AuthService.getToken();
return (
<Route
{...rest}
render={(props) =>
token ? <Component {...props} /> : <Redirect to="/login" />
}
/>
);
};
export default ProtectedRoute;
- Usage in App
- Use
ProtectedRoute to restrict access to specific pages in your app.
typescript
import React from 'react';
import { BrowserRouter as Router, Route, Switch } from 'react-router-dom';
import ProtectedRoute from './ProtectedRoute';
import { AuthService } from './AuthService';
import HomePage from './HomePage';
import LoginPage from './LoginPage';
const App: React.FC = () => {
return (
<Router>
<Switch>
<Route path="/login" component={LoginPage} />
<ProtectedRoute path="/home" component={HomePage} />
<Redirect from="/" to="/home" />
</Switch>
</Router>
);
};
export default App;
🔐 Key Points to Consider
- Token Storage: Always store the JWT securely in
localStorage or sessionStorage. Avoid storing sensitive data in places like cookies, as they can be vulnerable. - Token Expiry: Handle token expiration. You may need a refresh token mechanism or prompt the user to log in again if the token has expired.
- Error Handling: Implement proper error handling and feedback for login failures and token issues (e.g., expired or invalid token).
- Server-Side Validation: Ensure your backend properly validates the JWT and implements security measures (e.g., checking token signature and expiration).
🧩 Summary
Incorporating JWT authentication in a React TypeScript application allows you to securely manage user sessions, protect routes, and implement login/logout functionality. By using localStorage to store the JWT and creating a ProtectedRoute component, you can easily manage authentication in your React app.
🔒 Pro Tip: Always ensure your backend implements proper JWT validation to prevent vulnerabilities, like token tampering.