We store a JSON Web Token within a Cookie to authenticate users.
We check the validity of a JWT by comparing it with a with a secret key stored on the backend within a Node environment variable called 'jwt_secret_key'.
JWT are used to authenticate requests to relevant Backend api's and restrict access to selected pages on the Frontend.
More information about configuring our secret key, please see our Backend installation documentation. Alternatively, our see our custom JWT middleware 'Backend/middleware/auth.js'
To learn more, please visit: https://jwt.io/