how to register those routes which don’t require a token such as open routes like signin routes, we…

Oh, just the same as you would without providing JWT middleware. Keep in mind you aren’t limited to .all(*) router handler, you can also use .post(*).get(*) as well as you can define the exact path to which the middleware you wish to apply, and simply don’t put it to paths you wouldn’t want to be validated. For instance .get('/secret’, verifyJWT_MW) will keep route GET /secret protected, while POST /secret or GET /public won’t be. Making it public. Hope that answers your question.

Like what you read? Give Patryk Cieszkowski a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.