- Middleware uses the req, res, and next parameters to execute code and return the results or an error - iff next() is called the next controller runs. Sessions is a database that runs while the user stays on site and resets for refresh and navigation off site. Bcrypt.js encodes and decodes data using the Blowfish block cipher with modifications. JWT athenticates users with the Authorization header token.
- Even if hackers get database access they currently can't extract the user's password from the stored password hash (or the Authorization header)
- header, payload, and signature