Hello everyone. I am trying to implement API authentication in my <i>nodejs, reactjs</i> application using passport.js github authentication and need to clarify some confusion.<p>First of all, I want to authenticate my API endpoints via JWT tokens ( and not by session cookies ).
So, I disabled the default `session: false`.<p>I created all routes `/auth/github` and `/auth/github/callback` and attached them with my react frontend.<p>So, it works. I am prompted with github sign-in. And github gives me my user information, access token. refresh token etc.<p>Now my questions are<p>what should I have to do next?<p>What informations do I need to store in my database?<p>Do the `accesstoken` provided by github enough for me to secure the API routes or Do I have to generate *JWT* token (with the payload provided by github) and then follow the common JWT authentication procedure?<p>Thank you for your time to listen to my question. I am confused about passport.js and integration between frontend and backend.