Allow CORS in Node.js and Express
In this quick lesson, we see how to add the CORS middleware so that our Express server can handle requests from different origins.
Your JWT implementation completely changed from the last lesson.
I agree with the above, it'd be better if each lesson built on the implementation from the previous lesson. Two downsides to the way you're doing it; a) the time it takes to go pull each lesson is time I could spend watching the lesson, and b) forces me to speculate what all this new code does?
Yes, I could quickly google e.g. what express-jwt is and I could even guess prior to but why not just use it in the previous lesson to begin with? Just makes things confusing and inconsistent.
To enable CORS middleware that's not app.use(bodyParser.json()); but app.use(cors());
Should we always user cors()? Or should we allow specific origins? Is there a good practice for production cases?