JWT Core Knowledge Deep Knowledge : Use with technology: for comprehensive documentation. Token Structure Node.js Implementation Middleware When NOT to Use This Skill - Session-based authentication - Use traditional server-side sessions with cookies - OAuth 2.0 flows - Use skill for third-party authentication - NextAuth.js - Use skill for Next.js authentication - Simple internal APIs - API keys might be sufficient Best Practices | Do | Don't | |----|----| | Use HTTPS | Store in localStorage (use httpOnly cookies) | | Short expiry (15m-1h) | Put sensitive data in payload | | Validate all claim…