node.js jwt passport.js express-jwt passport-jwt

Should I use express-jwt or passport-jwt for securing an Express/Angular app?

I'm trying to figure out passport. I want to secure an API-based frontend (Angular).

I assume that means I can't use passport-local, and that I must use passport-http to get the username/password, and then passport-jwt to perform JWT signing and verification. Correct?

However then it gets confusing, because there is an even more popular package called express-jwt. Are they different? I'm not sure which is used for what purpose.

Solution

They are very similar. But passport is unmaintained, there are bugs in many of its plugins ("strategies"), and dozens of PRs that will never get merged.

So I went with express-jwt, which is maintained.

I want to install the "n" package and I get an error
n <version> command does not activate specified version
Change n install location
How to install a specific version of Node on Ubuntu/Debian?
Different node version for different projects, is there a way of telling node which version to use?
Install Node.js to install n to install Node.js?
How to select the latest node.js v6 version using n?
n-install: ERROR: GNU Make not found, which is required for operation
How to downgrade Node version with n
how switch to previous version in n (Node version manager)?
Automatically use the right version of Node for a package
internal/modules/cjs/loader.js:905 -> throw err;
Why doesn't "n" downgrade my node version on a Mac?
Node version manager
n failed to install/switch node in Linux?
vue command not found on Mac
How to uninstall n and all node versions installed by n
Angular CLI on HTTPS - can't install CI as root
n (node version manager): cannot create directory
npm module n emits errors
How to update npm permanently?
Cannot change nodejs version using n
upgrade nodejs to stable version
How should I install and use multiple versions of Node on the same production machine?