jwt

let jwt = require('jsonwebtoken');

const SUPER_SECRET_TOKEN = "My_Secret_Token";

server.post('/',(req,res)=>{
    res.setHeader('Content-Type', 'application/json');
    var token = jwt.sign({message: "Hello"}, SUPER_SECRET_TOKEN, { expiresIn: '5m' , noTimestamp: true });
    var result = jwt.verify(token, SUPER_SECRET_TOKEN);
    res.end(JSON.stringify({error: false, data: result}));
});

HMACSHA256(
  base64UrlEncode(header) + "." +
  base64UrlEncode(payload),
  
) secret base64 encoded

JSON Web Token is an Internet standard for creating data with optional
signature and/or optional encryption whose payload holds JSON that asserts
some number of claims.

The tokens are signed either using a private secret or a public/private key.