Host Your Own JWT Authentication System with Data Tables and Token Management — Flujo de trabajo n8n

Alta complejidad🔗 Webhook63 nodos⚒️ Engineering👁 178 vistaspor Luka Zivkovic

Descripción general

Description A production-ready authentication workflow implementing secure user registration, login, token verification, and refresh token mechanisms. Perfect for adding authentication to any application without needing a separate auth service.

Get started with n8n now!

What it does This template provides a complete authentication backend using n8n workflows and Data Tables: User Registration**: Creates accounts with secure password hashing (SHA-512 + unique salts) Login System**: Generates ac

Nodos utilizados

CryptoCode

Vista previa del flujo de trabajo

Login Flow
Verify Token Flow
Registration Flow
Refresh Token Flow
📝 REGISTRATION FLOW
Checks username → Checks email → Creates user
Duplicate Prevention:
- Username must be unique
- Email must be unique
- Checks happen BEFORE password hashing (saves resource
🔐 PASSWORD SECURITY
1. Random salt generated (unique per user)
2. Password + Salt combined
3. Hashed with SHA-512 (irreversible)
4. Stored as "salt:hash"
Why salt? Makes every password hash uniqu
🔑 LOGIN FLOW
Validates input → Finds user → Verifies password
→ Generates tokens → Stores refresh token → Returns tok
Password Verification:
- Extracts salt from stored "salt:hash"
- Hashes in
🎫 TWO TOKEN SYSTEM
Access Token (15 min):
- For API requests
- Short lifespan = more secure
- Not stored in DB
Refresh Token (7 days):
✅ TOKEN VERIFICATION
1. Parse token into parts
2. Check expiration time
3. Recreate signature with secret key
4. Compare signatures
If signature doesn't match → Token was tampered with
🔄 REFRESH PROCESS
Client sends refresh token →
Verify signature → Check expiration →
Lookup in database → Generate new access token
Database Check:
Allows token revocation (logout all devices)
🔒 DEFENSE IN DEPTH
Refresh token is hashed (SHA-256) before storing.
Why? If database leaks:
- Attacker can't use tokens directly
- Must crack SHA-256 (very hard)
- Adds security layer
🔑 CRITICAL SECURITY
Two secret keys used:
- ACCESS_SECRET: Signs access tokens
- REFRESH_SECRET: Signs refresh tokens
⚠️ MUST be identical everywhere:
- Login workflow (signing)
⚠️ TROUBLESHOOTING
"Invalid signature":
→ Check secret keys match everywhere
"Token not found in DB":
→ Check hash type (SHA256 + HEX encoding)
"Cannot read property":
🧪 TEST SEQUENCE
1. Register new user
2. Login with credentials
3. Copy accessToken and refreshToken
4. Verify access token
5. Wait 15+ min OR manually test refresh
💾 TABLE SETUP
Use n8n Data Tables Feature
Table 'users':
- email string (login identifier)
- username string (login identifier)
- password_hash string (as "salt:hash")
⚙️ CUSTOMIZATION POINTS
Change token lifespan:
- Find: exp: now + (15 * 60)
- Adjust: (30 * 60) = 30 minutes
Change hash algorithm:
- Update Crypto nodes (SHA256 → SHA512)
!! ATTENTION !!
You can use this node to set the ACCESS_SECRET and REFR
You will need to handle authenticating requests in diff
Migrating to Variables
You'll need to change following nodes to use Variables
- 'Sign Access Token' and 'Sign Refresh Token' nodes to
- Verify S
🔐 COMPLETE AUTH WORKFLOW OVERVIEW
Implement a complete auth process using n8n workflow. T
Workflow Overview And Setup
Important Notes
Generate Salt
Hash Password
P
Process login webhook
G
Get User
Extract Salt & Hash
Hash Input Password
Sign Access Token
Sign Refresh Token
Format JWT Tokens
M
Merge JWT Tokens
Hash Refresh Token for S…
Parse JWT
Verify HMAC Signature
Compare Signatures
C
Create User
R
Registration Webhook
Format Password & Salt
Format User Data
E
Error Registration Respo…
Validate Registration Re…
R
Registration Successful
I
If User Exists
U
User Not Found
Code in JavaScript
U
Update User Refresh Token
S
Store Refresh Token
M
Merge
V
Verify Access Token
W
When Executed by Another…
R
Refresh Access Token
Parse Refresh Token
Verify Signature
Compare Refresh Token Si…
Hash Refresh Token For D…
I
If Refresh Token Exists
I
If Refresh Token Is Valid
Create Access Token Payl…
Format Access Token JWT
R
Return New Access Token
S
Session Expired
P
Parse Register Request
L
Login Successful
L
Login Credentials Invali…
P
Process Verify Token Web…
Verify Input
Verify Password
Create JWT Payload
P
Process Refresh Token
Sign New Access Token
I
If Username Is Available
G
Get User By Username
U
Username Taken Error
R
Registration Request Inv…
I
If Email Is Available
G
Get User By Email
E
Email Taken Error
L
Login Webhook
B
Bad Request
A
Access Token Valid
A
Access Token Invalid
S
SET ACCESS AND REFRESH S…
S
SET ACCESS AND REFRESH S…
S
SET ACCESS AND REFRESH S…
63 nodes61 edges

Cómo funciona

  1. 1

    Disparador

    El flujo de trabajo comienza con un disparador webhook.

  2. 2

    Procesamiento

    Los datos fluyen a través de 63 nodos, connecting code, crypto, datatable.

  3. 3

    Salida

    El flujo de trabajo completa su automatización y entrega el resultado al destino configurado.

Detalles de nodos (63)

CR

Crypto

crypto

#1
CO

Code

code

#2

Cómo importar este flujo de trabajo

  1. 1Haz clic en el botón Descargar JSON a la derecha para guardar el archivo del flujo de trabajo.
  2. 2Abre tu instancia de n8n. Ve a Flujos de trabajo → Nuevo → Importar desde archivo.
  3. 3Selecciona el archivo host-your-own-jwt-authentication-system-with-data-tables-and-token-management descargado y haz clic en Importar.
  4. 4Configura las credenciales para cada nodo de servicio (claves API, OAuth, etc.).
  5. 5Haz clic en Probar flujo de trabajo para verificar que todo funcione, luego actívalo.

O pega directamente en n8n → Importar desde JSON:

{ "name": "Host Your Own JWT Authentication System with Data Tables and Token Management", "nodes": [...], ...}

Integraciones

codecryptodatatableexecuteworkflowtriggerifmergerespondtowebhooksetwebhook

Obtener este flujo de trabajo

Descarga e importa con un solo clic

Descargar JSONVer en n8n.io
Nodos63
Complejidadhigh
Disparadorwebhook
Vistas178
CategoríaEngineering

Creado por

Luka Zivkovic

Luka Zivkovic

@zivkovic58

Etiquetas

codecryptodatatableexecuteworkflowtriggerifmergerespondtowebhooksetwebhook

¿Nuevo en n8n?

n8n es una herramienta de automatización de flujos de trabajo gratuita y de código abierto. Alójala tú mismo o usa la versión en la nube.

Obtener n8n gratis →

Related Engineering Workflows

COGOHTIF+5
high

Automate YooKassa Payments & Order Logs in Google Sheets

Transform your payment operations with this comprehensive n8n automation designed for seamless YooKassa integration. Instead of manual data entry, this workflow creates a self-correcting financial ledger by syncing every transaction directly into Google Sheets in real-time. The logic handles the entire commerce lifecycle: from the moment a customer initiates a checkout to the final status confirmation via secure webhooks. What sets this template apart is its robust error-handling and multi-stage processing. It doesn't just log successful sales; it intelligently updates refund statuses, sorts transaction types, and uses conditional logic to ensure your spreadsheet remains a 'single source of truth.' By utilizing the Respond to Webhook node, the workflow provides immediate feedback to the payment gateway, ensuring high reliability. This is an enterprise-grade solution for small business owners who need to scale their digital sales without the overhead of expensive ERP software or manual bookkeeping. It eliminates human error, accelerates fulfillment, and provides a transparent audit trail for every ruble processed. **Common Use Cases:** - Automated Digital Product Delivery: Trigger instant access to downloads or courses once the YooKassa payment status is verified in the sheet. - Real-time Financial Reporting: Maintain a live dashboard of sales performance and refund rates for e-commerce stakeholders without manual exports. - No-code Subscription Management: Track recurring customer payments and trial expirations by logging every transaction event into a centralized Google Sheets database.

🔗 Webhook·39 nodes
COGOHTMA
low

Automate Google AI Overview Tracking: SEO Audit with SerpApi

As Google’s Search Generative Experience (SGE) reshapes the digital landscape, traditional SEO metrics often fall short. This advanced n8n workflow bridges the data gap by providing a scalable solution for monitoring brand visibility within AI Overviews. By integrating SerpApi with Google Sheets, the automation systematically audits your target keyword clusters to detect AI-generated summaries and source citations. The process begins by pulling high-priority keywords directly from your repository. It then executes real-time search queries via SerpApi, utilizing custom JavaScript in a Code node to parse complex JSON responses. The workflow specifically identifies if an AI Overview is present and, more importantly, whether your domain is cited as a primary source. All findings are exported into a structured Google Sheet, creating a historical record of your 'AI Share of Voice.' This automation saves SEO teams dozens of manual hours, allowing for data-driven adjustments to content strategy based on how Google’s LLM perceives and attributes your site’s authority. It is an essential tool for agencies and enterprise SEOs looking to defend their organic traffic in the age of generative search. **Common Use Cases:** - SGE Visibility Benchmarking vs Competitors - Automated AI Citation Reporting for SEO Clients - Content Strategy Optimization for Informational Intent Queries

Trigger·5 nodes
EDFOGIGM+3
medium

Automate Dynamic GitHub Images & URL Redirects in n8n

Stop manually updating marketing assets across distributed channels. This professional n8n automation eliminates the 'stale content' problem by transforming static GitHub-hosted images and links into dynamic, self-updating resources. Instead of hunting down every email template or PDF where you've embedded a promotional banner, this workflow allows you to push updates to a central GitHub repository that automatically reflects across all live instances. The workflow functions by utilizing GitHub as a headless content management system. It leverages the EditImage node to programmatically modify visual assets and the GitHub node to commit these changes automatically. It includes a Form Trigger for on-demand updates and a Schedule Trigger for recurring maintenance. By using stable embed links that point to dynamic GitHub files, your marketing collateral remains evergreen. Whether you are updating a limited-time offer in an old email sequence or refreshing data visualizations in a shared report, this automation ensures your audience always sees the most current information without requiring manual re-distribution of files. **Common Use Cases:** - Automated Email Banner Updates for Evergreen Campaigns - Dynamic GitHub Profile Readme & Repository Statistics - Centralized Promo Link Management for Distributed PDF Guides

Trigger·12 nodes
AGCOEXGI+8
medium

Automate Jekyll SEO Blogs with GPT-4 and GitHub (n8n Guide)

This sophisticated automation engine transforms your content strategy by bridging the gap between raw data and a live, high-ranking Jekyll website. Instead of manually drafting and formatting Markdown files, this workflow utilizes an advanced LangChain agent powered by GPT-4 to synthesize high-quality, long-form articles from simple CSV inputs. The system intelligently parses your data, constructs SEO-optimized blog posts, and handles the technical heavy lifting by committing the code directly to your GitHub repository. This triggers your CI/CD pipeline for instant deployment. Beyond just publishing, the workflow acts as a social media manager, automatically distributing your new content to LinkedIn and X (Twitter) to maximize reach and backlinks. It is an ideal solution for lean marketing teams or solo developers who need to maintain a consistent publishing cadence without the overhead of a traditional CMS. By automating the research, writing, and distribution phases, users can scale their organic traffic exponentially while focusing on high-level strategy rather than repetitive formatting and manual commits. **Common Use Cases:** - Programmatic SEO for Niche Affiliate Marketing Sites - Automated Technical Documentation and Change Log Updates - Scalable Content Engine for Multi-Language Recipe or Directory Portals

Trigger·13 nodes
AGCOEMEM+5
medium

Build a Local AI Book Concierge with Ollama & n8n

Transform your inbox into an intelligent, automated literary assistant with this advanced n8n workflow. By leveraging the power of local LLMs through Ollama and the OpenLibrary API, this automation eliminates the manual effort of responding to reading inquiries. The process begins by monitoring an IMAP folder for incoming requests. Once an email arrives, a sophisticated AI agent analyzes the sender's natural language to pinpoint their specific interests and genre preferences. The workflow then executes a real-time API lookup to fetch accurate bibliographical data, including summaries and metadata. Finally, it crafts and sends a professional, personalized recommendation email back to the user. This setup is perfect for organizations looking to deploy privacy-focused AI solutions without relying on expensive cloud tokens. It demonstrates a high-level integration of LangChain agents, conditional logic, and external data enrichment, providing a seamless 'set-and-forget' experience for managing high volumes of literary or educational inquiries while maintaining a human-like touch in communication. **Common Use Cases:** - Personalized Reading Lists for Digital Newsletters - Automated Curriculum Support for Educational Institutions - Privacy-First Customer Engagement for Local Bookstores

▶️ Manual·15 nodes
AGCOFIGM+6
medium

Automate HubSpot AI Email Replies with Slack Approval (n8n)

This advanced n8n automation bridges the gap between AI-driven speed and human-verified precision. By integrating Google Gemini with your HubSpot CRM, the workflow automatically generates context-aware email responses whenever a new inquiry hits your Gmail inbox. Unlike basic auto-responders, this system queries your HubSpot records—including contact history, active deals, and support tickets—to ensure every draft is personalized and accurate. To maintain brand integrity, the draft isn't sent immediately; instead, it is routed to a dedicated Slack channel via an interactive message. Your team can review, edit, or approve the reply with a single click, triggering the final send via Gmail. This eliminates the manual overhead of switching between tabs to find customer data and drafting repetitive emails from scratch. It is the perfect solution for scaling customer operations without hiring additional headcount, ensuring that every outbound communication is data-backed and professionally vetted. The workflow utilizes LangChain agents for intelligent reasoning, filtering out internal noise to focus purely on high-value customer interactions. **Common Use Cases:** - High-priority sales lead nurturing where quick, data-informed follow-ups are critical for conversion. - Technical support escalation where AI drafts troubleshooting steps based on existing HubSpot ticket history. - Account management automation for handling routine client inquiries with personalized data from active deals.

Trigger·13 nodes