Hello everyone. I am trying to implement API authentication in my nodejs, reactjs application using passport.js github authentication and need to clarify some confusion.

First of all, I want to authenticate my API endpoints via JWT tokens ( and not by session cookies ). So, I disabled the default `session: false`.

I created all routes `/auth/github` and `/auth/github/callback` and attached them with my react frontend.

So, it works. I am prompted with github sign-in. And github gives me my user information, access token. refresh token etc.

Now my questions are

what should I have to do next?

What informations do I need to store in my database?

Do the `accesstoken` provided by github enough for me to secure the API routes or Do I have to generate *JWT* token (with the payload provided by github) and then follow the common JWT authentication procedure?

Thank you for your time to listen to my question. I am confused about passport.js and integration between frontend and backend.