There are lots of discussion and favor that token based architecture of authentication of MEAN application is secure. But I have question that is it really pass user-name and password for authorization and authentication as payload in JSON Web Token, and if we are not passing secured information in payload then how JSON Web Token authenticate user without user-name / password in server side.There are lots of discussion and favor that tok