Understand JSON Web Token Authentication in Javascript
Thread 🧵👇
A JSON Web Token, or JWT, is a type of authentication token that is used to identify a user.
It is a JSON object that contains a set of claims, or assertions, about the user.
These claims can be verified by a third party, such as a website or an application.
This information can be verified and trusted because it is digitally signed.
A JWT can also be encrypted so that only the intended recipient can read the contents of the token.
1️⃣ User signs up
The user will sign up with their email/password.
This information is received by the Authentication Server.
2️⃣ Verify + Generate JWT
The email and password combination is verified by the authentication server.
The JSON web token will be generated if the combination is correct.
You can use the private key or secret salt for this.
The user receives the JWT back.
Typically, the client stores the JWT in the session data.
Databases or cookies may be used for this.
Let's use a GET request as an example in the following.
3️⃣ Access data
The client can access secured server data using the produced and saved JWT.
Every subsequent request the client makes to the protected resource will include the JWT in the HTTP authorization header.
4️⃣ Request verification + resources sent
The resource server receives the request with the JWT in the final phase.
It verifies the JSON web token
If it's accurate, it will read the resource and provide the user with the results back.
If you like this post, you can bookmark and tag it by replying with @SaveToBookmarks #javascript #jwt
You can view your bookmarks on savetobookmarks.com
That's all, guys.
If you found this list useful, consider:
✅ Follow @csaba_kissi for more content like this
🔔 Enable notifications 👀
🔄 Retweeting the first tweet.
Thanks for your support, guys! 🙏🤝
Share this Scrolly Tale with your friends.
A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.