Understand JSON Web Token Authentication in Javascript
Thread π§΅π
Thread π§΅π
A JSON Web Token, or JWT, is a type of authentication token that is used to identify a user.
It is a JSON object that contains a set of claims, or assertions, about the user.
These claims can be verified by a third party, such as a website or an application.
It is a JSON object that contains a set of claims, or assertions, about the user.
These claims can be verified by a third party, such as a website or an application.
This information can be verified and trusted because it is digitally signed.
A JWT can also be encrypted so that only the intended recipient can read the contents of the token.
A JWT can also be encrypted so that only the intended recipient can read the contents of the token.
1οΈβ£ User signs up
The user will sign up with their email/password.
This information is received by the Authentication Server.
The user will sign up with their email/password.
This information is received by the Authentication Server.
2οΈβ£ Verify + Generate JWT
The email and password combination is verified by the authentication server.
The JSON web token will be generated if the combination is correct.
You can use the private key or secret salt for this.
The user receives the JWT back.
The email and password combination is verified by the authentication server.
The JSON web token will be generated if the combination is correct.
You can use the private key or secret salt for this.
The user receives the JWT back.
Typically, the client stores the JWT in the session data.
Databases or cookies may be used for this.
Let's use a GET request as an example in the following.
Databases or cookies may be used for this.
Let's use a GET request as an example in the following.
3οΈβ£ Access data
The client can access secured server data using the produced and saved JWT.
Every subsequent request the client makes to the protected resource will include the JWT in the HTTP authorization header.
The client can access secured server data using the produced and saved JWT.
Every subsequent request the client makes to the protected resource will include the JWT in the HTTP authorization header.
4οΈβ£ Request verification + resources sent
The resource server receives the request with the JWT in the final phase.
It verifies the JSON web token
If it's accurate, it will read the resource and provide the user with the results back.
The resource server receives the request with the JWT in the final phase.
It verifies the JSON web token
If it's accurate, it will read the resource and provide the user with the results back.
If you like this post, you can bookmark and tag it by replying with @SaveToBookmarks #javascript #jwt
You can view your bookmarks on savetobookmarks.com
You can view your bookmarks on savetobookmarks.com
That's all, guys.
If you found this list useful, consider:
β Follow @csaba_kissi for more content like this
π Enable notifications π
π Retweeting the first tweet.
Thanks for your support, guys! ππ€
If you found this list useful, consider:
β Follow @csaba_kissi for more content like this
π Enable notifications π
π Retweeting the first tweet.
Thanks for your support, guys! ππ€
β’ β’ β’
Missing some Tweet in this thread? You can try to
force a refresh
γ
