Skip to main content

JSON Web Token Introduction


JSON Web Token Introduction

 JSON Web Token (JWT) is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.

 When should you use JSON Web Tokens?
  • Authorization: This is the most common scenario for using JWT. Once the user is logged in, each subsequent request will include the JWT, allowing the user to access routes, services, and resources that are permitted with that token. Single Sign On is a feature that widely uses JWT nowadays, because of its small overhead and its ability to be easily used across different domains.
  • Information Exchange: JSON Web Tokens are a good way of securely transmitting information between parties. Because JWTs can be signed—for example, using public/private key pairs—you can be sure the senders are who they say they are. Additionally, as the signature is calculated using the header and the payload, you can also verify that the content hasn't been tampered with.
What is the JSON Web Token structure?

 In its compact form, JSON Web Tokens consist of three parts separated by dots 
  • Header
  • Payload
  • Signature
Therefore, a JWT typically looks like the following.
xxxxx.yyyyy.zzzzz
Header
The header typically consists of two parts: the type of the token, which is JWT, and the signing algorithm being used, such as HMAC SHA256 or RSA.

How do JSON Web Tokens work?

In authentication, when the user successfully logs in using their credentials, a JSON Web Token will be returned. Since tokens are credentials, great care must be taken to prevent security issues. In general, you should not keep tokens longer than required.
Whenever the user wants to access a protected route or resource, the user agent should send the JWT, typically in the Authorization header using the Bearer schema. 
Labels:

Comments

Post a Comment

Popular posts from this blog

Building a RESTful CRUD API with Node.js, Express, MongoDB

Used Libraries Express Validator Mongoose _____________Just 3 Steps________________ Step 1 Initialize the project npm init -y npm install --save-dev nodemon npm install express mongoose npm install validator Now go to the package.json and modifiy the scripts property like this. Then create folder call utils and create a file call db.js inside it. Here is my project structure. If  you haven't any idea to get MongoDB Connection String please refer first part from  here. Follow these set of code for RESTful API crud operations.    Step 2     db.js const mongoose = require('mongoose'); const validator = require('validator'); const url = 'MongoDB Connection String'; mongoose.connect(url,{useUnifiedTopology:true,useNewUrlParser:true}); const Schema = mongoose.Schema; const userSchema = new Schema({     name : {         type : String,         require : true,         trim : true     },     age : {         type
3 comments
Read more

Routing and navigation in Angular

Angular provides a complete  routing  library with the possibility to  have  multiple  router  outlets, different path matching strategies, easy access to  route  parameters and  route  guards to protect components from unauthorized access. The  Angular router is  a core part of the  Angular  platform. It's very easy to implement routing and navigation. So now I'm going to implement simple application for routing. When we create project it also create  app-routing.module.ts file. Then I created 2 components call DepartmentList and EmployeeList. So now what I want is when I Press the the Employee list button I want to move Employee List form and when press the Department list button  want to  move Department List form. First step You must go to the  app-routing.module.ts  and you can see there is an array call routes. Then declare your components with name which you want appear on URL.   Don't remember import your component. And you must export your components.
Post a Comment
Read more

An Introduction to Mongoose, Express for MongoDB With NodeJS

This is about how to connect with MongoDB from NodeJS. Used Libraries Express  Mongoose Steps... 1. npm init -y 2. npm install --save-dev nodemon              coppy this inside package.json                 "scripts":{                   "start": "node app",                  "dev": "nodemon app"           } 3. npm i express mongoose db.js (Inside the utils folder) const mongoose = require('mongoose'); const validator = require('validator'); const url = 'MongoDB Connection String'; mongoose.connect(url,{useUnifiedTopology:true,useNewUrlParser:true}) .then(res => console.log(res)) .catch(err => console.log(err)); app.js const express = require('express'); require('./utils/db'); const app = express(); app.listen(3000);  For execute npm run dev
Post a Comment
Read more