Json Web Token (JWT)
learning objectives :
- Know What is JWT
- Know how does it work
Hola , i'm Hamza (know more about me in Bio)
today's article is going to be about JWt , i'll explain it in my own way hopefully you get it perfectly 👌
so first JWt is as i mentioned before it is a json web tokens, so let me make things more easy let me show you an example :
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
this surly isn't a link or just meaningless characters , it is actually a user claims or in other hand "user's data"
Token is divided into 3 parts first part or in more professional terms The header , the header is referred to the algorithm that are used in and the Token Type, for example:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
{
"alg": "HS256",
"typ": "JWT"
}
the second part which is the PAYLOAD this is referred to Data 📊:
eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ
{
"sub": "1234567890",
"name": "John Doe",
"iat": 1516239022
}
last part , which is the VERIFY SIGNATURE :
flKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
When client receives a JWT, it validates the signature to ensure its authenticity
Let's make things simple
- JWts are used for securely transmitting data between two parties (usually client and server)
- they consist of 3 segments : header, Payload and signature
- each segment is base64 URL encoded and seperated by dots
Use Cases ?
=>JWTs are commonly used for managing user sessions on websites.
=>They provide authorization (access control) rather than authentication (proving identity).
Remember that verifying the signature ensures the integrity of the data within the JWT, making it a critical step in secure communication. 🌟
For now i gotta say goodbye, it was hamza hope you enjoyed reading my article this was part(1) wait for part (2) , see you soon guys 👋
Top comments (0)