How Does JWT Authentication Work? (JSON Web Token) | Tokens vs Sessions
ฝัง
- เผยแพร่เมื่อ 15 มิ.ย. 2024
- In this video you'll learn about how JWT Authentication works, and how token authentication differs from sessions.
Contact Me: onelightwebdev@gmail.com
Github: github.com/nikitapryymak
Support Me: www.paypal.com/paypalme/nikit...
#jwt #jsonwebtoken #jwtauth - วิทยาศาสตร์และเทคโนโลยี
Amazing content bro, keep at it already a fan and this is the first video I’ve watched.
Absolutely wonderful clarity and quality ❤️
thank you!
Great job! So helpful.
Very concise explanation of JWT tokens, Thanks!
best explanation on yt, keept the good work my friend
Such a great explanation! thank you so much.
Excellent explanation and very easy to understand..thank you
It’s Helpful. Thanks
awesome! this explanation is the best out there! thanks man! instant subscriber here 🔥
Nicely explained dude, keep it up 👍
that's cool, it all make sense right now.
thanks man
Excellent explanation. thank you!
Osm man keep doing like this....
Amazing ❤️🇪🇬
Perfect.
Hello !
Thank you for the refreshers ! Great video
One question: what do you mean by creating a whitelist for refresh token ? If you use RT rotation, what's whitelisting adding to it ?
A whitelist would be an alternative to RT rotation-- you wouldn't use both
Can I use personal access token(PAT) as refresh token?
you mention that it validation is done using private-key. That seems odd; generally we should be able to verify the signature using the public key, can you please clarify?
There are various hashing algorithms that use different approaches to signing and verifying tokens. Some use just 1 private key (HS256), and some use both a public key and a private key (RS256). It just depends on the algorithm
Why not store JWT in secure httpOnly cookie instead, to prevent XSS on local storage?
that works as well 👍
I don’t think JWT authentication can work effectively without making some sort of db call with every request. For example to know which tokens have been invalidated when the user signs out