Upgrade to Pro — share decks privately, control downloads, hide ads and more …

JWT

José Padilla
February 20, 2014
Programming
2
410

 JWT

JSON Web Tokens slides based on my blog post, Auth with JSON Web Tokens http://jpadilla.com/post/73791304724/auth-with-json-web-tokens

José Padilla

February 20, 2014
Tweet

More Decks by José Padilla

See All by José Padilla
Python, Government, and Contracts
jpadilla
0
35
Python, Government, and Contracts
jpadilla
0
4.6k
Python Type Hints
jpadilla
0
350
Developer Ergonomics
jpadilla
0
2k
DjangoCon - JSON Web Tokens
jpadilla
15
11k
BFTW: The Backend
jpadilla
4
170
eventos
jpadilla
0
140
Ember.js + Django
jpadilla
3
2.1k
UPRB Basic Workshop
jpadilla
2
180

Other Decks in Programming

See All in Programming
코틀린으로 멀티플랫폼 만들기
pangmoo
0
120
受託開発でGitLab CI を活用していく
xiombatsg
1
270
0→1と1→10の狭間で Javaという技術選定を振り返る/Reflecting on the Decision to Choose Java Between Scaling from 0 to 1 and 1 to 10
jaguar_imo
2
370
Ruby Pattern Matching
bkuhlmann
0
920
チーム力を高めるスクラム実践法:カンバン公開と課題攻略について - ニフティのスクラムトーク Vol. 2 - NIFTY Tech Talk #18
niftycorp
PRO
1
110
pixivアプリでマルチモジュールを実現するまで
gatosyocora
1
130
Tailwind CSSを本気でカスタマイズする方法
fsubal
2
230
SwiftUI Performance 不要なViewの再描画と更新を抑える
bigamitiongit
1
160
Elm Form Validation
bkuhlmann
0
500
[SF Ruby, March 2024] Rails on Wasm
palkan
0
370
PHP8.3の機能を振り返る / Review of PHP 8.3 features
seike460
PRO
1
110
雑に思考を整理する技術と効能
konifar
55
25k

Featured

See All Featured
Faster Mobile Websites
deanohume
297
30k
Web development in the modern age
philhawksworth
202
10k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
76
41k
Agile that works and the tools we love
rasmusluckow
324
20k
Designing the Hi-DPI Web
ddemaree
276
33k
The Cult of Friendly URLs
andyhume
74
5.7k
Scaling GitHub
holman
457
140k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
104
6.6k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
226
51k
Building a Scalable Design System with Sketch
lauravandoore
455
32k
Infographics Made Easy
chrislema
237
18k
Six Lessons from altMBA
skipperchong
20
3k

Transcript

  1. JWT

  2. “jot”

  3. JSON Web Tokens

  4. None

  5. José Padilla

  6. Co-founder at

  7. twitter.com/jpadilla_

  8. github.com/jpadilla

  9. jpadilla.com

  10. What?

  11. None
  12. None
  13. None
  14. None

  15. JOSE

  16. JavaScript Object Signing and Encryption

  17. JWE

  18. JSON Web Encryption

  19. JWK

  20. JSON Web Key

  21. JWS

  22. JSON Web Signature

  23. JWA

  24. JSON Web Algorithms

  25. None

  26. Why?

  27. JWT + JWS

  28. Token-based Auth

  29. Single Sign-on

  30. Action Links

  31. HTTP

  32. How?

  33. Internet-Draft

  34. { "typ": "JWT", "alg": "HS256" }

  35. eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9

  36. {! "user_id": 1! }

  37. eyJ1c2VyX2lkIjogMX0

  38. BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ

  39. eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkp XVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blY KcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ

  40. PyJWT

  41. $ pip install PyJWT

  42. https:/ /github.com/progrium/pyjwt

  43. import jwt ! SECRET_KEY = "my-secret-key" payload = {"user_id": 1}

    ! jwt_token = jwt.encode(payload, SECRET_KEY) ! payload = jwt.decode(jwt_token, SECRET_KEY)

  44. DRF JWT Auth

  45. $ pip install djangorestframework-jwt

  46. https:/ /github.com/GetBlimp/django-rest-framework-jwt

  47. GET /protected/ HTTP/1.1 Host: localhost:8000 Authorization: JWT <YOUR_TOKEN>

  48. Thanks