Upgrade to Pro — share decks privately, control downloads, hide ads and more …

JWT

José Padilla
February 20, 2014
Programming
2
420

 JWT

JSON Web Tokens slides based on my blog post, Auth with JSON Web Tokens http://jpadilla.com/post/73791304724/auth-with-json-web-tokens

José Padilla

February 20, 2014
Tweet

More Decks by José Padilla

See All by José Padilla
Python, Government, and Contracts
jpadilla
0
38
Python, Government, and Contracts
jpadilla
0
4.8k
Python Type Hints
jpadilla
0
430
Developer Ergonomics
jpadilla
0
2k
DjangoCon - JSON Web Tokens
jpadilla
15
11k
BFTW: The Backend
jpadilla
4
180
eventos
jpadilla
0
150
Ember.js + Django
jpadilla
3
2.1k
UPRB Basic Workshop
jpadilla
2
190

Other Decks in Programming

See All in Programming
Creating a Free Video Ad Network on the Edge
mizoguchicoji
0
120
Streams APIとTCPフロー制御 / Web Streams API and TCP flow control
tasshi
2
350
レガシーシステムにどう立ち向かうか 複雑さと理想と現実/vs-legacy
suzukihoge
14
2.2k
色々なIaCツールを実際に触って比較してみる
iriikeita
0
330
C++でシェーダを書く
fadis
6
4.1k
最新TCAキャッチアップ
0si43
0
140
2024/11/8 関西Kaggler会 2024 #3 / Kaggle Kernel で Gemma 2 × vLLM を動かす。
kohecchi
5
920
『ドメイン駆動設計をはじめよう』のモデリングアプローチ
masuda220
PRO
8
540
flutterkaigi_2024.pdf
kyoheig3
0
110
Better Code Design in PHP
afilina
PRO
0
130
【Kaigi on Rails 2024】YOUTRUST スポンサーLT
krpk1900
1
330
みんなでプロポーザルを書いてみた
yuriko1211
0
260

Featured

See All Featured
5 minutes of I Can Smell Your CMS
philhawksworth
202
19k
Why Our Code Smells
bkeepers
PRO
334
57k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
28
2k
The Art of Programming - Codeland 2020
erikaheidi
52
13k
Imperfection Machines: The Place of Print at Facebook
scottboms
265
13k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
8
890
The World Runs on Bad Software
bkeepers
PRO
65
11k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.1k
What's in a price? How to price your products and services
michaelherold
243
12k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
665
120k
Code Review Best Practice
trishagee
64
17k
The Pragmatic Product Professional
lauravandoore
31
6.3k

Transcript

  1. JWT

  2. “jot”

  3. JSON Web Tokens

  4. None

  5. José Padilla

  6. Co-founder at

  7. twitter.com/jpadilla_

  8. github.com/jpadilla

  9. jpadilla.com

  10. What?

  11. None
  12. None
  13. None
  14. None

  15. JOSE

  16. JavaScript Object Signing and Encryption

  17. JWE

  18. JSON Web Encryption

  19. JWK

  20. JSON Web Key

  21. JWS

  22. JSON Web Signature

  23. JWA

  24. JSON Web Algorithms

  25. None

  26. Why?

  27. JWT + JWS

  28. Token-based Auth

  29. Single Sign-on

  30. Action Links

  31. HTTP

  32. How?

  33. Internet-Draft

  34. { "typ": "JWT", "alg": "HS256" }

  35. eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9

  36. {! "user_id": 1! }

  37. eyJ1c2VyX2lkIjogMX0

  38. BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ

  39. eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkp XVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blY KcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ

  40. PyJWT

  41. $ pip install PyJWT

  42. https:/ /github.com/progrium/pyjwt

  43. import jwt ! SECRET_KEY = "my-secret-key" payload = {"user_id": 1}

    ! jwt_token = jwt.encode(payload, SECRET_KEY) ! payload = jwt.decode(jwt_token, SECRET_KEY)

  44. DRF JWT Auth

  45. $ pip install djangorestframework-jwt

  46. https:/ /github.com/GetBlimp/django-rest-framework-jwt

  47. GET /protected/ HTTP/1.1 Host: localhost:8000 Authorization: JWT <YOUR_TOKEN>

  48. Thanks