Intro to JWT

December 01, 2014

1.3k

Intro to JWT

Cookies have been around for decades and have served us well. Nobody questions their usefulness. However, modern apps demand a better approach. This session is all about the natural successor to cookies: using a token-based design with JWTs.

Martin Gontovnikas

December 01, 2014

More Decks by Martin Gontovnikas

See All by Martin Gontovnikas

Make your SPA a maximum security prison - ConFoo Version

mgonto

350

Death To Cookies: Long Live JSON Web Tokens

mgonto

960

Make your SPA a maximum security prison

mgonto

3.2k

Models and Rest APIs on AngularJS with Restangular

mgonto

6.3k

Reactive Angular

mgonto

2.4k

Other Decks in Technology

See All in Technology

メールサーバ管理者のみ知る話

hinono

110

安心してください、日本語使えますよ―Ubuntu日本語Remix提供休止に寄せて― 2024-11-17

nobutomurata

400

TypeScriptの次なる大進化なるか！？　条件型を返り値とする関数の型推論

uhyo

1.4k

データの信頼性を支える仕組みと技術

chanyou0311

1.7k

Can We Measure Developer Productivity?

ewolff

120

Team Dynamicsを目指すウイングアーク１ｓｔのQAチーム

sadonosake

320

第1回国土交通省データコンペ参加者向け勉強会③- Snowflake x estie編 -

estie

110

地理情報データをデータベースに格納しよう～ GPUを活用した爆速データベース PG-Stromの紹介～

sakaik

140

いざ、BSC討伐の旅

nikinusu

750

データ活用促進のためのデータ分析基盤の進化

takumakouno

870

ノーコードデータ分析ツールで体験する時系列データ分析超入門

negi111111

360

スクラム成熟度セルフチェックツールを作って得た学びとその活用法

coincheck_recruit

120

Featured

See All Featured

Automating Front-end Workflow

addyosmani

1366

200k

Done Done

chrislema

181

16k

No one is an island. Learnings from fostering a developers community.

thoeni

It's Worth the Effort

183

27k

Optimizing for Happiness

mojombo

376

70k

CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again

sstephenson

159

15k

Understanding Cognitive Biases in Performance Measurement

bluesmoon

1.4k

Principles of Awesome APIs and How to Build Them.

keavy

126

17k

Build your cross-platform service in a week with App Engine

jlugia

229

18k

A designer walks into a library…

pauljervisheath

202

24k

Git: the NoSQL Database

bkeepers

PRO

427

64k

Measuring & Analyzing Core Web Vitals

bluesmoon

Transcript

Death to Cookies Long Live JSON Web Tokens
Browser Server 1. POST /users/login with username and password 2.
Creates a User session 3. Returns a logged in cookie to the browser 4. Do an authenticated request. Sends the cookie. 5. Check the session based on the cookie and authenticate the user 6. Sends response to the client
A better approach Token-based Authentication JSON Web Tokens https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-30
Demo time! jwt.io
None
None
None
None
None
Browser Server 1. POST /users/login with username and password 2.
Creates a JWT with a secret 3. Returns the JWT to the Browser 4. Sends the JWT on the Authorization Header. 5. Check JWT signature. Get user information from the JWT. 6. Sends response to the client
@mgonto Thanks!

Intro to JWT

Intro to JWT

Martin Gontovnikas

More Decks by Martin Gontovnikas

Other Decks in Technology

Featured

Transcript

Death to Cookies Long Live JSON Web Tokens

Browser Server 1. POST /users/login with username and password 2.

A better approach Token-based Authentication JSON Web Tokens https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-30

Demo time! jwt.io

Browser Server 1. POST /users/login with username and password 2.

@mgonto Thanks!