Slide 9
Slide 9 text
HOW DO YOU AUTHENTICATE..?
TOKEN BASED AUTHENTICATION
▸ User enters credentials
▸ Server verifies credentials and returns a signed
token (the JWT)
▸ Token is stored client-side! (e.g. local storage)
▸ Subsequent requests to server include the
token, generally as Authorization header
▸ Server decodes the JWT, if valid, proceed with
request, no memory lookups necessary
▸ On logout, JWT is destroyed client-side