Link
Embed
Share
Beginning
This slide
Copy link URL
Copy link URL
Copy iframe embed code
Copy iframe embed code
Copy javascript embed code
Copy javascript embed code
Share
Tweet
Share
Tweet
Slide 1
Slide 1 text
JWT
Slide 2
Slide 2 text
“jot”
Slide 3
Slide 3 text
JSON Web Tokens
Slide 4
Slide 4 text
No content
Slide 5
Slide 5 text
José Padilla
Slide 6
Slide 6 text
Co-founder at
Slide 7
Slide 7 text
twitter.com/jpadilla_
Slide 8
Slide 8 text
github.com/jpadilla
Slide 9
Slide 9 text
jpadilla.com
Slide 10
Slide 10 text
What?
Slide 11
Slide 11 text
No content
Slide 12
Slide 12 text
No content
Slide 13
Slide 13 text
No content
Slide 14
Slide 14 text
No content
Slide 15
Slide 15 text
JOSE
Slide 16
Slide 16 text
JavaScript Object Signing and Encryption
Slide 17
Slide 17 text
JWE
Slide 18
Slide 18 text
JSON Web Encryption
Slide 19
Slide 19 text
JWK
Slide 20
Slide 20 text
JSON Web Key
Slide 21
Slide 21 text
JWS
Slide 22
Slide 22 text
JSON Web Signature
Slide 23
Slide 23 text
JWA
Slide 24
Slide 24 text
JSON Web Algorithms
Slide 25
Slide 25 text
No content
Slide 26
Slide 26 text
Why?
Slide 27
Slide 27 text
JWT + JWS
Slide 28
Slide 28 text
Token-based Auth
Slide 29
Slide 29 text
Single Sign-on
Slide 30
Slide 30 text
Action Links
Slide 31
Slide 31 text
HTTP
Slide 32
Slide 32 text
How?
Slide 33
Slide 33 text
Internet-Draft
Slide 34
Slide 34 text
{ "typ": "JWT", "alg": "HS256" }
Slide 35
Slide 35 text
eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9
Slide 36
Slide 36 text
{! "user_id": 1! }
Slide 37
Slide 37 text
eyJ1c2VyX2lkIjogMX0
Slide 38
Slide 38 text
BSf1w1blYKcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
Slide 39
Slide 39 text
eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkp XVCJ9.eyJ1c2VyX2lkIjogMX0.BSf1w1blY KcbxVlyOtUogUsozH2clY34xxYPd8lQIlQ
Slide 40
Slide 40 text
PyJWT
Slide 41
Slide 41 text
$ pip install PyJWT
Slide 42
Slide 42 text
https:/ /github.com/progrium/pyjwt
Slide 43
Slide 43 text
import jwt ! SECRET_KEY = "my-secret-key" payload = {"user_id": 1} ! jwt_token = jwt.encode(payload, SECRET_KEY) ! payload = jwt.decode(jwt_token, SECRET_KEY)
Slide 44
Slide 44 text
DRF JWT Auth
Slide 45
Slide 45 text
$ pip install djangorestframework-jwt
Slide 46
Slide 46 text
https:/ /github.com/GetBlimp/django-rest-framework-jwt
Slide 47
Slide 47 text
GET /protected/ HTTP/1.1 Host: localhost:8000 Authorization: JWT
Slide 48
Slide 48 text
Thanks