JWT: JSON Web Tokens
Learn how the data signatures are used while accessing a web application.
We'll cover the following...
Updating information in our web application
The collection of the algorithm’s name, the JSON object, and the signature together make up the JWT. It’s sent as a cookie to the user, who will now resubmit it with every subsequent request. So, suppose the user now wants to update their information in a web application. They now submit the regular API request for that update together with the JWT authentication token in a cookie.
The server looks at the token and checks if it’s still valid. This requires verifying the signature by rehashing the data with the same secret as before, and double-checking that the token has not yet expired.
- Only if the token is valid does the server perform the requested action.
- If the token is invalid, this must also be handled gracefully,