JWT
JWT is a means of representing transfer requests between the two Client - Server parties, the information in the JWT string is formatted in JSON. In which the Token string must have 3 parts: header , payload part and signature part separated by "."
So according to the above theory, I will have a Token chain as follows:
Structure of JSON Web Token
As mentioned above JSON Web Token consists of 3 parts, separated by a dot (.):
1. Header
Will contains what type of token and encryption algorithm
“typ” (type) indicates that the object is a JWT
“alg” (algorithm) defines the encryption algorithm for the string as HS256
2. Payload
The payload will contain the information you want to put in the Token string such as username , userId , author , ...
Note do not put too much information in the Payload chain because it will affect the delay when the Server has to confirm a Token that is too long.
3. Signature
This signature will be generated by encrypting the header , payload with a secret key, for example:
base64UrlEncoder : header and payload encoding algorithm
The above code after encoding the header and payload using the base64UrlEncode algorithm, we will have the following string
Then encrypt the above 2 strings with secret (secret key) with the HS256 algorithm, we will have the following signature string:
Final
Combining the above 3 strings we will get a complete JWT chain
Last updated