Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
nepster-web2017-02-10 15:08:30
PHP
nepster-web, 2017-02-10 15:08:30

How to generate a unique key for JWT if it is not recommended to store it in the database?

I use this library: https://github.com/firebase/php-jwt
As you can see, in order to encrypt / decrypt the token, a secret key is needed.
If I want to generate my own unique key for security for each token, then how can I find out from whom, which key if I do not store the tokens in the database?
How does anyone approach this issue?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
K
kulaeff, 2017-02-10
@nepster-web

Hmm, JWT is already invented for security. And what does it mean for each token to generate a unique key? The secret key is needed to sign the tokens. Only the server knows the secret key. The server generated and signed the token, gave it to the front, then the front made a request, sending the token along with the request, and the server, knowing the secret key, decodes this token and identifies the user without accessing the database.

Similar questions
I
Isaac Clark2017-04-05 13:43:42
HTML5 GAME: Is it better to use Canvas or DIV for sprite animation? 5Reply
S
Steve2022-01-20 23:47:23
How to hide the real path to css? 3Reply
D
Danil Tunev2018-11-22 04:48:49
How to see assembler input parameters? 4Reply
R
Rustam Akhmetov2016-06-27 10:05:19
How to speed up cms Moodle? 4Reply
T
thehighhomie2018-11-30 12:28:13
Plugin to generate PDF from JavaScript? 4Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question