Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
W
W
Wasya UK2018-04-13 13:23:51
JSON Web Token
Wasya UK, 2018-04-13 13:23:51

Should I use json web tokens?

In the process of learning, node encountered tokens. Is it worth doing application authentication based on them, because if you get a secret store, you can decrypt all passwords?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Alexander Leonchik, 2018-04-13
@AlexanderMint

JWT is an opportunity to sign the "text" you need, give it to someone and check it (that it has not been changed) in the future when it comes back to you. Many projects use it, the flight is normal.
Passwords are not stored in it, as well as any private information, because any JWT can be viewed without a key.
And leaking a secret key is not a JWT problem, but your organization's.
PS encryption and JWT have little to do, and the key is just a signature, its leakage leads to the possibility of forging a token

Similar questions
S
Seva2017-08-03 13:59:25
DOMDocument and insertbefore? 2Reply
C
Cyril2019-05-08 20:28:18
How to properly store a JWT token? 0Reply
J
jtag2019-06-16 15:56:15
What is the correct way to follow a secure link using Json Web Token? 1Reply
A
AspMaster2019-07-03 21:52:33
How to recognize refresh token in asp.net core? 1Reply
D
Dmitry .2021-03-08 06:42:38
What is the best way to authorize users through JWT? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question