How Does JWT Authentication Work? (JSON Web Token)

How Does JWT Authentication Work? (JSON Web Token) | Tokens vs Sessions

Рет қаралды 29,048

Күн бұрын

Пікірлер: 36

@perelium-x 11 күн бұрын

What a video man! You freaking nailed it... you are by far one of the best teachers i've come across. Impressive work Subbed!

@sydneyidundun9187 2 жыл бұрын

Amazing content bro, keep at it already a fan and this is the first video I’ve watched.

@yyc5506 2 ай бұрын

your explanation is concise, easy to understand and to the point, thanks a lot!!!

@tompryymak9469 2 жыл бұрын

Great job! So helpful.

@SureshS-fv5co 9 ай бұрын

Very concise explanation of JWT tokens, Thanks!

@1c72 2 жыл бұрын

Absolutely wonderful clarity and quality ❤️

@nikita-dev 2 жыл бұрын

thank you!

@akilanramani 5 ай бұрын

The Best Explanation Ever.Thanks For Putting up in a more clear way Nikita !!

@PrashantKumar-ki1ny 5 ай бұрын

Loved the video.Your explanations were easy to understand and to the point.Loved it.Although I work as a Go Dev and most of your contents are not that relevant to me,I am still subscribing.Keep on the goo work!

@clarkflavor 6 ай бұрын

I'm deep-diving into JWT to learn it completely. Started watching a lot of videos on it, and this one is VERY good! Need to play it on loop for some time I bet

@RobertFletcherOBE 2 ай бұрын

JWTs really come into their own when combined with Asymmetric encryption. Being able to veryify the token with a public key is an enormous advantage.

@imadhamdiazghough9015 11 ай бұрын

best explanation on yt, keept the good work my friend

@kirankumarrudraraju2429 7 ай бұрын

Excellent explanation and very easy to understand..thank you

@priyasivakumar3607 2 жыл бұрын

It’s Helpful. Thanks

@eleojoadegbe 4 ай бұрын

very clear explanation. I love it . thank you

@evee4148 2 жыл бұрын

Osm man keep doing like this....

@hex9219 Жыл бұрын

that's cool, it all make sense right now. thanks man

@deanelie7775 11 ай бұрын

Such a great explanation! thank you so much.

@eip408 7 ай бұрын

awesome! this explanation is the best out there! thanks man! instant subscriber here 🔥

@Parhoom 7 ай бұрын

Excellent explanation. thank you!

@devidas90 9 ай бұрын

Nicely explained dude, keep it up 👍

@mrlectus 3 ай бұрын

The way i see people use JWT is that you would still need to do lookup with the id in the token

@gauravjain969 5 ай бұрын

Thankyou very much.

@asdfghjkl5418 2 жыл бұрын

Perfect.

@bear_momo Жыл бұрын

Can I use personal access token(PAT) as refresh token?

@JoshuaMusau 4 күн бұрын

thanks

@emekarr Жыл бұрын

I don’t think JWT authentication can work effectively without making some sort of db call with every request. For example to know which tokens have been invalidated when the user signs out

@mr.random8447 2 жыл бұрын

Why not store JWT in secure httpOnly cookie instead, to prevent XSS on local storage?

@nikita-dev Жыл бұрын

that works as well 👍

@mrlectus 3 ай бұрын

Would not work on mobile app

@RajBhandari-x8y Жыл бұрын

you mention that it validation is done using private-key. That seems odd; generally we should be able to verify the signature using the public key, can you please clarify?

@nikita-dev 10 ай бұрын

There are various hashing algorithms that use different approaches to signing and verifying tokens. Some use just 1 private key (HS256), and some use both a public key and a private key (RS256). It just depends on the algorithm

@HossamQandeel 8 ай бұрын

Amazing ❤️🇪🇬

@TheMudioc Жыл бұрын

Hello ! Thank you for the refreshers ! Great video One question: what do you mean by creating a whitelist for refresh token ? If you use RT rotation, what's whitelisting adding to it ?

@nikita-dev Жыл бұрын

A whitelist would be an alternative to RT rotation-- you wouldn't use both