How Does JWT Authentication Work? (JSON Web Token)

How Does JWT Authentication Work? (JSON Web Token) | Tokens vs Sessions

Рет қаралды 17,656

Күн бұрын

In this video you'll learn about how JWT Authentication works, and how token authentication differs from sessions.
Contact Me: onelightwebdev@gmail.com
Github: github.com/nikitapryymak
Support Me: www.paypal.com/paypalme/nikit...
#jwt #jsonwebtoken #jwtauth

Пікірлер: 25

@sydneyidundun9187 Жыл бұрын

Amazing content bro, keep at it already a fan and this is the first video I’ve watched.

@tompryymak9469 Жыл бұрын

Great job! So helpful.

@biokode 5 күн бұрын

I'm deep-diving into JWT to learn it completely. Started watching a lot of videos on it, and this one is VERY good! Need to play it on loop for some time I bet

@1c72 Жыл бұрын

Absolutely wonderful clarity and quality ❤️

@nikita-dev Жыл бұрын

thank you!

@SureshS-fv5co 3 ай бұрын

Very concise explanation of JWT tokens, Thanks!

@imadhamdiazghough9015 5 ай бұрын

best explanation on yt, keept the good work my friend

@priyasivakumar3607 Жыл бұрын

It’s Helpful. Thanks

@deanelie7775 4 ай бұрын

Such a great explanation! thank you so much.

@kirankumarrudraraju2429 Ай бұрын

Excellent explanation and very easy to understand..thank you

@pulserudeus7968 23 күн бұрын

awesome! this explanation is the best out there! thanks man! instant subscriber here 🔥

@devidas90 2 ай бұрын

Nicely explained dude, keep it up 👍

@hex9219 Жыл бұрын

that's cool, it all make sense right now. thanks man

@evee4148 Жыл бұрын

Osm man keep doing like this....

@Parhoom Ай бұрын

Excellent explanation. thank you!

@asdfghjkl5418 Жыл бұрын

Perfect.

@TheMudioc Жыл бұрын

Hello ! Thank you for the refreshers ! Great video One question: what do you mean by creating a whitelist for refresh token ? If you use RT rotation, what's whitelisting adding to it ?

@nikita-dev Жыл бұрын

A whitelist would be an alternative to RT rotation-- you wouldn't use both

@HossamQandeel Ай бұрын

Amazing ❤️🇪🇬

@momobear66 8 ай бұрын

Can I use personal access token(PAT) as refresh token?

@user-tp4fj2kf3p 6 ай бұрын

you mention that it validation is done using private-key. That seems odd; generally we should be able to verify the signature using the public key, can you please clarify?

@nikita-dev 4 ай бұрын

There are various hashing algorithms that use different approaches to signing and verifying tokens. Some use just 1 private key (HS256), and some use both a public key and a private key (RS256). It just depends on the algorithm

@mr.random8447 Жыл бұрын

Why not store JWT in secure httpOnly cookie instead, to prevent XSS on local storage?

@nikita-dev Жыл бұрын

that works as well 👍

@emekarr Жыл бұрын

I don’t think JWT authentication can work effectively without making some sort of db call with every request. For example to know which tokens have been invalidated when the user signs out