JSON Web Tokens are replacing cookies for authentication purposes pretty significantly. In this blog post I am going to show you how you can implement JWT in your api. I am going node express in this example.
What is a JSON Web token
Formal is definition in official site. JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties. So:-
- JWT is based on RFC 7519 Industry standard.
- Used to securely communicate JSON objects.
- They are self contained mean they all information use to decrypt the token is in the token itself except the secret obviously.
- JWT consists of a header, payload and signature. These three parts are connect by .
A JWT looks like this
You may see here three parts separated by . The information we wanna store sits in the second part.
Lets Code a Login API using JWT
Result(Using postman to test APIs)
Trying to access protected api without authorization token
Got unauthorized error
Logging in with right credentials
Got the token back in the response
Accessing protected route with authorization token
Successfully entered the api