Skip to content

kehart/jwt-backend-tutorial

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
controllers
controllers
 
 
driver
driver
 
 
models
models
 
 
repository/user
repository/user
 
 
utils
utils
 
 
.env
.env
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
main.go
main.go
 
 

Repository files navigation

JWT Backend Tutorial

Endpoints

  1. POST /signup (handled by signup)
  2. POST /login (handled by login)
  3. GET /protected (handled by protectedEndpoint)

Notes on JWTs

General Info

  • JWT stands for JSON Web Token
  • JWT is a means of exchanging information between two parties (in payload)
  • Digitally signed

Structure of JWT

{Base64 encoded Header}.{Base64 encoded Payload}.{Signature}

  • Header contains algorithm and token type , and before encoding looks like
{
  "alg": "HS256",
  "typ": "JWT"
}
  • The payload can carry claims, which are user and additional data such as token expiry, etc.
  • Three types of claims: Registered, Public, and Private
  • Before encoding, an example is
{
  "email": "test@example.com",
  "issuer": "course"
}
  • The signature is computer from the header, payload, and a secret
  • Signature generated by am algorithm
  • Digitally signed using a secret string only known to the developer (cannot be decrypted)

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages