![image.png](attachment:image.png)

WORKFLOW (HEADER.PAYLOAD.SIGNATURE)

1. Client is gonna hit the /login endpoint by giving username and password
2. If the username and password matches with any account in the db we will create or sign a JWT token and send it back to client or user
3. And the token is stored in either cookies or localStorage of browser or front end, now user can access resources that requires authentication
4. Let's say the application wants the user to be logged into retrieve the posts, he will send the request to the /posts endpoint with the token in the authorization header of the request 
5. Fast API verifies the token.
6. API just checks if that is a valid token and if it is it just send backs the data.

#### JWT Stored in frontend browser and secret key is stored in backend env variable or secret key manager

![image.png](attachment:image.png)

# Breaking Down JWT Token
===============================  
1. format = aaaa.bbbb.ccccc  
2. jwt tokens are not encrypted
3. JWT = Header + Payload + Signature
3. Header includes the metadata of the token (same for all token),says it’s a JWT and which algorithm is used (e.g., HS256)
4. Payload can be anything, payload could be empty and you can give anything you want, but be careful, you don't want any confidential thing in it. Common things we give is id and role. Everytime we request for resources that need authentication we need to include this token, so increasing the size of payload would increase packet size, that is going to be waste of bandwidth
5. Signature: Header + Payload + Secret Key
6. Suppose secretKey = "mySuperSecretKey123!" (Only knows to server and stored in env variable or secret password manager)
6. data = base64UrlEncode(Header) + "." + base64UrlEncode(Payload)
7. Then we sign that using the secret key: signature = HMACSHA256(data, secretKey)
8. Final JWT => encoded_header.encoded_payload.signature  
9. Example: eyJhbGciOi...eyJ1c2VyX2lkIj...2af34c99d7e8ab1f...
10. Only the last part (signature) is the hash. The header and payload stay visible (but tamper-proof because of the signature).
11. Hash (signature) = header + payload + secret key (all combined and hashed) 
12. Note that the entire JWT is not hash the signature is only hashed, you can easily decode the JWT header and payload random string in the JWT token like below
13. Signature is one-way encryption. You can't reverse it to get the secret key. Hash functions (like HMAC-SHA256) are one-way. You can't extract the secret key from the signature.




# Anybody can change the data of a token, and also see it, but they just cant generate a brand new signature because they dont have the secret or provate key it solely resides in the server.

In [None]:
# Decoding a JWT (JSON Web Token) in Python
# This script decodes the header and payload of a JWT without verifying the signature.

import base64
import json

def base64url_decode(input_str):
    # Add padding if needed
    rem = len(input_str) % 4
    if rem > 0:
        input_str += '=' * (4 - rem)
    return base64.urlsafe_b64decode(input_str)

# Example JWT (only header and payload shown here)
jwt_token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjEsInJvbGUiOiJhZG1pbiJ9"

# Split into parts
header_b64, payload_b64 = jwt_token.split('.')[:2]

# Decode
header_json = json.loads(base64url_decode(header_b64))
payload_json = json.loads(base64url_decode(payload_b64))

# Print results
print("Decoded Header:")
print(json.dumps(header_json, indent=2))

print("\nDecoded Payload:")
print(json.dumps(payload_json, indent=2))


# "What the heck? It uses a secret key to create a hash? Isn't the key itself a hash? If it's not, show me the difference!"  

Answer: No, the secret key is not a hash by default.  
It's just a random string (or bytes) known only to the server. Like => mySuperSecretKey123!  
Hash or Signature is the result of combining header + payload + secret key in a secure way


In [12]:
# JWT Creation Example
# This script creates a JWT (JSON Web Token) using HMAC-SHA256 signing.
import base64
import json
import hmac
import hashlib

# 1. Header and Payload (as Python dicts)
header = {"alg": "HS256", "typ": "JWT"}
payload = {"user_id": 123, "role": "admin"}

# 2. Convert to JSON and then bytes
header_json = json.dumps(header, separators=(',', ':')).encode()
payload_json = json.dumps(payload, separators=(',', ':')).encode()

print("Raw Header JSON:", header_json)
print("Raw Payload JSON:", payload_json)

# 3. Base64URL encode (no padding '=')
def base64url_encode(data):
    return base64.urlsafe_b64encode(data).rstrip(b'=')

encoded_header = base64url_encode(header_json)
encoded_payload = base64url_encode(payload_json)

print("\nBase64 Encoded Header:", encoded_header)
print("Base64 Encoded Payload:", encoded_payload)

# 4. Create the unsigned token: header.payload
message = encoded_header + b'.' + encoded_payload
print("\nMessage to Sign:", message)

# 5. Sign it using HMAC-SHA256 with a secret key
secret_key = b"my_super_secret_key"
signature = hmac.new(secret_key, message, hashlib.sha256).digest()

print("\nRaw HMAC Signature (bytes):", signature)

# 6. Base64URL encode the signature (to make it web-safe)
encoded_signature = base64url_encode(signature)
print("Base64 Encoded Signature:", encoded_signature)

# 7. Final JWT
jwt = message + b'.' + encoded_signature
print("\nFinal JWT Token:\n", jwt.decode())


Raw Header JSON: b'{"alg":"HS256","typ":"JWT"}'
Raw Payload JSON: b'{"user_id":123,"role":"admin"}'

Base64 Encoded Header: b'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9'
Base64 Encoded Payload: b'eyJ1c2VyX2lkIjoxMjMsInJvbGUiOiJhZG1pbiJ9'

Message to Sign: b'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoxMjMsInJvbGUiOiJhZG1pbiJ9'

Raw HMAC Signature (bytes): b'\xc6$\x08#\x11\xbd\xdc\x8a\x07\xe5\xf1.?\xd0m\x15\xea\xaf%1\x88\xf7\xe5\xcaruf\xd2j\xc9\xb1W'
Base64 Encoded Signature: b'xiQIIxG93IoH5fEuP9BtFeqvJTGI9-XKcnVm0mrJsVc'

Final JWT Token:
 eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoxMjMsInJvbGUiOiJhZG1pbiJ9.xiQIIxG93IoH5fEuP9BtFeqvJTGI9-XKcnVm0mrJsVc


Below code Does below points  

1. Extracts the JWT

2. Splits it into header, payload, and signature

3. Recalculates the signature using the secret key

4. Compares the recalculated signature to the one in the token

5. If it matches → request is trusted ✅

6. If it doesn’t → reject it as tampered or expired ❌

![image.png](attachment:image.png)

In [13]:
# This script verifies the above JWT (JSON Web Token) using HMAC-SHA256 signing.
import base64
import hmac
import hashlib
import json

# ========== CONFIG ==========
secret_key = b"my_super_secret_key"
token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoxMjMsInJvbGUiOiJhZG1pbiJ9.xiQIIxG93IoH5fEuP9BtFeqvJTGI9-XKcnVm0mrJsVc"  # the full JWT from the request
# ============================

# 1. Split the token into its parts
try:
    encoded_header, encoded_payload, encoded_signature = token.split('.')
except ValueError:
    raise Exception("Invalid token format")

# 2. Recreate the message
message = f"{encoded_header}.{encoded_payload}".encode()

# 3. Recompute the signature
def base64url_decode(data):
    # Pad the string to make sure it's a multiple of 4
    padding = '=' * (4 - len(data) % 4) if len(data) % 4 != 0 else ''
    return base64.urlsafe_b64decode(data + padding)

def base64url_encode(data):
    return base64.urlsafe_b64encode(data).rstrip(b'=')

# Create HMAC SHA256 hash
computed_signature = hmac.new(secret_key, message, hashlib.sha256).digest()
encoded_computed_signature = base64url_encode(computed_signature).decode()

# 4. Compare signatures
if encoded_computed_signature == encoded_signature:
    print("✅ Token is valid")
    # Optional: decode payload and use user info
    decoded_payload = base64url_decode(encoded_payload).decode()
    print("Payload:", json.loads(decoded_payload))
else:
    print("❌ Invalid token — signature mismatch")


✅ Token is valid
Payload: {'user_id': 123, 'role': 'admin'}


# Why we need signature within the token  

![image.png](attachment:image.png)

# The secret (password) in the signature resides in the API servers, nobody has access to it (client or front end or user)  

The payload is where the user's role lives, and the signature ensures the payload hasn't been tampered with. It's generated using a secret key (for HMAC) or a private key (for RSA).    

The secret (or private key) used to sign the token is only known to the server.  

JWTs are typically signed, not encrypted.  

You can read the payload (it's just base64 encoded), but you can’t tamper with it without breaking the signature.  

