Skip to main content

Posts

Showing posts from January 8, 2018

REST tutorial : security with JWT token

Greetings! This is the last part of our security tutorial. Complete source code $ git clone https://github.com/slmanju/todoapp.git $ cd todoapp $ git checkout security follow the complete tutorial JWT JSON Web Token is an open standard that defines a compact and self-contained way for securely sharing data between parties using a JSON object. Compact - smaller size Self-contained - payload contains all the required information Typically contains, Header - consists of the type of the token, hashing algorithm being used Payload - contains the claims. Signature A token fields are separated by dots like this, xxx.yyy.zzz https://jwt.io/introduction/ Since we already have added token support in our previes tutorial, we only have to modify it to a JWT token. Sample Header {   "alg": "HS512" } Sample Payload {   "sub": "manjula",   "userId": "1",   "role": "ADMIN",   "