JWT – ソフトウェアエンジニアの技術ブログ：Software engineer tech blog

JWT:https://jwt.io/

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpXVCBtYWRlIGVhc3kiLCJhZG1pbiI6dHJ1ZX0.RhS5_R99IA0u_UffKr8xDh05Ob9Lb-kOBlmOWlspcc0

Header
{
“alg”: “HS256”,
“typ”: “JWT”
}

Payload
{
“sub”: “1234567890”,
“name”: “JWT made easy”,
“admin”: true
}

verify signature
HMACSHA256(
base64UrlEncode(header) + “.” +
base64UrlEncode(payload),
secret
)

How does JWT work
Client -> Server
$curl -u user http://127.0.0.1/login
$curl -H “Authorization: Bearer ” http:/127.0.0.1/secure