Backend Development
Python Tutorial
Introduction to JWT principles and simple applications (with code)
Introduction to JWT principles and simple applications (with code)
This article brings you an introduction to JWT principles and simple applications (with code). It has certain reference value. Friends in need can refer to it. I hope it will be helpful to you.
JWT authentication login
Recently I am working on an audit system. JWT login authentication is used for background login. Here I will mainly make a summary
What is JWT
Json web token (JWT), according to the official website's definition, is a JSON-based open standard implemented to transfer claims between network application environments. The token is designed to be compact and secure, especially suitable for distributed sites Single sign-on scenario. JWT claims are generally used to transfer authenticated user identity information between identity providers and service providers in order to obtain resources from the resource server. Some additional claim information necessary for other business logic can also be added. The token is also It can be used directly for authentication or encrypted.
Why use JWT
This is mainly compared with the traditional session. The traditional session needs to save some login information on the server side, usually in memory, and the back-end server is a cluster, etc. In a distributed situation, other hosts do not save this information, so they need to be verified through a fixed host. If the number of users is large, it is easy to form a bottleneck at the authentication point, making the application difficult to expand.
JWT Principle
JWT consists of three parts, separated by dots. It looks like this. The JWT token itself has no spaces, line breaks, etc. The following is processed for the sake of appearance
1 2 3 |
|
1. Header
Header part is a json, describing the metadata of JWT, usually as follows
1 2 3 4 |
|
alg indicates the algorithm used for signature, the default is HMAC SHA256, written as HS256, tye represents the type of this token, JWT token uses JWT uniformly, the token generated by the above header is
1 |
|
2. Payload
Officially stipulates 7 fields, explained as follows
- iss: The issuer can fill in the ID to generate this token, etc. Optional parameter
- sub: The customer for which the JWT is oriented, can store the user account_id, etc., optional
- aud: The receiver of the JWTtoken can fill in the interface URL that generates this token, but it is not mandatory, optional
- exp: expiration time, timestamp, Integer, optional parameters
- iat: the time when the token was generated, unix time, timestamp, optional parameters
- nbf (Not Before): indicates that the token is not available before this time, verification It means not passing, optional
- jti: JWT ID, mainly used to generate one-time token, optional parameters
In addition to the official, we can also define some custom Define fields, but consider that BASE64 is reversible, so do not put sensitive information
The following is an example;
1 2 3 4 5 6 7 8 9 10 11 12 13 |
|
The above Payload, after BASE64 encryption, the generated token is
1 |
|
3.Signature(Signature)
Signature is the encryption of the two tokens generated in the previous two parts. The encryption method used is specified in the Header. Here it is HS256. At this time, a secret key is required. , cannot be leaked, the general process is as follows:
1 2 3 4 |
|
Use of JWT
JWT token is generally placed in the request header, of course it can also be placed in the cookie, but it cannot be placed in the cookie across Domain, for example:
1 |
|
Simple generation and verification of JWT in Python
jwt library
Generate token
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
|
Verify token
1 2 3 4 5 6 7 8 9 |
|
It should be noted that if the aud parameter is added when generating, the audience parameter must also be used during verification, and the values must be the same
This article has ended here. For more other exciting content, you can pay attention to the python video tutorial column on the PHP Chinese website!
The above is the detailed content of Introduction to JWT principles and simple applications (with code). For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1376
52
What is the reason why PS keeps showing loading?
Apr 06, 2025 pm 06:39 PM
PS "Loading" problems are caused by resource access or processing problems: hard disk reading speed is slow or bad: Use CrystalDiskInfo to check the hard disk health and replace the problematic hard disk. Insufficient memory: Upgrade memory to meet PS's needs for high-resolution images and complex layer processing. Graphics card drivers are outdated or corrupted: Update the drivers to optimize communication between the PS and the graphics card. File paths are too long or file names have special characters: use short paths and avoid special characters. PS's own problem: Reinstall or repair the PS installer.
How to solve the problem of loading when PS is started?
Apr 06, 2025 pm 06:36 PM
A PS stuck on "Loading" when booting can be caused by various reasons: Disable corrupt or conflicting plugins. Delete or rename a corrupted configuration file. Close unnecessary programs or upgrade memory to avoid insufficient memory. Upgrade to a solid-state drive to speed up hard drive reading. Reinstalling PS to repair corrupt system files or installation package issues. View error information during the startup process of error log analysis.
How to solve the problem of loading when the PS opens the file?
Apr 06, 2025 pm 06:33 PM
"Loading" stuttering occurs when opening a file on PS. The reasons may include: too large or corrupted file, insufficient memory, slow hard disk speed, graphics card driver problems, PS version or plug-in conflicts. The solutions are: check file size and integrity, increase memory, upgrade hard disk, update graphics card driver, uninstall or disable suspicious plug-ins, and reinstall PS. This problem can be effectively solved by gradually checking and making good use of PS performance settings and developing good file management habits.
How to use mysql after installation
Apr 08, 2025 am 11:48 AM
The article introduces the operation of MySQL database. First, you need to install a MySQL client, such as MySQLWorkbench or command line client. 1. Use the mysql-uroot-p command to connect to the server and log in with the root account password; 2. Use CREATEDATABASE to create a database, and USE select a database; 3. Use CREATETABLE to create a table, define fields and data types; 4. Use INSERTINTO to insert data, query data, update data by UPDATE, and delete data by DELETE. Only by mastering these steps, learning to deal with common problems and optimizing database performance can you use MySQL efficiently.
How does PS feathering control the softness of the transition?
Apr 06, 2025 pm 07:33 PM
The key to feather control is to understand its gradual nature. PS itself does not provide the option to directly control the gradient curve, but you can flexibly adjust the radius and gradient softness by multiple feathering, matching masks, and fine selections to achieve a natural transition effect.
Do mysql need to pay
Apr 08, 2025 pm 05:36 PM
MySQL has a free community version and a paid enterprise version. The community version can be used and modified for free, but the support is limited and is suitable for applications with low stability requirements and strong technical capabilities. The Enterprise Edition provides comprehensive commercial support for applications that require a stable, reliable, high-performance database and willing to pay for support. Factors considered when choosing a version include application criticality, budgeting, and technical skills. There is no perfect option, only the most suitable option, and you need to choose carefully according to the specific situation.
How to optimize database performance after mysql installation
Apr 08, 2025 am 11:36 AM
MySQL performance optimization needs to start from three aspects: installation configuration, indexing and query optimization, monitoring and tuning. 1. After installation, you need to adjust the my.cnf file according to the server configuration, such as the innodb_buffer_pool_size parameter, and close query_cache_size; 2. Create a suitable index to avoid excessive indexes, and optimize query statements, such as using the EXPLAIN command to analyze the execution plan; 3. Use MySQL's own monitoring tool (SHOWPROCESSLIST, SHOWSTATUS) to monitor the database health, and regularly back up and organize the database. Only by continuously optimizing these steps can the performance of MySQL database be improved.
What should I do if the PS card is in the loading interface?
Apr 06, 2025 pm 06:54 PM
The loading interface of PS card may be caused by the software itself (file corruption or plug-in conflict), system environment (due driver or system files corruption), or hardware (hard disk corruption or memory stick failure). First check whether the computer resources are sufficient, close the background program and release memory and CPU resources. Fix PS installation or check for compatibility issues for plug-ins. Update or fallback to the PS version. Check the graphics card driver and update it, and run the system file check. If you troubleshoot the above problems, you can try hard disk detection and memory testing.
