Stack Overflow
Stack Overflow

Questions tagged [json-web-token]

JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties.

JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JavaScript Object Notation (JSON) object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or MACed and/or encrypted.

The suggested pronunciation of JWT is the same as the English word "jot".

Source

243 questions
0
votes
0 answers

Separating token authentication as a separate project

I want to decouple my authorization logic as a separate project. However, it seems that the token generated is not valid for the whole solution. How do I make a nancy token along with its claims valid/verifiable for the whole solution ?
Cemre Mengü
  • 18,062
  • 27
  • 111
  • 169
0
votes
0 answers

Token returned by JWTAuth is not as expected, console.log gives not defined

The token returned my JWTAuth and Laravel is not defined. The localstorage shows satellizer_token: [object Object] AuthController protected function createToken($user) { $customClaims = [ 'sub' => $user->id, 'iat' => time(), …
Stacy J
  • 2,721
  • 15
  • 58
  • 92
0
votes
1 answer

Undefined class JWTAuth

While using JWT with laravel, I am getting a message in my editior - Undefined class JWTAuth even after adding the following lines :- use JWTAuth; use Tymon\JWTAuth\Exceptions\JWTException; I followed this tutorial…
Stacy J
  • 2,721
  • 15
  • 58
  • 92
0
votes
1 answer

jwt token could not be parsed from the request in laravel 5 application

I am working on a token based authorization for my app. I am following - https://www.codetutorial.io/laravel-and-angularjs-token-based-auth-part1/ I've set up a different frontend folder and laravel serves as the backend. The user is able to…
Stacy J
  • 2,721
  • 15
  • 58
  • 92
0
votes
2 answers

Including web token in http requests

I'm using an ajax call to return a json web token on success. There's lots of information from sites like jwt.io that you should then update your http request headers to "Authorization Bearer 'token'" but I have no idea how to do that. I update…
errorline1
  • 350
  • 1
  • 6
  • 18
0
votes
1 answer

Set invalid for json web token when we do not use it any more

I am using JsonWebToken to auth for user. When user login I create a token for user. Then user update their information, I create a new token for user. How can I set invalid for previous token?. Ex: Change expired date to now or something else....
Vo Thanh Thang
  • 330
  • 1
  • 5
  • 16
0
votes
1 answer

Can you sign tokens using express-jwt since it seems to mainly focus on verification of JWT?

I am using an express app and I want to to implement token based authentication I wonder what libraries do I need mainly on both client side and server side? I looked at express-jwt I don't see that library can actually sign the web tokens but I can…
user1870400
  • 6,028
  • 13
  • 54
  • 115
0
votes
1 answer

Dropbox. Storing access tokens in web storage

I am developing SPA with AngularJs that will work with Dropbox API. I need to save dropbox access token in web storage or cookies, but I'm not sure that it is safe. Are there any mechanisms for secure storage of access tokens? Thanks.
Viacheslav Yankov
  • 988
  • 10
  • 19
0
votes
1 answer

Creating a user account based on the info in a GITkit JWT idtoken payload?

What is the best way to uniquely identify a user starting from the data inside the JWT payload? I will not use the email address alone (or a salted hash of it for that matter) as the primary key of the user account, as I'm not certain if doing this…
Daniel F
  • 13,684
  • 11
  • 87
  • 116
0
votes
0 answers

JsonWebToken encode is undefined

I'm creating my first ever login system, using JsonWebTokens, and I've hit an obstacle trying to use the encode function. My error message says: if (this.ended && !this.hasRejectListeners()) throw reason; …
martin
  • 1,894
  • 4
  • 37
  • 69
0
votes
0 answers

Handling JSON Web Token

I have a JWT (JSON Web Token) that contains a user code in the payload. I determine the user code by parsing the payload once the JWT has been verified. The user code needs to be available to multiple different classes and I want to avoid extracting…
strange_developer
  • 1,327
  • 2
  • 12
  • 17
0
votes
1 answer

Using JsonWebToken authorization header to fetch images

I have an api where you need to have a valid json web token to upload an image: For example, I make a post (with the Authorization header to this url) to upload a…
Flukey
  • 6,445
  • 3
  • 46
  • 71
0
votes
2 answers

RESTful Authentication using Ember and Node/Express and json web tokens, how can I verify users' email addresses?

Here's my workflow: Ember action on new user signup is to send Express the user data. Express then creates a web token, encrypts the contents, and puts a link in an email that it sends with Nodemailer. The email is sent successfully. User goes to…
kaustubhb
  • 399
  • 1
  • 5
  • 19
0
votes
2 answers

Are auth tokens supposed to be viewable to the public?

I'm kind of new to firebase security, and web development in general, but I am generating JWT's on the server-side of my Rails app. However, to pass them to firebase, it seems I have to pass the token (which is stored on the users table in the db)…
Steve
  • 181
  • 1
  • 9
0
votes
1 answer

expressJwt: accessing req.user on page that does not require login

I am using expressJwt (https://github.com/auth0/express-jwt) to do my user validation for an angularjs website. I have an interesting situation where I have a URL (/username/somedata) where anyone can access this page. If they are not logged in, or…
codephobia
  • 1,580
  • 2
  • 17
  • 42
1 2 3
16
17