Ref: https://youtu.be/7Q17ubqLfaM
- What is JWT
- Why should you use JWT?
- How JWT wORKS?
Authentication: You take the username & password from the user and authenticate that particular user on your website.
Authorization: Authorization means making sure that the user sents a req to the server is the same user that actually logged in at authentication of the process.
We normally do this using the session.
How session work images above
Why JWT Over Session?
Example 1:
let take an example of an HDFC Bank. you logged in to your net banking on the HDFC portal. now you want to pay your electricity bill for that HDFC redirects you to the different websites of HDFC that may be hosted on different servers.
so here is the key. if you use a session you are only logged in on that particular server, not on a bill pay website. so the user has to log in again on the bill pay website. that's the drawback of a session.
But, if you use JWT here, WE Store JWT token (user information) on the client side.
so we can share that JWT token to the bill pay website so the user doesn't have to go through the login process again because we are sharing the Jwt token.
Let's say the bank s very large & they have a lot of users. so for load balancing, they may use 2 servers or more. so if there SERVER A gets too busy user may be moved to SERVER B.
IN this case, JWT is very important. so the users don't have to login again if the server change due to load.
0 comments:
Post a Comment