Notes on JWTs - JSON Web Tokens
Date:
2016-06-26
Tags:
notes
I heard that handling web-server sessions may no longer be necessary. As a developer, I'd be delighted not to have manage sessions, especially on scaled systems that require session handling across many instances.
JSON Web Tokens can enable session-less requests. Here are links to review.
- https://www.codeschool.com/blog/2014/02/03/token-based-authentication-rails/
- https://float-middle.com/json-web-tokens-jwt-vs-sessions/
- https://www.sitepoint.com/introduction-to-using-jwt-in-rails/
- https://scotch.io/tutorials/the-anatomy-of-a-json-web-token
- https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/
- https://developer.atlassian.com/static/connect/docs/latest/concepts/understanding-jwt.html
- https://jwt.io/introduction/
- https://tools.ietf.org/html/rfc7519