Top Tweets for #JSONwebtoken
Just a surface knowledge about, JWT. Its just a encoding not a encryption.
#JsonWebToken
#JWT
=> What is JWT??
JWT (JSON Web Token) is a compact, URL-safe token format used for authentication and authorization.
--Structure:
header.payload.signature
It is:
1.) Stateless
2.)Digitally signed
3.)Base64URL encoded
-> JWT Has 3 Parts
🔹 Header (Metadata)
{
"alg": "HS256",
"typ": "JWT"
}
It explain about the algorithm used for encoding.
🔹 Payload (Claims)
{
"userId": "123",
"role": "admin",
"iat": 1700000000,
"exp": 1700003600
}
It contains the data we have given to encoded as payload.
->Payload is NOT encrypted. Its encoded , anyone can decode it.
🔹 Signature (Security Layer)
->Actually , this is the main part, which verify that data has not been tampered with.
For HS256:
Signature = HMACSHA256(
Base64Url(header) + "." + Base64Url(payload),
SECRET
)
=>>Anyone can decode a JWT payload because it is only Base64URL encoded — not encrypted. The data inside is readable by design.
But readable does not mean editable.
No one can tamper with the token — for example, changing a user’s role from "user" to "admin" — unless they have the JWT secret key.
If even a single character in the payload is modified, the token becomes invalid and the server will reject it during verification.
That’s the role of the JWT secret key:
It ensures integrity and prevents unauthorized modification.
JWT payloads are transparent.
But without the secret, they are not forgeable.
=>>Encoding vs Encryption
JWT uses Base64URL encoding, not encryption.
Encoding = reversible formatting
Encryption = secret-based protection
Anyone can decode:
Base64Url^{-1}(payload)
But only someone with the secret can generate a valid signature.
=>> Authentication Flow
User logs in
Server validates credentials
Server generates token:
jwt.sign({ userId, role }, SECRET, { expiresIn: "1h" })
Client sends token in header:
Authorization: Bearer <token>
Server verifies
jwt.verify(token, SECRET)
If valid → access granted.
=>> Authentication ≠ Authorization
Verification checks:
Signature valid?
Token expired?
Authorization checks:
Is role = admin?
Does user have permission?
You must do both.
=>> Why JWT Is Called Stateless
Server does NOT store session.
All required identity info is inside token.
That means:
No session DB lookup
Horizontally scalable
Works well in microservices
==> That's all.
🔰☕
#Day45
Of Code! 🚀
Today, I learned about JWT how it works, created access & refresh tokens (expire in 1 day).
Also used bcrypt to secure passwords during user creation & updates.
#ReactJS #JWT #100DaysOfCode #buildinpublic #backend #javascript #bcrypt #jsonwebtoken
🚀 #Day134 of My Web Dev & Blockchain Journey
🎓 Lecture 3: Authentication & Middleware in Leetcode Clone
🔍 Learnings: ✅ Validate Token 🔒 Add Token 🧹 Clear Cookies ⚙️ Create Middleware ⏳ Payload Expire
🔖 #WebSecurity #TokenValidation #BackendDev #JSONWebToken
🚨 New Writeup Alert! 🚨
"Bug Hunting in JS Files: Tricks, Tools, and Real-World POCs" by Abhijeet Kumawat is now live on IW!
Check it out here: https://t.co/3R47CW5Fwh
#bugbounty #vulnerability #jsonwebtoken #json #cybersecurity
JSON Web Tokens attacks 😎
👉💻 Watch now: https://t.co/ahSAn1qgyT
#WebHacking #WAPT #WebPentesting #JWT #JsonWebToken #CyberSecurity #TryHackMe #PenetrationTesting #CyberAdam #EthicalHacking #infosec #bugbounty #bugbountytips #informationsecurity #TamilTech #Webapp #Appsec
JSON Web Tokens (JWT) provide a secure and scalable way to handle authentication in Node.js applications. Coupled with a React frontend, this approach can streamline user authentication.
#letsconnect #buildinpublic #100daysofcoding #jwt #nodejs #reactjs #jsonwebtoken #javascript
📝 ¡En caso que quieras saber más sobre JWT o #JsonWebToken, tenemos una útil infografía gratis!
🎁 Puedes descargarla y compartirla con todos, la encuentras en:
👉🏻https://t.co/AjelFMoSpK
🆓 Y para mas convenientes recursos sin costo, visita nuestra web: https://t.co/xnRrVAVITU
🚀 Building a file upload system with #Multer, #MongoDB, and #jsonwebtoken!
1️⃣ Install Multer: `npm install multer`
2️⃣ Set enctype to `multipart/form-data`
3️⃣ Create a test route
4️⃣ Configure upload folder path
5️⃣ Secure with JWT
6️⃣ Use `crypto` for file naming
#NodeJS #WebDev
I have finished my Week 3 cohort assignments. I worked on:
JWT authentication.
Mongo.
#coding #webdeveloper #webdev #jwt #jsonwebtoken
I completed my jwt assignment (cohort2) and learned how to generate jwt token by 'jwt.sign' , how to token verify and how to decode it.
#cohort #jwt #jsonwebtoken #coding #programming
JWT içinde gizli bilgilerle dolu, dijital maceranın kapılarını aralayan bir anahtardır.🔐
JSON Web Token'ın ne olduğunu anlatan yazımız ile karşınızdayız.💚
#cybersecurity #cyber #sibergüvenlik #computerengineering #bilgisayarmühendisliği #security #web #jsonwebtoken #jwt
Day 96 of learning #nodejs #100DaysOfCode #javascript
🌟 The code uses `#jsonwebtoken` to create a JWT and `#bcrypt` to securely hash and verify passwords in a Node.js environment.
#letsconnect #React #nodejs
What is JSON Web Token and How Does It Help to Keep Secure NodeJS?
https://t.co/V5EjbhXRoG
#jwt #JSONWebToken #nodejs #websitedevelopment #websecurity
A veces las cosas hay que hacerlas aún teniendo miedo... Los sueños se cumplen venciendo esos mismos miedos...
Hoy me lanzo a un nuevo reto profesional, gracias a @Mteheran por esta oportunidad... Nos vemos esta noche con esta charla, aprenderemos un poco sobre #JSONWebToken.
Este martes 3 de octubre estaremos hablando de JWT en .NET con @HamiltonRenMor, no se lo pierdan https://t.co/DJzJcf0Wv0
A starter project for building a REST API in node.js with Typescript, Express Framework and MongoDB.
...
Github: https://t.co/XcWlWHY3nQ
#NodeJS #Express #MongoDB #Jsonwebtoken #Bcryptjs
#CaParleDev
aster_cloud: With the recent launch of the Play Integrity API, more developers are now taking action to protect their games and apps from potentially risky and fraudulent interactions.
In addition to useful signals on the https://t.co/iYt20CKhK7 #jwt #jsonwebtoken #playintegri…
Last Seen Hashtags on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.4M followers
Taylor Swift
@taylorswift13
81.2M followers
Lady Gaga
@ladygaga
72.8M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.5M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.2M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.5M followers