The Surprising Story About JWT

preview_player
Показать описание


The origins of JSON Web Tokens (JWT) trace back to a proposal by Mike B. Jones, John Bradley, and Nat Sakimura in 2010 under the Internet Engineering Task Force's (IETF) JSON Object Signing and Encryption (JOSE) working group. The goal was to create a secure, standardized token format for streamlined data exchange. By May 2015, JWT was officially standardized as RFC 7519, marking its place as a cornerstone in web security.

⌛ Chapters:
00:00 Prologue
01:09 Chapter 1 - The Origins of JWT
03:39 Chapter 2 - Background
6:03 Chapter 3 - JWTs Aren’t Made for Authorization
8:37 Chapter 4 - Disadvantages of JWT
10:27 Chapter 5 - The Conclusion
  1. CodeSource
  2. jwt
  3. jwt token
  4. jwt authentication
  5. jwt token in node js
Рекомендации по теме
The Surprising Story 0:12:35

The Surprising Story About JWT

Nobel Winner Warns 0:08:32

Nobel Winner Warns James Webb Telescope Just found Something Strange Happening in The Universe...

JWT and NASA, 0:01:01

JWT and NASA, find galaxies out of space time. #nasa #jwt

James Webb Telescope 0:01:00

James Webb Telescope Found a Possible Sign of LIFE

James Webb Space 0:00:09

James Webb Space Telescope reveals 'Pillars of Creation' in stunning new detail #shorts

What Did James 0:52:07

What Did James Webb Really See At The Beginning Of Time?

5 Incredible Things 0:16:10

5 Incredible Things We've Already Discovered thanks to the James Webb Telescope

Webb Falsified Dark 0:06:36

Webb Falsified Dark Matter Prediction – And No One Cares

James Webb Telescope 0:09:32

James Webb Telescope Saw Something Worrying 'It's Not From Our Universe' Nobel Winner...

Brian Cox On 0:10:43

Brian Cox On The Most Terrifying Places In Our Solar System | BBC Earth Science

Michio Kaku Breaks 0:24:59

Michio Kaku Breaks in Tears 'Google Quantum Chip Just Shut Down After It Revealed This'

What Maldives Luxury 0:15:31

What Maldives Luxury Resorts Don't Want You to Know

Here is Everything 3:01:58

Here is Everything We Don't Know (Extended)

James Webb Telescope 0:29:06

James Webb Telescope Just Observed City Lights 7 Trillions Miles Away!

JWST|Scientists Had A 0:00:49

JWST|Scientists Had A Shocking Discovery Of A Wormhole In A Far Away Galaxy Using JWT!! #shorts

Why Scientists Think 1:10:46

Why Scientists Think We Might Live Inside a Black Hole | Space Documentary

NASA: James Webb 0:17:29

NASA: James Webb Telescope Reveals SHOCKING New Image of Pluto's Surface

WTH is a 0:39:45

WTH is a JWT? - JSON Web Tokens with Joel Lord

Incredible Discoveries Of 0:09:49

Incredible Discoveries Of The James Webb Telescope | Universe Explorers | BBC Earth Science

Everything you need 0:11:39

Everything you need to know about JWT | What is JSON Web Token?

JWST Most Stunning 1:14:46

JWST Most Stunning Discoveries

Top 10 Resources 0:06:42

Top 10 Resources For Strategists

Sabhyata Diwali '22 0:03:46

Sabhyata Diwali '22 | #RedefiningCelebration

Her Story - 0:02:43

Her Story - Trailer

Комментарии
Автор

Secure, stateless, and still somehow stressful. Classic JWT. 😅

AmanRawat-sm
Автор

In the world of reaction videos on coding articles 😅, great to see the quality of your videos increasing.

codeninja-dw
Автор

The importance of this video simply cannot be overstated. Well done.

esra_erimez
Автор

Nice video, I can see you put in a lot of effort! :)

However I think it sometimes is a little too expressive. You already have good content, so you dont need to satisfy us with new visuals every second of the video to make it great.

Nice work. 😄 You’ll get more viewers very quickly with this high quality!

CloudiaNgaming
Автор

Great video editting! The cinematic effects are amazing and very enjoyable.

duckboi
Автор

My only problem with JWT is that I find it very complex and hard to understand, and yet a lot of people implement it without knowing how it exactly works, actually, I think that a lot of devs that don't even know what a cookie is don't now what JWT is either, and yet they use it because it is "easy"

They may be easy to use but they are more complex than serverside sessions with cookies, which are a lot more simpler to use, even though they require more work

Karurosagu
Автор

Short living JWT is for service-to-service communication in trusted network. For external systems use sessions which can be revoked in case of misuse. It is an implementation detail if you map your session to short living JWT for apps internal communication on each request.

jozsefsebestyen
Автор

Great quality video! Love to see the effort being put into it

codingwithzak
Автор

Really good video, it's not common to see this days

hebersolano
Автор

No more ads interrupting the flow of the video please

dot
Автор

I don't like that corners of the video are blurred, it worsens readability.

DiegoSanchez-ihsd
Автор

The best practices is hybrid approach
JWT + session 🛡️ for maximum security ❤

godsgiftmonday
Автор

Love the video!
Just a quick question:
In the example at 10:52, doesn’t good separation of concerns solve this problem?
Why does anybody need to manage the algorithms of JWT after its initial implementation?

definitlyarealperson
Автор

JWT is safe unless you use it in wrong way like exposing it in local storage or not encrypting the data that inside the token

brigadut
Автор

all the problems mentioned are just skill issues tbh, am too lazy to write a gigantic comment elaborating solutions to all these "problems" but anyways!

abdirahmann
Автор

TLDV; With Vigilance and Precision, JWTs Remain Not Just a Tool, but a Testament to the Evolving Art of Web Security.

neversleepy
Автор

I don't understand why JWT is blamed for the mentioned reasons?
To me it looks more like a dev's problem of lack of a good understanding of web security.

KallMeMoh
Автор

Your fonts in this video are too blurry.

Автор

Please use a good font, this isn't 1450

k_gold
Автор

That's fake, if you sign the token correctly it can be spoofed ... The token signature will not match and will be declined, every change in the token will change the signature so... Forget this idea

Leandrys_