W02 | Notion

Preparation

Cookie: responses browser get from server. can be weak
Session: Based with Cookie. But session only saved in server. can be strong but can not be handled.

JWT

npm i jsonwebtoken -S

encode

const jwt = require("jsonwebtoken")

const secrey_key = 'gardenisthebest'
const token = jwt.sign({test: true}, secrey_key);

console.log(token);  // eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0ZXN0Ijp0cnVlLCJpYXQiOjE2MjUxODczMTN9.sJrF91bwBcVh8SwurEEpduFgXZRzTtX6jX3GNDIdZPk

verify

const jwt = require("jsonwebtoken")

const secrey_key = 'gardenisthebest'
const token = jwt.sign({test: true}, secrey_key);

console.log(token); // eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0ZXN0Ijp0cnVlLCJpYXQiOjE2MjUxODczMTN9.sJrF91bwBcVh8SwurEEpduFgXZRzTtX6jX3GNDIdZPk

const decoded = jwt.verify(token, secrey_key);

console.log(decoded);  // { test: true, iat: 1625187313 }

If secret key or token is wrong, it throws error.

decode

const jwt = require("jsonwebtoken")

const secrey_key = 'gardenisthebest'
const token = jwt.sign({test: true}, secrey_key);

console.log(token);

const decoded = jwt.decode(token); // make decode

console.log(decoded); // { test: true, iat: 1625187313 }