Reputation: 90
Implementation JWT on Application (Understanding concept of JWT)
I just learn JWT on PHP. I'm a litle bit understand how JWT work on single page. When I implementating on multiple page (page to another page).
Is my implementation true if every user move to another page we have to fill HTTP_AUTHORIZATION with token (bearer code) and in the same time we generate new token ?
Thanks in advance
Upvotes: 0
Views: 72
Answers (1)
Reputation: 286
Conceptually, JWT is a bearer token issued to user after successful login using their username and password.
Normally for mobile app we set long expiry for a JWT token, while for a web app, we use the JWT refresh mechanism to avoid invalid API abuse by invalidating the old token and refresh with a new set of token without login again. Once the JWT token is expired, then will need to kick the user out.
For a mobile app, JWT can be saved in SharedPreference and use the same key for all API calls. Set it as an environment instead of page based, so that you no need to set it again every time in every page.
Have a read on this https://tech.justeattakeaway.com/2019/12/04/lessons-learned-from-handling-jwt-on-mobile/
Upvotes: 1
Related Questions
- How to generate JWT in PHP
- How to create a valid JWT in PHP using RSA256
- JWT authentication concept
- JWT Authentication / Laravel
- Confusion regarding JWT authorisation
- Call PHP API with JWT authentication
- JWT confusing. How does the application server authenticate?
- PHP authentication with JWT
- Best way to implement JWT?
- PHP: JWT based authentication