JWT principle: JWT principle Configuring JWT (1) Write the JWT configuration node, and create two configuration items SecKey and ExpireSeconds under the node, which represent the key and expiration time of the JWT respectively (I configured it here in appsettings.json, the expiration time unit is seconds, you can adjust it according to your own situation […]
Tag: jwt
Front-end authentication: cookie, session, token, jwt, single sign-on
Front-end authentication: cookie, session, token, jwt, single sign-on 1. Stateless HTTP protocol Stateless means that the protocol has no memory ability for transaction processing. The lack of state means that if the previous information is needed later, it must be retransmitted, which may result in a large amount of data transmitted per connection. The stateless […]
shiro-redis-jwt integration
1. Integrated process logic 2. Integration steps 1. Import the starter package of shiro-redis: There is also the jwt tool package toolkit, and to simplify development, I introduced the hutool toolkit. <!–shiro-redis integration–> <dependency> <groupId>org.crazycake</groupId> <artifactId>shiro-redis-spring-boot-starter</artifactId> <version>3.2.1</version> </dependency> <!–hutool tool class–> <dependency> <groupId>cn.hutool</groupId> <artifactId>hutool-all</artifactId> <version>5.3.3</version> </dependency> <!– jwt –> <dependency> <groupId>io.jsonwebtoken</groupId> <artifactId>jjwt</artifactId> <version>0.9.1</version> </dependency> 2. […]
Cookie, Session, token, JWT, SSO
Start with status “HTTP Stateless” We know that HTTP is stateless. In other words, the HTTP requester and responder cannot maintain state, it is all one-time, and it does not know what happened in the previous and subsequent requests. But in some scenarios, we need to maintain state. The most typical example is that when […]
Using JWT with React Router
In this article, we will explore the seamless integration of JWT authentication with React and React-router. We’ll also learn how to handle public routes, validation-protected routes, and how to leverage the axios library to make API requests with authentication tokens. Create a React project Using the command below will create a project for us npm […]
Remember CVE-2022-39227-Python-JWT vulnerability
Article directory Preface Affected versions Vulnerability analysis Newstar2023 Week5 Summarize Foreword Master Asal1n casually said that there was a CVE like Xiangyun Cup on newstar week 5, so I ran to check it out. It was indeed a CVE vulnerability that I didn’t know about, so I learned python from this question. -The authentication bypass […]
Inherit the Jwt token verification interceptor and generate interface documents through knife4j
sky: jwt: #Set the secret key used when encrypting jwt signatures admin-secret-key: itcast # Set jwt expiration time to 2 hours admin-ttl: 7200000 #Set the token name passed by the front end admin-token-name: token Get configuration class related attributes package com.sky.properties; import lombok.Data; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.stereotype.Component; @Component @ConfigurationProperties(prefix = “sky.jwt”) @Data public class JwtProperties […]
Filter exception handling and JWT renewal issues when Spring Security uses JWT verification
Problem description When security + jwt performs identity authentication and authorization, a jwtfilter is usually added for jwt verification before logging in. Exceptions in the filter will not be captured by global exceptions, causing the return data format to be inconsistent with the unified format. The specific description is: The exceptions thrown when verifying the […]
JWT (Principle + Process + Example)
1. Introduction JSON Web Tokens (JWT), jwt is widely used in user authentication of the system, especially in current front-end and back-end separation projects 1. JWT authentication process What are the differences in authentication between traditional token methods and jwt? Traditional token method After the user successfully logs in, the server generates a random token […]
[Spring Boot integrates JWT]
Spring Boot integrates JWT Introduction 1. Configure JWT related information 2. Write the JWTUtils class 3. Token interception Introduction Using the OAuth2 protocol to implement unified authentication will be very cumbersome and will affect performance. Directly use a Token data to realize the storage of distributed authentication information, which is simple and low-difficulty. The amount […]