Local or session storage in the browser might feel like the right place to store a JWT when authenticating your client-side app against a backend API. Maybe it feels like the right place because I told you to do that. But its not right! Its wrong and its insecure. Instead,…
JSON Web Tokens, or JWTs, allow us to authenticate requests between the client and the server by encrypting authentication information into a secure, compact JSON object that is digitally signed. In this post, we'll use the Joken library to implement JWT auth in a Phoenix app. We'll focus on JWTs…
Since I clearly cannot get enough of JWT authentication, here's a look at how to use it to authenticate your shiny new Phoenix API with a React + Redux front-end application, using React Router 4. In this post, we'll cover: Using React Router 4 to set up both regular and authenticated…
In an earlier post, we took a look at JWT authentication in Rails, and implemented a JWT authentication system using the Knock gem. Here, we'll drop down a level and re-build our JWT authentication system from scratch, without the help of the Knock gem. You can check out the code…
This is a two-part post on building a JWT authentication system in a Rails API + Ember front-end application. Part I will discuss implementing JWT auth from Rails, and Part II will illustrate one approach to implementing JWT auth in Ember, by customizing the Ember Simple Auth add-on You can see…