Local or session storage in the browser might feel like the right place to store a JWT [https://jwt.io/] when authenticating your client-side app against a backend API. Maybe it feels like the right place because I told you to do that. But its not right! Its wrong and…
JSON Web Tokens [https://jwt.io/introduction/], or JWTs, allow us to authenticate requests between the client and the server by encrypting authentication information into a secure, compact JSON object that is digitally signed. In this post, we'll use the Joken [https://github.com/bryanjos/joken] library to implement JWT…
Since I clearly cannot get enough of JWT [https://www.thegreatcodeadventure.com/jwt-auth-in-rails-from-scratch/] authentication [https://www.thegreatcodeadventure.com/jwt-authentication-with-react-redux/], here's a look at how to use it to authenticate your shiny new Phoenix API with a React + Redux front-end application, using React Router 4. In this post, we'll cover: * Using…
In an earlier post [https://www.thegreatcodeadventure.com/jwt-authentication-with-rails-ember-part-i-rails-knock/], we took a look at JWT authentication in Rails, and implemented a JWT authentication system using the Knock gem. Here, we'll drop down a level and re-build our JWT authentication system from scratch, without the help of the Knock gem. You…
This is a two-part post on building a JWT authentication system in a Rails API + Ember front-end application. Part I will discuss implementing JWT auth from Rails, and Part II [https://www.thegreatcodeadventure.com/jwt-authentication-with-rails-ember-part-ii-custom-ember-simple-auth/] will illustrate one approach to implementing JWT auth in Ember, by customizing the Ember Simple…