DEV Community

Cover image for USING OF JWT
Thui Sing
Thui Sing

Posted on

USING OF JWT

DEFINITION OF JWT
JWT full form is JSON Web tokens. Which is used for securing between server-side client-side. It is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between server-side and client-side. Tokens are given as a text or a string where our data are saved in an object. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.

GET JWT TOKEN USING FIREBASE
We can get JSON web tokens using firebase. When users are logged in we can use getIdToken to get the JWT token from firebase. After getting the JWT token you can save this token on local storage or you can set that value on a state for use on other components. You can see the code below to get the JWT token from firebase or you read firebase documentation. Click here for firebase doc

Image description

SEND JWT TO BACKEND SERVER USING REACT JS
We already know that how to get a JWT token. Now we will know that how to send that token to the backend server using react. First of we get that token from where we saved it. As we saved that token on local storage then we have to get that token from local storage. After getting that token we send that token on the backend server by using headers object Authorization property in string type. You can add Bearer text in front of your token for understanding to others developers that are token and most of the developers use it. You can see an example of sending data to the backend server.

Image description

USE OF JWT BACKEND SERVER
For using JWT token on the backend server you need to install firebase-admin to your backend server. After installing firebase admin, you need to import firebase-admin and initialize the firebase app. To initial it you need a private key from your firebase project.
To generate a private key file for your service account: In the Firebase console, open Settings > Service Accounts > Click Generate New Private Key, then confirm by clicking Generate Key > Securely store the JSON file containing the key.
Check this to initial firebase app to backend end server

After initialization, you will get that token from Headers authorization. After getting that token from the header token you have to check that token and you have to decode it as an object. After decoding your token, you will get logged on user information as an object. you can verify users using middleware on your backend server. Check below to decode the JWT token.

Image description
after decoded you can get user email easily and you can use this email to authenticate and verify the same user or not.

WHY WE WILL USE JWT TOKEN
We will use JWT for more securing our websites and we can surely ensure that security on user’s authentication and securely share their information. You can easily secure admin routes and users authentication using JWT token because we can use middleware in the backend server where we can see our logged-on users are matched or not where we can ensure that same user or not. If users are not the same or not matched then we will don’t show our private routes or private pieces of information on our websites. We should use the JWT token to our website for securing our websites and securing authentication.

Thanks for spending some times for reading this blog.
pardon me, for if I did any wrong suggestion.
feel free to suggest me, which part should be improved. :)

Top comments (0)