Комментарии:
Thank you for your clear explanation
ОтветитьWhat font are you using in the IDE?
ОтветитьHow do you verify a client assertion JWT that has no secret with algorithm ECDSA?
Ответитьwhat the fuck..... i knew it would be a shit video!
ОтветитьIt really depends on the library you're using, for example if your using the PHP Firebase\JWT library to decode a token, then a key is an expected argument as its verifying the signature as well as decoding the payload in the same function.
You should check to make sure your library is verifying, as you may need to call verify manually.
liked ur vid for the last line.
freshers must pay attention on verify and not decode 🙂
thx bro very much, i was having problem of getting the id now bcs of of verify i can confirm if the user valid and get all info that i need
Ответитьyou have two account ??
ОтветитьFinally found an explanation.
ОтветитьI have a question, if I have my Microsoft VerifiedIds on a dot jwt how can I use them to log in into my accounts? I have the 13 words too for decrypt
ОтветитьThanks
ОтветитьConcise, useful explanation. Keep it up!
ОтветитьBrother I have a doubt and I am new to this and cannot find an answer on Google.
I have multiple users in database and I am using thier unique email id and a secret to sign a token for each user.
And I am using this verify method to authorise a request. But any user token is working and I am able to delete any of the users using only any 1 of the tokens, doesn't matter if the token belongs to the user i want to delete or not.
How do I make sure that only the users unique token can be used to delete itself (the user deletes itself).
Hey, that's exactly what I'm looking for. I've a small doubt tho. I actually want to save a few user data in the local storage on the client side but i would like to keep it encrypted. The reason I want to do this is so that when the user opens the site on a new tab, i can check if a token is present in the browser, and if there is a token, i would like to send it to my backend to retrieve the payload and send back the relevant user details back to the client. Do you think using the verify function would be a good way to persist the login in new tabs.
Thanks for the video!! SUBSCRIBED
Nice video, Dillion. Thanks!
What if I want to make sure the token is VALID, that the token wasn't altered. Would Verify be enough?
Thanks for a such crisp explanation!
Ответитьthnx man nice video really what I needed
Ответить