JWT Token Structure
A JWT token contains a Header, a Payload, and a Signature.
image.png
Header
Header contains the algorithms like RSA or HMACSHA256 and the information of the type of Token.
image.png
Payload
Payload contains the information of rows, i.e., user credentials.
image.png
How Does JWT Work?
Step 1
Client logs in with his/her credentials.
image.png
Step 2
Server generates a Jwt token at server side.
image.png
Step 3
After token generation, the server returns a token in response.
image.png
Step 4
Now, the client sends a copy of the token to validate the token.
image.png
Step 5
The server checks JWT token to see if it's valid or not.
image.png
Step 6
After the token is validated, the server sends a status message to the client.
image.png
[图片上传中...(image.png-4ee818-1642837712343-0)]
image.png
授权流程:
1、用户请求登录,携带用户名密码到授权中心
2、授权中心携带用户名密码,到用户中心查询用户
3、查询如果正确,生成JWT凭证
4、返回JWT给用户
鉴权流程:
1、用户请求某微服务功能,携带JWT
2、微服务将jwt交给授权中心校验
3、授权中心返回校验结果到微服务
4、微服务判断校验结果,成功或失败
5、失败则直接返回401
6、成功则处理业务并返回
网友评论