Example code related to our blog post: Improving the Security of JSON Web Tokens (JWTs)
- Clone the rpository
- Run
yarn
in terminal - Run
yarn start
in terminal
- Open
http://localhost:3010
- Click on
Get token
button - this will gererate a JWT token - Copy the token
- Paste the token to the textarea and click on
Check token
- Token must be shown
- Open the url from another brower or another IP address
- Use the previously generated token
- Paste the token to the textarea and click on
Check token
- Token will be invalid
- We added an extra security layer to the JWT.
- We verify the visitor IP address and the User-Agent string
- If any of them change, the token is unusable.