Last active
July 7, 2020 07:42
-
-
Save vlad-74/099b60a376849a0cfa2e7ad46a53aabd to your computer and use it in GitHub Desktop.
_ STACKBLITZ #00_STACKBLITZ
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-6-examples |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-6-lazy-loading |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-6-material-start |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-6-preloading-strategy |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-7-loader-interceptor |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-7-webworker |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-9-dragula-drag-drop |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-9-httpclient |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-9-ngtemplateoutlet |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-9-jwt-auth0 | |
import { JwtHelperService } from '@auth0/angular-jwt'; | |
this.decodedToken = this.helper.decodeToken(tkn); | |
this.expirationDate = this.helper.getTokenExpirationDate(tkn); | |
this.isExpired = this.helper.isTokenExpired(tkn); | |
https://jwt.io/ | |
https://codex.so/jwt | |
Header | |
Обычно заголовок состоит из двух полей: типа токена (в данном случае JWT) и алгоритма хэширования подписи: | |
{ | |
"typ": "JWT", | |
"alg": "HS256" | |
} | |
Официальный сайт jwt.io предлагает два алгоритма хэширования: HS256 и RS256. | |
Но на деле можно использовать любой алгоритм с приватным ключом. | |
Payload | |
Payload — это любые данные, которые вы хотите передать в токене. Но стандарт предусматривает несколько зарезервированных полей: | |
iss — (issuer) издатель токена | |
sub — (subject) "тема", назначение токена | |
aud — (audience) аудитория, получатели токена | |
exp — (expire time) срок действия токена | |
iat — (issued at) время создания токена | |
nbf — (not before) срок, до которого токен не действителен | |
jti — (JWT id) идентификатор токена | |
{ | |
"iss": "Codex Team", | |
"sub": "auth", | |
"exp": 1505467756869, | |
"iat": 1505467152069, | |
"user": 1 | |
Сначала header и payload приводятся к формату JSON, а затем переводятся в base64 | |
Затем, две эти строки соединяются через точку и хэшируются указанным в header алгоритмом. | |
Допустим, пользователь использует пароль password | |
Результат работы алгоритма и есть подпись. | |
Теперь осталось только сформировать сам токен, для этого нужно через точку соединить header и payload в base64 и подпись | |
Аутентификация | |
После первого логина, клиенту возвращается сгенерированный сервером JWT. | |
При каждом следующем запросе, клиент должен передавать JWT установленным API способом (например, через заголовок или как параметр запроса). | |
Сервер декодирует header и payload и проверяет зарезервированные поля. | |
Если все в порядке, по указанному в header алгоритму составляется подпись. | |
Если полученная подпись совпадает с переданной, пользователя авторизуют. | |
В языке JavaScript существуют две функции, для кодирования и декодирования данных в/из формат Base64 соответственно: | |
btoa() - Функция btoa() создаёт Base64 кодированную ASCII строку из "строки" бинарных данных. | |
atob() - Функция atob() декодирует Base64-кодированную строку. | |
var obj = {a: 'a', b: 'b'}; | |
var encoded = btoa(JSON.stringify(obj)) | |
var actual = JSON.parse(atob(encoded)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-8-jwt-auth-example |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-7-reg-login-example |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-9-auth-module |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-9-cache-service-with-rxjs |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-9-cache |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-5-validate-dynamic-formarray-formgroup |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-7-reactive-forms-dynamic-validation |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-8-dynamic-field-validation |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-8-dynamic-validation-messages |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-7-navigate-with-query-params |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/angular-7-route-resolve |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://stackblitz.com/edit/routing-angular |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment