Nuxtstop

For all things nuxt.js

How to authentication?

How to authentication?
1 0

If you find that it is hard to get my meaning, email me peterlitszo at gmail.com!

Now there mainly have three ways to get the authentication:

  • Session.
  • Token.
  • JWT.

Session

We get the session like:

  • Alice: Hello, Bob, I am Alice, my password is PaSsWoRd. (by HTTPS rather than HTTP)
  • Bob: OK, let me check check. OK the user named Alice's hash(password) is really HaShEdPaSsWoRd! So you are must the Alice! I give you the session id: UniqueSessionId. hold it next time!
  • Alice: Hello, Bob, I want to have some yellow picture! By UniqueSessionId.
  • Bob: UniqueSeesionId? Yes you do have the permission to see the yellow picture! Give you.

After long time, there are many people!!! Bob cannot remember so many people!! He need put those information into his notebook (It means, Bob need put it in disk's database rather than memory, and he need delete those record that out-dated).

The UniqueSessionId, in my opinion, the best way is using UUID.

Where to put the UniqueSessionId? I think put it in cookie is a good idea. Cookie will be carried when browser request.

Token

We get the token like:

  • Alice: Hello, Bob, I am Alice, my password is PaSsWoRd. (by HTTPS rather than HTTP)
  • Bob: OK, let me check check. OK the user named Alice's hash(password) is really HaShEdPaSsWoRd! So you are must the Alice! I give you the token: {username: 'Alice'}, sign('by Bob'). hold it next time!
  • Alice: Hello, Bob, I want to see some yellow picture! By {username: 'Alice'}, sign('by Bob').
  • Bob: Let me check, check({username: 'Alice'}, 'the word only bob know') === sign('by Bob'). OK you must the Alice. Alice have the permission to see the yellow picture! Give you!

Bob do not need remember those session ID! What a good thing for he! He just need to calculate the function check's value.

JWT

In my opinion, the JWT is token, but with some rule (or protocol) to make sure everyone can deal it, and have scalable power without thinking.