Token is a token mechanism for authentication and authorization, and is widely used in network communication. It is a string that represents the user's identity or permissions, used to verify the user's access rights in the system.
In terms of authentication, tokens are usually used to replace traditional session-based authentication mechanisms, such as using Cookie+Session. The advantage of using a token for authentication is that the server does not need to save the user's session information in memory, because the token itself contains all the information required for authentication. This makes Tokens very suitable in distributed systems or stateless API interfaces. Tokens are usually generated by the server and are distributed to the client when the user logs in or authenticates. The client stores the token and sends the token as a credential for identity authentication to the server in subsequent requests. After the server receives the token, it can verify the user's identity and permissions by verifying the validity of the token. Common token types include JWT (JSON Web Token), OAuth 2.0 access token, Bearer Token, etc.
On the front end, use the browser-provided Web Storage (such as LocalStorage or SessionStorage) or use HTTP cookies to store the token.
Using LocalStorage:
//Storage Tokens to LocalStorage('token', 'your_token_value');
// Read Token from LocalStorageconst token = ('token');Using SessionStorage:
//Storage Token to SessionStorage('token', 'your_token_value');
// Read Token from SessionStorageconst token = ('token');Using HTTP Cookies:
//Storage Tokens to Cookies = 'token=your_token_value; expires=...; path=/';
// Read Token from Cookieconst cookies = (';');
let token = null;
(cookie => {
const [name, value] = ().split('=');
if (name === 'token') {
token = value;
}
});
When performing token verification in front-end, add in the request headerAuthorizationfield and pass the token value as its value to the backend. In the backend code, use@RequestHeader("Authorization") String tokenTo obtain the token value in the request header for verification and processing.
In Spring Boot backend, use@RequestHeaderAnnotation to receive the token value passed by the front end.
Example:
import ;
import ;
import ;
@RestController
public class YourController {
@GetMapping("/your-endpoint")
public String yourEndpoint(@RequestHeader("Authorization") String token) {
// deal with return "Success";
}
}
use@RequestHeader("Authorization")Annotation binds the token value passed by the front end totokenon parameters. Then, it can be used in the method bodytokenVerify and process.
Summarize
This is the article about the front-end storage token back-end acquisition of tokens. For more related front-end storage token content, please search for my previous articles or continue browsing the related articles below. I hope everyone will support me in the future!