Getting started with JWTs
The real world is constantly changing, and programs need to be adaptable to handle different situations. The elements of programs are also evaluated. The technique you used 10 years ago may not be valid nowadays.
Years ago, we used to use session-based authorization, which was simple, popular, easy to grasp, and easy to adapt. It is still a topic for discussion but we mostly prefer to use different types of authentication techniques that are more secure. Before switching to JWT, it is helpful to talk about session-based authentication.
In this type of authentication, you enter your username and password. The server checks whether your credentials are valid. If valid, the server creates a session with a unique identifier (session ID). This session ID might be stored in a cookie on your browser. With each request to the website during that session, your browser sends the session ID back to the server. The server checks the session ID and grants access...
