mirror
/
tiangolo.fastapi
mirror of https://github.com/tiangolo/fastapi
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

📝 Apply suggestion from @YuriiMotov 

Co-authored-by: Yurii Motov <[email protected]>
pull/14781/head
Sebastián Ramírez 3 weeks ago
committed by GitHub
parent
793dfff6fc
commit
9cf3f62c8f
No known key found for this signature in database GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      docs/en/docs/tutorial/security/oauth2-jwt.md

2
docs/en/docs/tutorial/security/oauth2-jwt.md
View File

@ -18,7 +18,7 @@ eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4
It is not encrypted, so, anyone could recover the information from the contents. It is not encrypted, so, anyone could recover the information from the contents.
But it's signed. So, when you receive a token that you originally issued, you can verify that it actually came from you and has not been tampered with in-transit. But it's signed. So, when you receive a token that you issued, you can verify that it was you who issued it.
That way, you can create a token with an expiration of, let's say, 1 week. And then when the user comes back the next day with the token, you know that user is still logged in to your system. That way, you can create a token with an expiration of, let's say, 1 week. And then when the user comes back the next day with the token, you know that user is still logged in to your system.

Write Preview
Loading…
Cancel
Save