mirror of https://github.com/vapor/docs.git
47 lines
1.3 KiB
Markdown
47 lines
1.3 KiB
Markdown
# JSON Web Token
|
|
|
|
JSON Web Token is a library containing all JSON Web Token related APIs.
|
|
|
|
### What is JWT?
|
|
|
|
JWT is a standard for managing client tokens. Tokens are a form of identification and proof to the server. JWT is cryptographically signed, so it is not possible to falsify the validity of a JWT unless any of the following conditions is met:
|
|
|
|
- A broken algorithm was used (such as MD5)
|
|
- A weak signing key was used and brute-forced
|
|
- The signing key used was leaked out to a third party
|
|
|
|
Please note that any private/secret data **must not** be stored inside a JSON Web Token since they're publically readable. They are **not** encrypted.
|
|
|
|
|
|
## With Vapor
|
|
|
|
This package is included with Vapor by default, just add:
|
|
|
|
```swift
|
|
import JWT
|
|
```
|
|
|
|
## Without Vapor
|
|
|
|
To include it in your package, add the following to your `Package.swift` file.
|
|
|
|
```swift
|
|
// swift-tools-version:4.0
|
|
import PackageDescription
|
|
|
|
let package = Package(
|
|
name: "Project",
|
|
dependencies: [
|
|
...
|
|
.package(url: "https://github.com/vapor/jwt.git", .upToNextMajor(from: "3.0.0")),
|
|
],
|
|
targets: [
|
|
.target(name: "Project", dependencies: ["JWT", ... ])
|
|
]
|
|
)
|
|
```
|
|
|
|
If this is your first time adding a dependency, you should read our introduction to [Package.swift](../getting-started/spm.md).
|
|
|
|
Use `import JWT` to access JSON Web Token's APIs.
|