March 2018
Beginner to intermediate
410 pages
10h 40m
English
The login page described earlier only protects our Markdown content, not our dynamic web services. If you know the resource names of the web services, you can still extract all sensor data and control the actuator output, unauthenticated. To avoid this, we need to add an authentication layer on top of our web services. We can do this by using JWT (Java Web Tokens). These tokens are simple strings that are cryptographically signed by a server, and that can be easily transported in any type of machine-to-machine communication where you want to avoid sessions and login forms. The server can then validate the token by checking the signature. By adding the Waher.Security.JWT.UWP NuGet package to our SensorHttp and ...
Read now
Unlock full access