Open AccessSecurity Implications for Json web Token Used in MERN Stack for Developing E Commerce Web Application
Author(s) -
Pooja Mahindrakar,
Uma Pujeri
Publication year - 2020
Publication title -
international journal of engineering and advanced technology
Language(s) - English
Resource type - Journals
ISSN - 2249-8958
DOI - 10.35940/ijeat.a1663.1010120
Subject(s) - json , computer science , security token , web service , world wide web , key (lock) , stateless protocol , database , transport layer security , computer security , computer network , the internet , network packet
In almost every organization where user sensitive data is available, security and privacy of the data plays a vital role. As storage of these information is overhead in database, Tokens are generated which handles sessions and also self contains user details. One of such widely used stateless token is Json Web Token. This paper deals with the research that follows implementation of authentication and authorization technique using JSON web token which will make web service a role based one .In the project under taken, Json web token is generated in a more secured way by choosing the secret key for web token wisely. Usually key for the token was a mere string or the set of keys stored in a key ring in the database and used alternately for the users to create the token. Or one more trial model is created where captcha was used in short a random number was generated and used as secret key for token generation but the main issue was increased storage. Thus storage is tried to reduce also less predictive secret key is generated in this project.