I don't understand how <https://ktor.io/docs/jwt.h...
# ktor
I don't understand how https://ktor.io/docs/jwt.html works: the given code (if I understand it correctly) checks that the client has a valid token (ie. signed by the server), but there is nothing on how to send a token to the client. How can the client have a valid token if the server doesn't provide any way to generate it?
You need to generate it using a hashing algorithm. When the user logs in validate the hashed version of the password to the one you have stored in the DB. If its a match then return it to the client in the response body of the login request.
Do you know if there is an example/open source code that does this? I don't really understand how it would look like
Copy code
fun hash(password: String): String {
    val hmac = Mac.getInstance(HMACSHA1)
    return hex(hmac.doFinal(password.toByteArray(Charsets.UTF_8)))