https://kotlinlang.org
Join Slack
I don't understand how <https://ktor.io/docs/jwt.html> works: the given code (if I understand it cor...
# ktor
c
I don't understand how https://ktor.io/docs/jwt.html works: the given code (if I understand it correctly) checks that the client has a valid token (ie. signed by the server), but there is nothing on how to send a token to the client. How can the client have a valid token if the server doesn't provide any way to generate it?
s
You need to generate it using a hashing algorithm. When the user logs in validate the hashed version of the password to the one you have stored in the DB. If its a match then return it to the client in the response body of the login request.
c
Do you know if there is an example/open source code that does this? I don't really understand how it would look like
s
Copy code
fun hash(password: String): String {
    val hmac = Mac.getInstance(HMACSHA1)
    hmac.init(hmacKey)
    return hex(hmac.doFinal(password.toByteArray(Charsets.UTF_8)))
}
8 Views
Open in Slack
PreviousNext
Powered by

kotlinlang

A modern programming language that makes developers happier.

Powered by