JWT consists of three parts: header, payload and signature. The header contains metadata about the token, such as the encryption algorithm used and the token type; Payload contains payload data, that is, the information actually transmitted; Signature is the part that encrypts the header and payload to verify their integrity and authenticity.
Token is a kind of certificate used for authentication and authorization, which is usually generated by the server after the user logs in and sent to the client. The client sends this token back to the server in a later request to prove its identity and obtain authorization.
Generally speaking, JWT is mainly used for securely transmitting information between network applications, while tokens are mainly used for authentication and authorization.
Data processing of token
In fact, Token can be called a password. Before transmitting some data, it is necessary to check the password and authorize different passwords for different data operations. For example, four types of data packets are defined in USB 1. 1 protocol: token packet, data packet, handshake packet and special packet.
The continuous data exchange between host and USB device can be divided into three stages. In the first stage, the host sends a token packet, and different token packets have different contents (different passwords), which can tell the device to do different jobs. In the second stage, the data packet is sent, and in the third stage, the device returns the handshake data packet.