I am trying to generate a JWT token which I will do in my Laravel project like this solution I found: .php

So I have 2 questions I am trying to get wrap my head around:

In my Next.js React project, i would set the JWT in a cookie to remember it. Is that right? And then can pass it with every request to the server to verify the user.

How could I decode it then in Next.js? So that I could get some basic info out of it like a username.

I am trying to generate a JWT token which I will do in my Laravel project like this solution I found: https://github./luciferous/jwt/blob/master/JWT.php

So I have 2 questions I am trying to get wrap my head around:

In my Next.js React project, i would set the JWT in a cookie to remember it. Is that right? And then can pass it with every request to the server to verify the user.

How could I decode it then in Next.js? So that I could get some basic info out of it like a username.

• javascript
• php
• laravel
• reactjs
• next.js

Share Improve this question Follow asked Dec 19, 2017 at 8:45 strangeQuirksstrangeQuirks 6,0101010 gold badges4848 silver badges8686 bronze badges 4

• You encode your JWT using a key, so you would need that key to be able to decode your JWT (This would be done on the server side, as I don't think it would be safe to pass it along to the client). – ZombieTfk Commented Dec 19, 2017 at 8:51
• ah okay, so i should never decode it in my React Application? Then I would just have to always pass the information I need from the laravel api? Would be nice to be able to access some data in the react application by decoding the jwt – strangeQuirks Commented Dec 19, 2017 at 8:54
• It's certainly possible to decode on the client, but it would depend on how much you're willing to trust them. – ZombieTfk Commented Dec 19, 2017 at 8:56
• Try stackoverflow./questions/38552003/… – Nigel Ren Commented Dec 19, 2017 at 8:56

Add a ment  | 

2 Answers 2

Sorted by: Reset to default 3

For JWT Decoding in Javascript you could use Auth0's JWT decode library(https://github./auth0/jwt-decode) which makes it simple to decode(no verification) encoded JWT tokens.

You would just read the JWT token from the set cookie and decode it like this:

var token = 'eyJ0eXAiO.../// jwt token';
var decoded = jwt_decode(token);

You can also use a simple function to decode it which would look like this:

function parseJwt (token) {
    var base64Url = token.split('.')[1];
    var base64 = base64Url.replace('-', '+').replace('_', '/');
    return JSON.parse(window.atob(base64));
};

There is no problem with decoding JWT tokens directly in the React application, just make sure that you always verify the encoded token on the server side so it can't be a modified JWT token by the user.

You can also try this.

Use poser to manage your dependencies and download PHP-JWT:

poser require firebase/php-jwt.

For encoding and Decoding JWT payload in laravel.

//import this file.
use Firebase\JWT\JWT;

//create a payload.


$payload = 
[
            
            "email" => $user->email,

            "username" => $user->username
        ];

//for encoding payload

        $token = JWT::encode($payload, 'secret', 'HS256');

//for decoding $token

        $data = JWT::decode($token, new Key('secret', 'HS256'));