TL;DR
JWTs are easy to implement wrong. Use RS256 or ES256 (not HS256 with weak secrets), validate all claims, set short expiration times, and implement proper refresh token rotation. These prompts help you avoid the common JWT security pitfalls.
Secure Token Generation
Create secure JWT generation for my authentication system.
Language: TypeScript/JavaScript/Python
Requirements:
- Use RS256 or ES256 algorithm (asymmetric)
- Short expiration time (15 minutes for access token)
- Include required claims: iss, sub, aud, exp, iat, jti
- Minimal payload (don't store sensitive data)
Token payload should include:
- sub: user ID
- iss: your domain
- aud: intended audience
- exp: expiration timestamp
- iat: issued at timestamp
- jti: unique token ID (for revocation)
- role: user role (if needed)
Create:
- generateAccessToken(userId, role)
- generateRefreshToken(userId)
- Key pair generation script
- Key rotation strategy
Secure Token Validation
Implement secure JWT validation that prevents common attacks.
Validation must:
- Explicitly specify allowed algorithms (prevent algorithm confusion)
- Verify signature with correct key
- Check exp claim (reject expired tokens)
- Check iat claim (reject future-dated tokens)
- Verify iss matches expected issuer
- Verify aud matches expected audience
- Check jti against revocation list (if implementing revocation)
Reject tokens that:
- Use 'none' algorithm
- Use unexpected algorithm
- Have missing required claims
- Are expired or not yet valid
- Don't match expected issuer/audience
Return clear error types:
- TokenExpiredError
- InvalidSignatureError
- InvalidClaimsError
Never trust the algorithm from the token header: Always specify which algorithms you accept. Attackers can change the algorithm to 'none' or switch from RS256 to HS256 using your public key as the secret.
Refresh Token Rotation
Implement secure refresh token rotation.
Flow:
- On login, issue access token (15 min) + refresh token (7 days)
- Store refresh token hash in database with user ID
- When access token expires, client sends refresh token
- Validate refresh token, issue new access + new refresh token
- Invalidate old refresh token (rotation)
Security measures:
- Refresh tokens are single-use (rotate on each use)
- Detect token reuse (indicates theft)
- Store refresh token family for revocation
- If reuse detected, invalidate entire family
- Bind refresh token to device/fingerprint
Implement:
- refreshTokens(refreshToken) -> { accessToken, refreshToken }
- revokeRefreshToken(tokenId)
- revokeAllUserTokens(userId)
Token Revocation
Add revocation capability to my JWT system.
Challenge: JWTs are stateless, but we need to revoke them.
Options:
- Short expiration + refresh tokens (recommended)
- Token blacklist in Redis
- Version number in user record
Implement hybrid approach:
- Access tokens: 15 min, no revocation check (short-lived)
- Refresh tokens: stored in DB, can be revoked
- On logout: delete refresh token
- On password change: invalidate all refresh tokens
For immediate revocation needs:
- Store jti in Redis with TTL matching token expiration
- Check blacklist only for sensitive operations
- Background cleanup of expired entries
Pro tip: Consider using a library like jose (JavaScript) or PyJWT (Python) with careful configuration. Don't implement JWT signing/verification yourself.
HS256 or RS256?
RS256 (asymmetric) is generally more secure because the public key can be shared without compromising signing ability. HS256 requires sharing the secret with anyone who needs to verify tokens, increasing risk.
Where should I store JWTs on the client?
Memory is safest (cleared on page refresh). HttpOnly cookies work for web apps. localStorage is convenient but vulnerable to XSS. Never store in sessionStorage or plain cookies.