How JWT token works internally?

In this article we are going to see how JWT token flow works end to end internally. You can refer this link on what is JWT and its advantages and disadvantages.

Steps involved in JWT end to end control flow:

1. User sends a login request with username and password
2. Server receives login request
3. Server retrieve existing user details from database
4. Server verifies user provided username, password with user details from the database
5. if username password is valid, server will generate JWT token with secret key
6. Server append JWT token in the login response
7. For all subsequent requests from user will have to send JWT token in the request header Authorization
8. If JWT token available in the headers, token will be decrypted with the help of secret
9. After successfully decryption will provide user details and expiry date
10. if expiry date is valid, check for use details. if user details are also valid process the request.

Json Web Token end to end control flow