Security Implications for Json web Token Used in MERN Stack for Developing E-Commerce Web Application
Pooja Mahindrakar1, Uma Pujeri2

1Pooja Mahindrakar*, M.Tech, MIT World Peace University, Pune (Maharashtra), India.
2Dr. Uma R Pujeri, Associate Professor, MIT College of Engineering, Pune (Maharashtra), India.

Manuscript received on September 02, 2020. | Revised Manuscript received on September 15, 2020. | Manuscript published on October 30, 2020. | PP: 39-45 | Volume-10 Issue-1, October 2020. | Retrieval Number: 100.1/ijeat.A16631010120 | DOI: 10.35940/ijeat.A1663.1010120
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)

Abstract: In almost every organization where user sensitive data is available, security and privacy of the data plays a vital role. As storage of these information is overhead in database, Tokens are generated which handles sessions and also self contains user details. One of such widely used stateless token is Json Web Token. This paper deals with the research that follows implementation of authentication and authorization technique using JSON web token which will make web service a role based one .In the project under taken, Json web token is generated in a more secured way by choosing the secret key for web token wisely. Usually key for the token was a mere string or the set of keys stored in a key ring in the database and used alternately for the users to create the token. Or one more trial model is created where captcha was used in short a random number was generated and used as secret key for token generation but the main issue was increased storage. Thus storage is tried to reduce also less predictive secret key is generated in this project. 
Keywords: Token, Authentication, JWT, Security, Privacy, Sessions, Encryption.