The Bouncer, The Stateless Web, Cookies(JSON WEB TOKEN)
Once upon a time, there was a person who lived in Los Angeles who really wanted to understand how to become popular and accepted in a city where materialistic things seemed to rule all. We will call this curious person Jason. Jason was tired of being an outcast and always wondered what it felt like to get into a club.
He could never understand why certain people could access inside of these clubs. Jason tried everything. Jason tried to walk in with other people but would get rejected from the bouncer. Jason would try to get the best clothes and the bouncer would reject him. Jason would even bring models yet Jason still couldn’t get in. Jason told the bouncer “I’ve been here before”; the bouncer replied “No, I’m sorry I don’t remember faces of people trying to get in.” I can recall Jason telling me he hacked his way inside but I still have yet to believe him.
WHY CANT HE CANT IN
After sitting outside for three hours, someone drops their pass and Jason picks it up. Jason sees the guy outside because he lost his authenticator. Jason decides to pretend to be the other person. He uses the authenticator and was finally let inside of the club. It was everything he imagined. Later, Jason felt guilty and gave the pass back but Jason learned a life lesson that day. The reason why Jason wasn’t getting into the club was because he didn’t have an authenticator.
We can take these concepts and apply them to JSON Web Tokens and how authenticators work. Jason is the user trying to get access inside of a website but because he doesn’t have any credentials he’s only able to view the club from the outside. The bouncer is the stateless web. The bouncer didn’t actually remember all of these faces, just like how the stateless web does not remember individual passwords. People can’t just walk past the bouncer, just like how the Stateless Web doesn’t remember any information it stores inside of JSON Web Token. The web token is stored inside the browser, so every time it connects to the server it recognizes a pattern and you are able to log back in with your saved credentials.
