1 files changed, 34 insertions, 4 deletions
diff --git a/site/content/JWT.md b/site/content/JWT.md
index 91a7a73..f55ab17 100644
--- a/site/content/JWT.md
+++ b/site/content/JWT.md
@@ -4,8 +4,38 @@ description = "JSON Web Token Documentation"
 weight = 5
 +++
-Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod
+> JSON Web Tokens are representations of claims, or authorization proofs that fit into the `Header` of HTTP requests.
-tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At
-vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd
+# How?
-ubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet.
+JWTs are used as the [MAC](https://en.wikipedia.org/wiki/Message_authentication_code) of operations that require authorization:
+- block proposal
+- transaction proposal.
+They are send alongside the JSON request body in the `Header`;
+```html
+Authorization: Bearer aaaaaa.bbbbbb.ccccc
+```
+Gradecoin uses 3 fields for the JWTs;
+```json
+{
+"tha": "Hash of the payload, check invididual references",
+"iat": "Issued At, Unix Time",
+"exp": "Expiration Time, epoch"
+}
+```
+- `tha` is explained in [blocks](@/block_docs.md) and [transactions](@/transaction_docs.md) documentations.
+- `iat` when the JWT was created in [Unix Time](https://en.wikipedia.org/wiki/Unix_time) format
+- `exp` when the JWT will expire & be rejected in [Unix Time](https://en.wikipedia.org/wiki/Unix_time)
+# Algorithm
+We are using [RS256](https://www.rfc-editor.org/rfc/rfc7518.html#section-3.1), `RSASSA-PKCS1-v1_5 using SHA-256`. The JWTs you encode with your private RSA key will be decoded using the public key you have authenticated with. You can see how the process works [here](https://jwt.io/).
+# References
+- [RFC, the ultimate reference](https://tools.ietf.org/html/rfc7519)
+- [JWT Debugger](https://jwt.io/)

diff --git a/site/content/JWT.md b/site/content/JWT.md index 91a7a73..f55ab17 100644 --- a/site/content/JWT.md +++ b/site/content/JWT.md
@@ -4,8 +4,38 @@ description = "JSON Web Token Documentation"
4	weight = 5	4	weight = 5
5	+++	5	+++
6		6
7	Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod	7	> JSON Web Tokens are representations of claims, or authorization proofs that fit into the `Header` of HTTP requests.
8	tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At	8
9	vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd	9	# How?
10	ubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet.	10
		11	JWTs are used as the [MAC](https://en.wikipedia.org/wiki/Message_authentication_code) of operations that require authorization:
		12	- block proposal
		13	- transaction proposal.
		14
		15	They are send alongside the JSON request body in the `Header`;
		16
		17	```html
		18	Authorization: Bearer aaaaaa.bbbbbb.ccccc
		19	```
		20
		21	Gradecoin uses 3 fields for the JWTs;
		22
		23	```json
		24	{
		25	"tha": "Hash of the payload, check invididual references",
		26	"iat": "Issued At, Unix Time",
		27	"exp": "Expiration Time, epoch"
		28	}
		29	```
		30
		31	- `tha` is explained in [blocks](@/block_docs.md) and [transactions](@/transaction_docs.md) documentations.
		32	- `iat` when the JWT was created in [Unix Time](https://en.wikipedia.org/wiki/Unix_time) format
		33	- `exp` when the JWT will expire & be rejected in [Unix Time](https://en.wikipedia.org/wiki/Unix_time)
		34
		35	# Algorithm
		36	We are using [RS256](https://www.rfc-editor.org/rfc/rfc7518.html#section-3.1), `RSASSA-PKCS1-v1_5 using SHA-256`. The JWTs you encode with your private RSA key will be decoded using the public key you have authenticated with. You can see how the process works [here](https://jwt.io/).
		37
		38	# References
		39	- [RFC, the ultimate reference](https://tools.ietf.org/html/rfc7519)
		40	- [JWT Debugger](https://jwt.io/)
11		41