
English: 
In our example,
we have a Client and a Server.
The Client wants to access some
protected data on our Server, but
the Server knows Clients
cannot be trusted.
The Server only wants to give
the data to a trustworthy Client.
So our Client sends a request to our
Server along with data to verify
who it is.
In our example, this user data was
accepted as valid by the Server.
Now instead of saving this user data,
the Server instead creates a token.
This token is returned to the Client and
it's up to the Client to store this data
and send it along as required for
any requests to the Server.
The next time our Client makes a request
along a secure route, it does just that.
It sends along the job token.
But our Server knows
not to trust the Client
because Clients cannot be trusted.
So our Server verifies this token
is who it says it's from and
that it hasn't been tampered with.
If everything checks out like it does
in our example, the Server sends back

English: 
In our example,
we have a Client and a Server.
The Client wants to access some
protected data on our Server, but
the Server knows Clients
cannot be trusted.
The Server only wants to give
the data to a trustworthy Client.
So our Client sends a request to our
Server along with data to verify
who it is.
In our example, this user data was
accepted as valid by the Server.
Now instead of saving this user data,
the Server instead creates a token.
This token is returned to the Client and
it's up to the Client to store this data
and send it along as required for
any requests to the Server.
The next time our Client makes a request
along a secure route, it does just that.
It sends along the job token.
But our Server knows
not to trust the Client
because Clients cannot be trusted.
So our Server verifies this token
is who it says it's from and
that it hasn't been tampered with.
If everything checks out like it does
in our example, the Server sends back

Portuguese: 
No exemplo,
temos um cliente e um servidor.
O cliente quer acessar dados
protegidos do servidor,
mas o servidor sabe
que não deve confiar nos clientes.
O servidor só fornecerá os dados
para um cliente confiável.
O cliente envia a solicitação
para o servidor
com os dados de verificação.
No exemplo, os dados do usuário
foram validados pelo servidor.
Em vez de salvar
os dados do usuário,
o servidor criará um token,
que será retornado
ao cliente.
O cliente deverá armazenar os dados
e enviar a solicitação do servidor.
Na próxima solicitação do cliente,
na rota de segurança,
ele faz só isto,
envia o token JWT.
Mas o servidor
não confia no cliente,
porque não devemos
confiar nos clientes.
Então o servidor verificará
a autenticidade do token,
se ele não foi adulterado.
Se tudo estiver correto,
como no nosso exemplo,
o servidor responderá
com os dados solicitados,

English: 
a response with the requested data and
everybody lives happily ever after.
And that's a brief overview
of how JSON Web Token work.

English: 
a response with the requested data and
everybody lives happily ever after.
And that's a brief overview
of how JSON Web Token work.

Portuguese: 
e todos viverão
felizes para sempre.
Essa é uma breve visão
do trabalho dos JSON Web Tokens.
