# Authorization by token's [![GitHub Release](https://img.shields.io/github/release/valentineus/moodle-auth_token.svg)](https://github.com/valentineus/moodle-auth_token/releases) [![Build Status](https://travis-ci.org/valentineus/moodle-auth_token.svg?branch=master)](https://travis-ci.org/valentineus/moodle-auth_token) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/20fe9989b8a04887a53c67d8b87e33d1)](https://www.codacy.com/app/valentineus/moodle-auth_token) [![Gitter Badge](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/moodle-tool_managertokens/auth_token) Token-based authentication (also known as [JSON Web Token authentication](https://jwt.io/)) is a new way of handling authentication of users in applications. It is an alternative to [session-based authentication](https://security.stackexchange.com/questions/81756/). The most notable difference between the session-based and token-based authentication is that former relies heavily on the server. A record is created for each logged-in user. Token-based authentication is stateless - it does not store anything on the server but creates a unique encoded token that gets checked every time a request is made. Unlike session-based authentication, a token approach would not associate a user with login information but with a unique token that is used to carry client-host transactions. Many applications, including Facebook, Google, and GitHub, use the token-based approach. ## Requirements * **PHP**: 5.6.32+; * **Moodle**: 3.2+; * **Plug-ins**: * [tool_managertokens](https://github.com/valentineus/moodle-tool_managertokens); ## Documentation * [Install the plugin](docs/getting-started.md#installation); * [User's Manual](docs/getting-started.md#users-manual); * [Bug Tracker](https://github.com/valentineus/moodle-auth_token/issues); * [Contributing](CONTRIBUTING.md); ## License GNU Banner [GNU GPLv3](LICENSE.txt). Copyright (c) [Valentin Popov](mailto:info@valentineus.link).