after the user logs in successfully, the daemon will generate a signed token and return it to the browser. When the user wants to make further operations, the token, backend must be provided to the backend to verify that the token is correct before further operations are allowed. But there is a question that I have always wondered, and I can"t find it on the Internet. Most of it is mentioned at once, that is, how does the token generated by the background be returned to the foreground, cookie or header?? Can header support cross-domain? How does the front end transmit token to the back end, url or header?? Can you be more specific about how to do it? for example, I use php to add token to header: header ("Authorization", $token) Why it doesn"t work, and how to set it up? How does php receive the value of the parameter Authorization?
Thank you!