Best of Authentication — June 2024

1. 1
   Article

   Community Picks·2y

   JWT vs PASETO: New Era of Token-Based Authentication

   The post offers a detailed comparison between JWT (JSON Web Token) and PASETO (Platform-Agnostic Security Tokens), examining their core functionalities, security features, and potential vulnerabilities. While JWT is popular for its simplicity, PASETO addresses many of its security issues by enforcing safer defaults and mitigating algorithm confusion. The post covers the workflows of both token types, their structures, and key differences in their approach to security, making it a valuable read for developers looking to implement secure token-based authentication.

   360

   4
2. 2
   Video

   Community Picks·2y

   Authentication in React with JWTs, Access & Refresh Tokens (Complete Tutorial)

   This post explains the importance of authentication in a React application and how to handle it using JWTs, access tokens, and refresh tokens. It emphasizes the need for proper authentication to ensure security and prevent data breaches. The post also provides a code example that shows how to implement authentication in a React codebase.

   227

   4
3. 3
   Article

   Community Picks·2y

   Next.js and Next-Auth V5: Guide to Social Logins(OAuth)

   Learn how to set up authentication using OAuth providers like Google and GitHub in Next.js using Next-Auth V5.

   131

   15
4. 4
   Article

   Community Picks·2y

   Authentication history (Basic, Digest, Cookie, Session, Token, JWT, API key)

   This post provides an overview of different authentication methods including Basic, Digest, Cookie, Session, Token, JWT, and API key. It highlights the benefits and drawbacks of each method and suggests combining them to achieve the best authentication solution.

   87

   1
5. 5
   Video

   Community Picks·2y

   Full Stack Flutter, Firebase and Riverpod – Build a YouTube Clone

   Learn how to build a fully functional YouTube clone using Flutter, Firebase, and Riverpod. The tutorial covers various features including Google sign-in authentication, uploading and displaying videos, profile customization, and more. The username validation functionality ensures that unique usernames are used. By the end of the tutorial, you will have a good understanding of Flutter, Firebase, and Riverpod.

   45
6. 6
   Article

   Frontend Focus·2y

   Frontend Focus Issue 648: June 19, 2024

   The CSS Working Group has resolved to add inline `if()` to CSS, marking a significant step forward. An exploration of the 2-page login pattern explains its prevalence and offers better user-friendly alternatives. A guide details how to test websites on Apple’s visionOS. The CSS Anchor Position API's potential for creating flow charts is demonstrated, and there's advice on optimizing commerce site performance and engineering for slow internet connections.

   29

   1
7. 7
   Article

   Reflectoring·2y

   Getting started with Spring Security and JWT

   Spring Security offers robust security features for Java applications, including session management, authentication, and protection against common threats like CSRF. This guide covers the implementation of JWT (JSON Web Token) for secure communication between two parties. JWTs are versatile and can be used for single sign-on, API authentication, stateless sessions, and microservices. It covers the creation, structure, common use cases, and potential drawbacks of JWTs, as well as a step-by-step guide to implement JWT for authentication in a Spring Boot application.

   24
8. 8
   Video

   Jack Herrington·2y

   Radix Themes: Awesome New Components For NextJS

   Radix Themes is an awesome new UI library built on top of Radix. It is compatible with NextJS app router and React server components. The library offers a variety of theme configurable components for building basic apps with great design and accessibility.

   24

   1
9. 9
   Article

   The New Stack·2y

   Top 9 API Security Vulnerabilities: How to Defend Against Them

   API vulnerabilities can lead to data exposure, broken authentication, and authorization issues. Mitigating these risks requires strict output filtering, multi-factor authentication, and enforcing data access permissions.

   23

   1
10. 10
    Article

    Community Picks·2y

    rodz/input-otp

    A library called rodz/input-otp that provides code validation and authentication.

    22

    1
11. 11
    Video

    Community Picks·2y

    Adding JWT Authentication in ASP.NET Core With Supabase Auth

    Learn how to implement JWT authentication in ASP.NET Core using Superbase authentication. Superbase is an open-source cloud platform that offers tools and services for building applications. The core feature of Superbase is its cloud database, which is built on top of Postgres. Superbase authentication provides a user management system with support for various social authentication providers. The authentication flow involves obtaining an access token from Superbase and configuring the ASP.NET Core API to authenticate JSON web tokens. Additional features of Superbase include cloud storage, edge functions, and real-time capabilities.

    21

    1
12. 12
    Article

    Community Picks·2y

    I've created an open source Spring Boot + Nextjs starter kit

    Open source Spring Boot + Nextjs starter kit with authentication, basic s3 integration, and frontend pages for basic user actions. Easily customizable with any frontend framework.

    19
13. 13
    Article

    Community Picks·2y

    One does not simply delete cookies

    A developer faced issues with deleting cookies in production using the Astro framework. The post explains that cookies are actually modified instead of being deleted, and how servers send instructions to browsers to modify cookies. The issue was due to incorrect cookie options in the code, which were resolved by checking the cookie options in the browser dev tools and updating the code accordingly.

    18

    4
14. 14
    Article

    Code Maze·2y

    Adding Custom Header Parameter to API in Swagger

    Learn how to add a custom header parameter to API endpoints in Swagger to enhance API documentation, security, and usability.

    17
15. 15
    Article

    freeCodeCamp·2y

    How to Quickly Add Auth to your Flutter Apps with Supabase Auth UI

    Learn how to quickly add authentication functionality to your Flutter apps using Supabase Auth UI. The package offers pre-configured, theme-able widgets for creating authentication forms with support for email and password auth, OAuth/social login auth (including Google and GitHub), and magic link auth.

    17
16. 16
    Article

    Javarevisited·2y

    Let’s get Authenticated — Google Sign In

    This post provides a full-stack solution for implementing Google Sign In using React.js and Spring Boot. It covers configuring Google APIs and Services, setting up the front-end using React.js, and implementing authentication in the back-end using Spring Boot.

    16
17. 17
    Article

    Ruby Flow·2y

    Creating a REST API with Ruby on Rails. Chapter 1: Initial Setup and Models

    A guide to creating a REST API with Ruby on Rails, covering topics such as authentication, authorization, serialization, and database structure.

    13
18. 18
    Article

    Planet Python·2y

    PyCoder’s Weekly

    This post covers topics such as hashable objects in Python, fixing Python circular imports, and comparing NumPy universal functions with strings.

    13
19. 19
    Article

    Snowflake Community·2y

    Understanding Two types of OAuth2 Authorization Workflows

    OAuth2 provides machine/client to machine/resource communication with trusted connections. There are two main flows of OAuth2 authorization workflows: resource owner password flow and authorization code flow.

    12
20. 20
    Article

    Awesome Elixir·2y

    Elixir in Action, Third Edition

    Elixir in Action, Third Edition is an authoritative bestseller that covers how Elixir tackles scalability, fault tolerance, and high availability. It provides updates for Elixir 1.15 and teaches the underlying principles and functional concepts of Elixir.

    12

    1
21. 21
    Article

    Javarevisited·2y

    Implementing Robust GraphQL Authentication with Apollo: Leveraging Custom Directives and Plugins for Precise Access Control

    GraphQL's single endpoint architecture necessitates a unified access control strategy, unlike REST APIs. Traditional methods of endpoint-specific authentication don't apply. One solution is using custom directives and Apollo plugins to implement fine-grained access control efficiently. These plugins allow centralized authentication mechanisms, support OAuth 2.0 integrations, and offer features like encryption and redaction of sensitive fields. The new authorization plugin provides a reusable framework that simplifies maintaining consistent access policies.

    11
22. 22
    Video

    Community Picks·2y

    Spring boot user impersonation with spring security in 7 minutes

    The post provides a step-by-step guide on implementing user impersonation in a Spring Boot application using Spring Security. User impersonation allows an administrator to assume the identity and permissions of another user for troubleshooting and support purposes. The tutorial utilizes a preconfigured starter kit and details the necessary backend and frontend modifications, including setting up the SwitchUserFilter and defining URLs for switching and exiting user contexts.

    11
23. 23
    Video

    Net Ninja·2y

    Django Tutorial #10 - Authentication

    This tutorial covers the final chapter of a Django course, focusing on implementing user authentication. It guides users through setting up user registration, login, and logout functionalities using Django's built-in authentication system. The tutorial provides detailed instructions on creating authentication forms, configuring necessary settings, and redirecting users to specific pages based on their authentication status. By the end, users will have a functional authentication system for their Django application, allowing secure access management.

    11