Best of Authentication β€” November 2024

  1. 1
    Video
    Avatar of bytebytegoByteByteGoΒ·1y

    How SSH Really Works

    SSH is essential for providing secure remote access over unsecured networks. This video explains how SSH creates a secure tunnel between client and server, focusing on SSH2, which offers improved security features compared to SSH1. Key aspects covered include TCP connection establishment, version and algorithm negotiation, key exchange using the Elliptic Curve Diffie-Hellman method, and public key authentication. Once authenticated, all communication between the client and server is encrypted using a session key. SSH also supports local forwarding for tunneling other network services securely.

  2. 2
    Video
    Avatar of wdsWeb Dev SimplifiedΒ·1y

    How To Handle Permissions Like A Senior Dev

    The post discusses how to handle permissions in applications effectively, moving beyond basic role checks. It covers different permission systems from simple to complex, including role-based access control (RBAC) and attribute-based access control (ABAC), and demonstrates their implementation through code examples and diagrams. The post also explains how to integrate these systems with the authentication service, Clerk, simplifying user role and permission management.

  3. 3
    Article
    Avatar of neontechNeonΒ·1y

    WTF Are JWTs?

    JSON Web Tokens (JWTs) are compact, self-contained tokens used for transmitting information securely. They emerged as a solution to the limitations of session-based authentication, offering stateless authentication, cross-domain compatibility, scalability, and security. JWTs are commonly used in modern web applications, especially with services like Neon Authorize, to manage authorization at the database level through row-level security. The process includes signing the tokens to ensure authenticity, though they are not encrypted by default.

  4. 4
    Article
    Avatar of collectionsCollectionsΒ·1y

    Master Event-Driven Architecture by Building a SaaS Application with Next.js, Clerk, and NeonDB

    Learn to build scalable SaaS applications using Next.js, Clerk, and NeonDB with a focus on event-driven architecture. This course covers essential topics such as SaaS starter templates, database management with NeonDB, custom authentication and role-based access control using Clerk, handling webhooks, and integrating APIs. Gain practical experience through hands-on exercises to apply your knowledge in real-world projects.

  5. 5
    Article
    Avatar of hnHacker NewsΒ·1y

    An analysis of the Keycloak authentication system

    Keycloak, an open-source identity and access management solution, has been found to have several security issues, including OTP bypass vulnerabilities, unauthorized access to certain administrative functionalities, and race conditions in the anti-brute-force mechanism. These issues allow attackers to bypass multi-factor authentication, gain unauthorized access to privileged operations, and perform excessive login attempts. Communication with security teams revealed delayed fixes and inadequate advisories, highlighting a need for more timely and transparent responses to such critical issues.

  6. 6
    Article
    Avatar of auth0Auth0Β·1y

    Authentication and Authorization Enhancements in .NET 9.0

    NET 9 includes various enhancements for authentication and authorization, focusing on cloud-native development and performance. Key features include support for Pushed Authorization Requests (PAR) to enhance security in OAuth 2.0 and OpenID Connect environments, simplified methods for adding custom OAuth/OIDC parameters, configuration flags for Windows Authentication under HTTP.sys, and methods to serialize authentication states in Blazor Web Apps. These updates aim to simplify developers' tasks, improve security, and reduce potential bugs.

  7. 7
    Article
    Avatar of devsquadDev SquadΒ·1y

    πŸ”₯ Hono + ⚑️ Supabase Boilerplate

    This project is a backend boilerplate utilizing the Hono framework, hosted on Cloudflare Workers. It integrates Supabase for user authentication and authorization.

  8. 8
    Article
    Avatar of webdevbeehiivWeb DeveloperΒ·1y

    JavaScript Auth πŸ”, Atomics API βš›οΈ, Fastest HTTP Server πŸš€, Open-Source Photo Management πŸ“Έ

    This post includes a beginner-friendly guide to building custom authentication systems in JavaScript, tips for using the Atomics API to prevent race conditions in Node.js, an exploration of the trend of rewriting Node.js tools in faster languages like Rust, Go, and Zig, and an overview of the fastest Node.js HTTP server compatible with Express.js. It also covers open-source alternatives for private photo management and provides tips for enhancing Vue components with TypeScript.

  9. 9
    Article
    Avatar of webtoolsweeklyWeb Tools WeeklyΒ·1y

    Web Tools #590 -

    Learn about PropelAuth, a tool that simplifies integration of authentication and user management for B2B SaaS. Discover a variety of web frameworks and tools including FlyonUI, Devias Kit, and Lukacho UI, designed for different web technologies such as React, Vue, and Svelte. Explore AI tools and platforms like assistant-ui and AgentQL to enhance your development workflow. Gain insights into monitoring and optimizing React component usage with Omlet.

  10. 10
    Article
    Avatar of communityCommunity PicksΒ·1y

    VSCode Themes Community

    An advanced guide for creating a TypeScript API client that includes authentication and rate limiting features. The code demonstrates how to configure and implement these functionalities using an injectable class structure.

  11. 11
    Article
    Avatar of telerikTelerikΒ·1y

    Passkey Authentication in Next.js Using Hanko

    Discover how to integrate passkey-based authentication into a Next.js application using Hanko's authentication provider. Follow the step-by-step guide to set up a simple email/password authentication system and enhance it with passkeys, ensuring a two-factor authentication experience. The post covers creating necessary files and components, setting up a Hanko account, installing dependencies, and writing client and server-side code to handle passkey registration and login.

  12. 12
    Article
    Avatar of csharpcornerC# CornerΒ·1y

    How to Use Single Sign-On for your ASP.NET MVC Application?

    Implementing Single Sign-On (SSO) for ASP.NET MVC applications simplifies user authentication, enhancing both security and user experience. SSO allows users to log in once and access multiple applications without repeatedly entering credentials. Key SSO protocols include OAuth, OpenID, and SAML, each offering different levels of security and authentication. SSO benefits include faster development, lower costs, improved security, easier administration, and a better user experience. It is particularly useful for large organizations and applications requiring seamless access to various systems.

See all Authentication archives