Best of AuthenticationDecember 2024

  1. 1
    Article
    Avatar of cerbosCerbos·1y

    What is role-based access control and when to use it

    Role-based access control (RBAC) is a system for managing access by assigning permissions to roles and then assigning those roles to users. It's part of the broader Identity and Access Management (IAM) but focuses on managing access. RBAC scales well, simplifies audits and compliance, and is widely adopted by large organizations. It is effective for environments like e-commerce platforms, tech startups, and universities. However, poorly designed role structures and dynamic environments may pose challenges, and alternatives like attribute-based access control (ABAC) might be considered.

  2. 2
    Article
    Avatar of collectionsCollections·1y

    Master Refresh Tokens in ASP.NET Core (Building from Scratch)

    Learn how to implement refresh tokens in an ASP.NET Core application, enhancing security and user experience. This guide covers key concepts such as access tokens, refresh tokens, and token lifetimes. It provides step-by-step instructions on setting up a database, generating tokens, creating a token refresh endpoint, and managing token lifetimes while emphasizing best practices like secure storage and regular token rotation.

  3. 3
    Article
    Avatar of lnLaravel News·1y

    One-time Password Manager for Laravel

    The One-time Password (OTP) Manager package for Laravel offers a wide range of methods for generating, sending, verifying, and managing OTPs. It integrates with Laravel's cache system to throttle OTP sending and adds security by tracking requests. Key features include support for multiple OTP types, rate limiting, OTP invalidation after multiple failed attempts, and customizable mobile number validation. Full setup and usage details are available on GitHub.

  4. 4
    Article
    Avatar of laraveldevLaravel Dev·1y

    Build a Multi-Auth Login System with Laravel

    Learn how to build a multi-auth login system in Laravel that redirects users to different dashboards based on their roles (admin, agent, user). The guide covers setting up a Laravel project, installing the breeze package for authentication, modifying the user migration file, creating a database seeder with dummy data, updating controllers, and routes for role-based redirections.

  5. 5
    Article
    Avatar of amandeep58Backend Developer·1y

    How does SSO Works

    The post provides a detailed explanation of how Single Sign-On (SSO) works, including the interaction between the Service Provider (SP) and the Identity Provider (IDP). It helps readers understand the underlying mechanisms of SSO and how the 'Sign in with Google' feature functions.

  6. 6
    Article
    Avatar of communityCommunity Picks·1y

    Improving Laravel Sanctum Personal Access Token Performance

    The post discusses an issue with Laravel Sanctum personal access tokens where updating the `last_used_at` column caused a performance bottleneck due to frequent database writes. It provides a solution by creating a custom `PersonalAccessToken` model that overrides the `save()` method to prevent unnecessary writes. The implementation steps include generating the model, modifying the `save()` method, and configuring Sanctum to use the custom model, resulting in improved performance.

  7. 7
    Article
    Avatar of pandProAndroidDev·1y

    Design User Authentication System in Android App

    Designing a user authentication system in an Android app is crucial for ensuring security, personalization, data integrity, and access control. The post covers various authentication methods including password-based, biometric, and two-factor authentication, along with third-party services like Firebase Authentication, Google Play Integrity API, and Auth0. It provides detailed implementation guides for integrating these services into Android apps and discusses rate limiting as an essential security measure.

  8. 8
    Article
    Avatar of communityCommunity Picks·1y

    A better way to build auth

    Enhance authentication and authorization with Stytch's purpose-built solutions for consumer and multi-tenant applications. It features pre-built UI, headless frontend SDKs, backend APIs, and an embeddable admin portal. It ensures high security with fingerprinting for bot detection, adaptive MFA, and reliable risk verdicts. Stytch boasts a 99.999% uptime SLA, scalable user and org data models, fraud and risk prevention mechanisms, and provider failover options. The service supports seamless integration into any language, with customizable login and signup forms.

  9. 9
    Article
    Avatar of devtoDEV·1y

    🔐 Top 3 Best authentication Frameworks for 2025 🗝️🧰

    Discover the top 3 best authentication frameworks for 2025: Clerk, SupabaseAuth, and Better Auth. Clerk offers user management and customizable components, SupabaseAuth provides multiple authentication methods and database integration, and Better Auth is a framework-agnostic library with extensive features and a plugin ecosystem.

  10. 10
    Article
    Avatar of tigerabrodiTiger's Place·1y

    API Gateway notes

    API Gateway handles various critical tasks such as routing requests to appropriate services, SSL termination for secure data transmission, rate limiting to prevent system overload, authentication to verify requests, load balancing to distribute traffic, transforming requests, monitoring API usage, and caching responses to improve performance.

  11. 11
    Article
    Avatar of communityCommunity Picks·1y

    AuthCrunch

    AuthCrunch provides powerful Authentication, Authorization, and Accounting (AAA) features for applications. Initially created for the Caddy web server as the `caddy-security` app, it plays a crucial role in the server's security. Maintainer Paul Greenberg commits to the project's free, non-commercial development, promoting an open and accessible community.

See all Authentication archives