Best of AuthenticationFebruary 2025

  1. 1
    Article
    Avatar of dotnetsquad.NET·1y

    Do you store the JWT in localStorage, sessionStorage, Cookies? then this post is for you

    Storing JWTs in vulnerable client-side storage (like localStorage, sessionStorage, or cookies) can expose applications to significant security risks. Alternatives include using in-memory storage and implementing a refresh token mechanism. This allows users to maintain their sessions without re-authenticating upon page reloads while mitigating potential attacks. Setting cookies with httpOnly, Secure, and SameSite flags is crucial for security. A short-lived JWT with periodic refreshing enhances protection.

  2. 2
    Article
    Avatar of justjavaJust Java·1y

    Understanding & Implementing OAuth Mechanism

    Learn to build an OAuth 2.0 server using Java, Spring Boot, Spring Security, and MySQL. This guide covers setting up an OAuth server for authentication, creating microservices, and integrating the OAuth server with a resource server for secured access. Key components, repository layers, and service implementations are discussed for a modular, scalable system.

  3. 3
    Article
    Avatar of bytebytegoByteByteGo·1y

    TEST EP149: JWT 101: Key to Stateless Authentication

    Learn to build and optimize a low-latency Rust application in a hands-on developer workshop, and explore the fundamentals of JSON Web Tokens (JWT) for secure, stateless authentication. Discover system design concepts such as Docker's importance, the workings of digital signatures, and the architectural evolution of Airbnb.

  4. 4
    Article
    Avatar of lnLaravel News·1y

    First Factor One-Time Passwords for Laravel with OTPZ

    OTPZ is a Laravel package developed by Ben Bjurstrom that enables secure first-factor one-time passwords for Laravel applications. Features include rate-limiting, OTP expiration, session-specific OTPs, detailed error messages, and customizable mail templates. Installation involves Composer and Artisan commands, making it relatively simple to implement. The package supports Laravel Breeze with Livewire or Inertia.

  5. 5
    Article
    Avatar of devtoDEV·1y

    Creating an API with authentication using Encore.go

    This post guides you through creating an authenticated API using the Encore.go framework. It explains setting up the necessary directories and files, configuring the API access level, and implementing an authentication handler for token validation. The tutorial also covers how to update your API to use the authentication data and includes a test example for the new functionality. The author highlights the ease of getting support from the Encore team and suggests documentation improvements.

See all Authentication archives