ByteByteGo·3ySessions, Tokens, JWT, SSO, and OAuth in One Diagram
The article explains the concepts of sessions, tokens, JWT, SSO, and OAuth in one diagram and discusses the impact of web session management on web applications. It also provides information on the most used Linux commands and outlines the aspects of cloud-native adoption. Additionally, it compares the event sourcing system design with the normal CRUD system design.
ByteByteGo·3yEP72: OAuth 2.0 Explained With Simple Terms
This week’s system design refresher: Git Merge vs. Rebase vs. Squash Commit. OAuth 2.0 is a powerful and secure framework that allows different applications to securely interact with each other on behalf of users. New Relic Interactive Application Security Testing (IAST) is now in public preview.
The New Stack·3yBest Practices for Storing Access Tokens in the Browser
This article discusses best practices for storing access tokens in the browser and highlights different storage solutions available. It covers browser threats such as cross-site request forgery (CSRF) and cross-site scripting (XSS) and provides recommendations for mitigating these risks. The article also introduces the token handler pattern as a design pattern for secure authentication and making authenticated calls to APIs in JavaScript applications.
InfoSec Write-ups·3yOAuth 2.0 Hacking 💸
OAuth 2.0 Hacking is an open authorization protocol. It allows sharing of resources stored on one site to another site without using their credentials. It uses username and password tokens instead of credentials. The resource owner is the user/entity granting access to their protected resource, such as Twitter account Tweets.
The New Stack·3yOAuth.Tools: The Online Tool That Goes beyond JWTs
OAuth is a free online tool provided by Curity. It offers incredible features for anyone working with or interested in OAuth and OpenID Connect. You can decode or create JWTs with different characteristics, fetch tokens from a server, revoke tokens or add an access token to external API calls.
Laravel News·3yAPI Authentication in Laravel
API authentication in Laravel has become the gold standard authentication mechanism within the Laravel ecosystem. Sanctum was designed as a lightweight alternative to Passport, but in reality, it has achieved a lot more than that. Laravel Passport has a grant type called Client Credentials: where you authenticate a client not a client.
Codrops·3yWeekly Frontend News: Collective #763
Next Gen Solutions shines with lovely scroll animations, a plethora of interesting layout choices and a vibrant color theme. Get inspired sponsored via BuySellAds Use Kintone to Spend Less Time on the Back-end KintOne is a powerful web database, providing developers with a convenient environment to test out front-end coding ideas.
Supabase·2yGitHub OAuth in your Python Flask app
Learn how to integrate OAuth2.0 into a Flask app using Supabase-py. Enable users to login to the web app using their GitHub account. Prerequisites include familiarity with Flask and Supabase authentication. Create session storage and initiate the Supabase client. Sign in with GitHub and create sign-in and callback routes in the Flask app.
