Using JWT tokens for SPA / API architecture
2021-03-16 20:24Json Web Tokens are widely used in moderne web applications. They are a really convenient way to manage user authentication in a statless system and easy to use for requesting data on API by passing it on headers or cookies. You will find a lot of blog articles and comments online about the fact of using JWT as session token or how to store tokens in a proper way. If you use a fullstack framework like Django, NextJS, Play, etc, there is...
Read articleInitialize new Gatsby project with Typescript and ESLINT
2021-01-22 12:33GatsbyJS GatsbyJS is a framework based on React for static frontend development. It's very useful to use it when you want to create a website or an app and you care about SEO (Search Engine Optimisation). Gatsby is using SSR (Server Side Rendering) on the build process. The output files are ready to deploy to your web server or to your cloud and are easy to index for Google bots and other search engine bots. Even if bots are capable of waiting for...
Read articleGenerating public PASETO tokens from ED25519 key pair
2020-09-29 17:06What is PASETO ? PASETO is a new specification (still in draft) describing a way of creating secure and stateless tokens. It's an acronyme for Platform Agnostic Security tokens.It's design for solving security problems with the usage of the JOSE family specification (JWS, JWE, JKW, JWA and JWT). As explain on the RFC: The key difference bewtween PASETO and the JOSE family of standards is that JOSE allows implementors and users to mix and match their own choice of cryptographic algorithms (specified by...
Read article