Date: Wed, 26 Sep 2018 15:19:00 +0000
<p>Topics include:</p><ul> <li>What JSON Web Tokens are and how to use them to authenticate users</li> <li>Strategies for invalidating stateless API tokens</li> <li>Using cookie and session authentication</li> <li>Using authentication-as-a-service solutions like Auth0</li> <li>Proxying requests to your API to simplify CORS issues</li> <li>Protecting against XSS attacks</li> </ul><p>Sponsors:</p><ul> <li> <a href="https://cloudinary.com/users/register/free?utm_source=fullstackradio&utm_medium=Sponsored_Podcast&utm_content=fullstackradio_PodCast">Cloudinary</a>, sign up and get 300,000 images/videos, 10GB of storage and 20GB of monthly bandwidth for free</li> <li> <a href="https://rollbar.com/fullstackradio">Rollbar</a>, sign up at https://rollbar.com/fullstackradio to try their Bootstrap Plan free for 90 days</li> </ul><p>Links:</p><ul> <li><a href="https://jwt.io/">JSON Web Tokens</a></li> <li> <a href="https://ryanchenkie.com/securing-angular-applications/">Securing Angular Applications</a>, Ryan's book</li> <li><a href="https://securityheaders.com/">Security Headers scanning tool</a></li> <li><a href="https://hackernoon.com/im-harvesting-credit-card-numbers-and-passwords-from-your-site-here-s-how-9a8cb347c5b5">"I’m harvesting credit card numbers and passwords from your site. Here’s how."</a></li> <li>https://auth0.com/</li> <li> <a href="https://twitter.com/adamwathan/status/1035506251713544193">"CORS is bad for performance"</a> Twitter thread</li> </ul>