Tips, Expertise, Articles and Advice from the Pro's for Your Website or Blog to Succeed
Authentication is one of the core functions of applications on the internet today, one that many developers are familiar with. Yet, actually implementing authentication correctly requires understanding several standards and protocols.
Two of the most important of these authentication standards are OAuth and JWT (JSON Web Tokens).
Most web applications today require users to register to use certain features or visit specific pages, but building a login form is one of the most tedious things. In this article, we will build a simple and elegant sign-in screen using React and Bootstrap 5.
Run the following command to create a fresh react project:
This tutorial walks you through integrating your frontend with social login APIs provided by SuperTokens.
Note, that it’s only meant for users who are building their own frontend and are building a website. If you are using our pre-built UI, these API integrations are already done for you.
HTTP and HTTPS are internet protocols that allow data to be sent over the internet by sending a request via a web browser. Because they are stateless, each request sent to the browser is treated independently. This means that the browser cannot remember the source of a request, even if the same user makes it. HTTP sessions solve this problem.
This article will look at session management and how tools like Passport, Redis, and MySQL can help us manage Node.js sessions. Let's dive in.
Auth requirements are quite varied. Therefore any auth solution must provide the ability to customise their APIs. Each solution uses its own terminology for this feature:
Keycloak uses “Implementing an SPI”
Spring security provides a mechanism to control and limit the maximum number of single-user open sessions. This mechanism prevents users from exceeding the number of allowed simultaneous connections. For example, Netflix limits the number of screens you can watch at the same time according to your subscription plan.
In part 1, we will understand how this mechanism works, how to use it, and being aware of the default spring security implementation limitations. In part 2, we will see how to overcome those limitations in a clustered environment.
This article will be comparing SuperTokens to Node’s most popular session management library – express-session. The comparison will be done using a point system, where a point will be awarded to a library’s score if it performs well in a given metric. Here are the metrics we will be using:
There seems to be a lot of misinformation on when OAuth 2.0 (henceforth referred to as OAuth) is appropriate for use. A lot of developers confuse OAuth with web session management and hence end up using the wrong protocol/set of technologies. This, in turn, leads to security issues. This article will clarify when to use regular session management solutions and when to use any one of the OAuth flows.
Ideally, we would like all authenticated communication to be long lived (to provide the best user experience). The difference between user session management and OAuth is the level of trust between the communicating parties.
What follows is a two-part series on session management — inspired by extensive conversations with over 70 developers and our own intensive research. We will explore different session management practices, identify issues, and converge on a solution to these issues. Through it all, I hope to leave you with clarity on deciding how to manage user sessions (and auth tokens) for your application. In 20 minutes, we summarize all the important information it took us hundreds of hours to obtain and document.
This article will introduce session management, analyze commonly use session flaws, and demonstrate best practices. Part two will take a look at a new open-source flow that is secure and easy to integrate into existing systems.
SAP Hybris is an e-commerce platform originally introduced in 1997. The Hybris software was acquired by the German multinational corporation SAP in 2013. In June 2018, the platform was rebranded as SAP Customer Experience in order to further integrate it under the SAP umbrella. Over the years, Hybris users have included major firms such as Adidas, Samsung, and Vodafone.
From a technical perspective, Hybris is a Java-based software application that uses a three-layer architecture including web, application, and database. It includes features such as web content management, customer service, product catalogs, and payment integrations.