Next.js Tutorial – Part 6 | Authentication for API Routes using JWT and bcrypt

テクノロジー



This video shows the Theory and Code needed to build an Authentication system.

We use bcrypt and JWT tokens. We also go through the different strategies to store authentication tokens between different sessions, showing the possible issues with the different strategies.

If you want to jump directly into code go to 20:45

—-
Repository: https://github.com/bmvantunes/youtube-2020-march-nextjs-part6
—-
Next.js Examples: https://github.com/zeit/next.js/tree/canary/examples
—-
Slides available at: https://docs.google.com/presentation/d/15eM4oFshHCwvPDY0BRQGnn8JnVirv9TqKVnaox_8bEk/edit?usp=sharing
—-
All references about I used for this video:

Using HTTP cookies - HTTP | MDN
A cookie (also known as a web cookie or browser cookie) is a small piece of data a server sends to a user's web browser. The browser may store cookies, create n...
Cross-Site Request Forgery Prevention - OWASP Cheat Sheet Series
Website with the collection of all the cheat sheets of the project.
Site Not Configured | 404 Not Found
Using HTTP cookies - HTTP | MDN
A cookie (also known as a web cookie or browser cookie) is a small piece of data a server sends to a user's web browser. The browser may store cookies, create n...
Same-origin policy - Wikipedia
Cross Site Scripting (XSS) | OWASP Foundation
Cross Site Scripting (XSS) on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.
OAuth is Not Authentication
The reasons why OAuth is not an authentication protocol, and why without using open standards such as OpenID Connect, should not be hacked to become one.
Let's Encrypt
Let's Encrypt is a free, automated, and open certificate authority brought to you by the nonprofit Internet Security Research Group (ISRG). Read all about our n...
RFC 7519: JSON Web Token (JWT)
JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object...

https://codahale.com/how-to-safely-store-a-password/
—-

Follow me on:
Twitter: https://twitter.com/bmvantunes
Dev.to: https://dev.to/bmvantunes
Website: https://brunoantunes.net
Github: https://github.com/bmvantunes
LinkedIn: https://www.linkedin.com/in/bmvantunes

Comments

Copied title and URL