Authenticating Microservices with JWT and Web Components
HTML-код
- Опубликовано: 13 июл 2024
- Hey everyone! Authenticating users across multiple microservices and applications is a huge challenge. Wouldn't it be amazing if would could drop a single web component on the page and be instantly authenticated?
Let's see if we can use JWT Tokens along with Web Components to create single authentication component to rule them all.
00:00 - Introduction
00:30 - Problems Going from Monolith to Microservices
01:22 - JWT Authentication Overview
01:40 - JWT: Refresh Tokens
02:11 - JWT: Access Tokens
03:02 - JWT: Cookie vs Local Storage
04:18 - Demo Application Overview
05:21 - Auth Web Component
06:40 - Adding the Auth Component to the Application
07:23 - Inspecting the Access Token
07:52 - Recap
Links:
github.com/heyMP/hax-camp-aut...
jwt.io/
In this video I describe a popular approach to storing refresh token in HTTPOnly cookies. This article outlines why that relying on HttpOnly might not be the best approach and advocates for keeping them in Web Storage instead. portswigger.net/research/web-storage-the-lesser-evil-for-session-tokens
Keep it up brother