Nice details. But https already does that for you. Also hacker can use the same encrypted data and send it to server and will be validated, he/she doesn't need to decrypt it.
There are various ways to handle this. What you are telling is an advanced scenario not covered in this video. Well, the answer to your question is like one way is creating public & private key for each user there by maintaining e2e encryption
@@TechnoSaviour advanced scenario to have an SSL certificate? Why are you reinventing the wheel? Do you have your production websites not using SSL? If that's the case, you must be sued. Also, you must know that encrypting and decrypting yourself is not a cheap operation. It involves certain amount of computation.
Dear very good your video, thank you for the time. Now my query is the following, the backend will return an encrypted data, as angular could decrypt said data, if for that it needs the private key. Some recommend to me that it be deployed to AWS in your context so that only the application can access it. Please can you help me with some ideas.
You dont need this with modern https. Your requests will alsways be encrypted. Just send your raw password to api, encrypt and if its correct send cookie(JSON web token) to stay logged in.
![NLE Choppa - Or What ft. 41 (Orchestra Mix) [Official Music Video]](http://i.ytimg.com/vi/biOFASEgSOM/mqdefault.jpg)
best turorial i see , thank you very much, you are the best for the clear details
Nice one
Thanks and Great Work....
Nice details.
But https already does that for you. Also hacker can use the same encrypted data and send it to server and will be validated, he/she doesn't need to decrypt it.
There are various ways to handle this. What you are telling is an advanced scenario not covered in this video.
Well, the answer to your question is like one way is creating public & private key for each user there by maintaining e2e encryption
@@TechnoSaviour advanced scenario to have an SSL certificate? Why are you reinventing the wheel? Do you have your production websites not using SSL? If that's the case, you must be sued.
Also, you must know that encrypting and decrypting yourself is not a cheap operation. It involves certain amount of computation.
Thanks Sir. It really helped me.
Glad it helped
Can u do it with AES ?
Dear very good your video, thank you for the time. Now my query is the following, the backend will return an encrypted data, as angular could decrypt said data, if for that it needs the private key. Some recommend to me that it be deployed to AWS in your context so that only the application can access it. Please can you help me with some ideas.
Nice video..
Make a video of jwt authentication via c# and angular..
Okay sure
Where did you save your public key on Angular side ,so that publickey cannot be seen by hackers
public key is allowed to be seen by hackers. they dont have the private key to decrypt it.
How can we sign the request using private key and verify if on backend using public key?
its the other way round, as its designed to work like that.
Public key are supposed to be public in nature, so they shouldn't be used for decryption
Why do we need to encrypt if https already does it for us?
How did u create the private and public key?
I used OpenSSL
There is another video which explains how to use OpenSSL in windows
Is this possible in java Springboot?
I get below error for every request made after first request.
"Message is too long for PKCS#1 v1.5 padding."
Do we really need encryption, coz https will encrypt whole communication channel
Thanks
You dont need this with modern https. Your requests will alsways be encrypted. Just send your raw password to api, encrypt and if its correct send cookie(JSON web token) to stay logged in.
What if the request goes through an API gateway before reaching you back end application? Payload criptography is very important.
How tomma because need to encrypt in UI like Angular or Jscript
Te amo, churrita! 🥰
Worked but causing Cors error.
In the startup file, I had written code to handle CORS