Completed
No Revocation
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
JWTs - Patterns and Anti-patterns in Authentication
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Speaker: David Gilman
- 3 HTTP Cookie
- 4 Stateless Tokens
- 5 Server Side Session
- 6 Clifford Stoll's Chocolate Chip Cookie Recipe
- 7 Trying to be Everything to Everybody
- 8 JWTs as Sessions
- 9 Attaching with JavaScript
- 10 Weak HMAC Secrets
- 11 No Revocation
- 12 No Expiration
- 13 Database for Revocation
- 14 Refresh + Access Tokens
- 15 Fragile Built-In Signing Key Rotation
- 16 Fully Stateful
- 17 Multiple Overlapping Implementations
- 18 Service 2 Service Auth
- 19 Shared Token
- 20 Auth Service
- 21 Revocation via Cache
- 22 Hardcoded Algorithm
- 23 Use Alternatives
- 24 Use Trusted Libraries
- 25 Registered Claims
- 26 Macaroons Paper
- 27 Stop Using JWT for Sessions