JWTs - Patterns and Anti-patterns in Authentication

JWTs - Patterns and Anti-patterns in Authentication

LASCON via YouTube Direct link

Multiple Overlapping Implementations

17 of 27

17 of 27

Multiple Overlapping Implementations

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

JWTs - Patterns and Anti-patterns in Authentication

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Speaker: David Gilman
  3. 3 HTTP Cookie
  4. 4 Stateless Tokens
  5. 5 Server Side Session
  6. 6 Clifford Stoll's Chocolate Chip Cookie Recipe
  7. 7 Trying to be Everything to Everybody
  8. 8 JWTs as Sessions
  9. 9 Attaching with JavaScript
  10. 10 Weak HMAC Secrets
  11. 11 No Revocation
  12. 12 No Expiration
  13. 13 Database for Revocation
  14. 14 Refresh + Access Tokens
  15. 15 Fragile Built-In Signing Key Rotation
  16. 16 Fully Stateful
  17. 17 Multiple Overlapping Implementations
  18. 18 Service 2 Service Auth
  19. 19 Shared Token
  20. 20 Auth Service
  21. 21 Revocation via Cache
  22. 22 Hardcoded Algorithm
  23. 23 Use Alternatives
  24. 24 Use Trusted Libraries
  25. 25 Registered Claims
  26. 26 Macaroons Paper
  27. 27 Stop Using JWT for Sessions

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.