Tag: Authentication

Introduction

NestJS Overview

• What is NestJS?
• NestJS features

Preparing the Development Environment

• Installing and configuring NestJS

CRUD

• Creating, defining, and deleting tasks

Handling in NestJS

• Using NestJS pipelines
• Creating a custom pipe
• Handling errors

Data Persistence

• Setting up PostgresSQL and Pgadmin
• Creating a database
• Connecting to a database

Authentication and Authorization

• Working with JWT

Testing the Application

• Testing with unit tests and mock tests

Debugging the Application

• Handling errors

Deploying the Application

• Deploying with Elastic Beanstalk

Securing the Application

• Hiding data and APIs

Troubleshooting

Summary and Conclusion

Introduction

The Fundamentals of APIs and Their Functionality

• Scalar types
• Web architecture patterns

REST Overview

• Get option
• Pull option
• Post option
• Delete option

Preparing the Development Environment

• Installing and configuring LoopBack

Models and Data Sources

• Creating and testing a model
• Connecting to data sources

Authentication

• Authenticating endpoints
• Creating a public route
• Using ACL
• Adding login

Security

• Locking down REST web services

Summary and Conclusion

Introduction

Node.js Concepts

• RAM vs I/O latency
• Blocking vs. non-blocking
• Syntax and logic

The Fundamentals of APIs and Their Functionality

• Scalar types
• Web Architecture Patterns: the composite pattern, proxy pattern, and facade pattern

REST Overview

• Get option
• Pull option
• Post option
• Delete option

Preparing the Development Environment

• Installing and configuring Node.js
• Installing and configuring Express.js
• Installing and configuring MongoDB
• Testing the installations

Node Modules and Package Manager

• Creating a module
• Loading a module
• Using module functions
• Creating event arguments
• Extending event emitters
• Installing a Node package
• Using a package
• Listing packages
• Updating packages
• Uninstalling packages
• Publishing packages

Working with Express.js

• Creating custom middleware
• Using Express router
• Filtering paths

REST and GraphQL API

• Building a web server
• Handling routes
• Parsing HTTP requests
• Calling endpoints
• Defining schema
• Adding input validation
• Managing mutations
• Adding variables
• Handling errors

CRUD Operations Using MongoDB

• Saving documents
• Querying documents
• Updating documents
• Deleting documents

Authentication and Security

• Creating and registering users
• Generating tokens
• Storing in environment variables
• Protecting routes
• Testing the authorization

Troubleshooting

• Writing a unit test
• Writing an integration test
• Wiring a unit and integration test

Summary and Conclusion

• Django Overview
  • Django is a framework
  • Frameworks VS Packages
  • What can it do?
  • What are the alternatives?
• Getting Started with Django
  • Sites and Apps
  • Shared Configuration
  • Minimal Django layout
  • Built-in Flexibility
• Using Cookiecutter
  • Why Cookiecutter?
  • Cookiecutter Features
  • Creating a project
  • Creating an app
  • Customizing Cookiecutter
• Creating models with Django ORM
  • Defining Models
  • Related Objects
  • SQL Migration
  • App Configuration
  • Accessing Models
• Login for Nothing and Admin for Free
  • Setting up the admin user
  • Running the admin site
  • Tweaking the admin interface
  • Changing the admin index page
• Basic Views (AKA Controllers)
  • What is a view?
  • Http Response
  • URL Route Configuration
  • Shortcut: get_object_or_404()
• Working with Templates
  • About templates
  • Django template syntax
  • Static files
  • Loading templates
  • The URL tag
  • Shortcut: template.render()
• Querying the Models
  • Query Sets
  • Field lookups
  • Chaining filters
  • Slicing Query Sets
  • Related Fields
  • Q objects
• Enhancing Models
  • Custom Methods
  • Complex Relationships
  • Overriding Standard Methods
• Forms
  • Forms Overview
  • GET and POST
  • The Form Class
  • Processing the form
  • Widgets
  • Validation
  • Forms in templates
  • Beyond the basics
• Debugging
  • Printing to the console
  • Django debug page
  • Reading Django logs
  • Django debug toolbar
• Class-based Views
  • About Generic Views
  • Types of Generic Views
  • Default Generic Views
  • Class-based Generic Views
  • List and Details of Views
• User Authentication
  • Authentication VS Authorization
  • Configuring Users
  • Permissions
  • Groups
• Session Management
  • Enabling sessions
  • Types of session backends
  • Session Cookies
  • Accessing sessions from views
• Migrations
  • Managed VS Unmanaged Tables
  • Handling Schema Changes
  • Using Make Migrations and Migrate
  • Tweaking Migrations
  • Migrating Data
• Advanced Configuration
  • Django Settings Architecture
  • Typical Configuration
  • Using 12 Factor Config
  • Security Considerations
• Serving Data with a RESTtful Interface
  • The Django REST Framework
  • Serialization
  • Requests and Responses
  • Function-based Views
  • Class-based Views
• Static File Management
  • Types of Static Files
  • Configuring Access
  • Namespacing
  • Templates
  • Deploying from outside Django
• Automated Testing
  • Why Create Tests?
  • When to Create Tests?
  • Using Django’s Test Framework
  • Using the test client
  • Running Tests
  • Checking Code Coverage
• Using the Cache
  • Types of Caches
  • Setting up the Cache
  • Per-site and Per-view caching
  • Low-level API
  • Cache Security
• Creating Reusable Apps
  • Packaging
  • Choosing an Appropriate Name
  • Deploying
  • Using Setup Tools
• Documentation with Sphinx
  • Description of Sphinx
  • Restructured Text
  • Configuring Sphinx
  • Creating Doc Files
  • Using Auto doc
  • Generating Docs

Getting Started

• Installation

Intro to Django

• Object-relational mapper
• URLs and views
• Templates
• Forms
• Developmental process
• Authentication
• Admin
• Internationalization
• Security

Tutorial

• Requests and responses
• Models and the admin site
• Views and templates
• Forms and generic views
• Testing
• Static files 
• Customizing the admin site

Advanced Tutorials

• How to write reusable apps
• Writing your first patch for Django

Introduction

• Overview of Blazor WebAssembly

Getting Started

• Creating an ASP.NET core hosted Blazor WebAssembly project
• Initializing Git repository

Forms and Authentication

• User login form and validation
• User registration model
• Logging objects to the console
• Using radio buttons
• Navigating the user with NavigationManager
• AuthenticationStateProvider
• Page restrictions
• LocalStorage for authentication
• Adding a logout option
• Cleaning up the navigation and adding a Favlcon

Web API and Entity Framework

• Understanding the Model-View-Controller (MVC) pattern
• Adding the UnitController
• Receiving units from the Web API
• Understanding HTTP methods
• Installing and using Entity Framework (EF)
• Implementing DataContext
• Viewing the database
• Adding, updating, and removing a unit

.NET Core

• Overview of .NET Core
• Razor component
• Component communication
• .NET forms and authentication
• .NET Web API and EF
• Authentication with JSON Web Token (JWT)
• UserUnits

Publishing and Deploying

• Deploying web application on a Windows Server
• Publishing and deploying an app with Visual Studio

Summary and Next Steps

Introduction

• Overview of JWT structure
• JWT common use cases

JWT Validation

• Symmetric token signature
• Asymmetric token signature
• Validating tokens
• Validating claims

Stolen JWTs

• Dealing with stolen JWTs
• JWT storage
• Invalidating JWTs

Managing a Cryptographic Key

• Overview of secret keys
• Embedding the public key
• Embedding a URL containing the key

Hacking JWTs

• Brute force approach
• Modifying the algorithm RS256 to HS256
• None algorithm approach

Summary and Next Steps