Refresh Access Token Authentication 🔹 Web Security (German)

zekro - Coding/Tutorials

access token argon2id authorization token bcrypt json web tokens jwt refresh access refresh access authentication refresh access authorization refresh access token refresh token token authentication web authentication web security zekro

description

Twitch: https://twitch.tv/zekrotja Mein Dev-Discord: https://discord.zekro.de

🔗 Resourcen: ► Beispielimplementierung: → https://github.com/zekroTutorials/refresh-tokens ► Argon2ID: → https://en.wikipedia.org/wiki/Argon2 ► BCrypt: → https://en.wikipedia.org/wiki/Bcrypt ► BCrypt is broken: → https://rpartlan.tumblr.com/post/123263195054/bcrypt-is-broken → https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700758 ► CSRF (Cross Site Request Forgery): → https://owasp.org/www-community/attacks/csrf# → https://www.netsparker.com/blog/web-security/csrf-cross-site-request-forgery ► CORP (Cross Origin Resource Policy): → https://developer.mozilla.org/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP)

🌐 WEBSITE: https://zekro.de 🦑 GITHUB: https://github.com/zekrotja 🐦 TWITTER: https://twitter.com/zekrotja 📸 INSTA: https://instagram.com/zekrotja 🕹 TWITCH: https://twitch.tv/zekroTJA 💻 GEAR & SPECS: https://zekro.de/gear ❓ FAQ: https://s.zekro.de/faq

🕓 Timestamps: 00:00 Intro 00:10 Disclaimer 01:20 Einleitung 03:12 Token / Session Authentication 04:22 JWT Token Authentication 05:18 CSRF Kurzerklärung 07:00 Anti Forgery Tokens 08:10 Refresh Access Tokens 11:38 Wieso ist das sicher gegen CSRF Attacks? 12:20 Nachteile des Konzepts 13:11 Implementationsbeispiel 13:40 Beispieldemo 15:59 JWT Access Tokens Modul 19:22 MongoDB Datenbankanbindung 19:57 Argon2ID Hash Modul 20:30 Entity Models 21:04 Gin Web Server Utilities 21:35 Authorization Service 25:00 Resource / API Service 27:31 React Web App 30:00 Outro

🎵 Background Music: https://soundcloud.com/aaronschaefermusic

created

2023-02-12

staked

0.0 LBC

license

Copyrighted (contact publisher)

File size

344951103 Bytes