Short Summary
Securing SPAs isn’t as straight forward as a traditional web application. The code is there for all to see. Cookies and local storage aren’t 100% safe. Where do we put the login forms? And what if the user refreshes?!
Learn everything you need to know about JSON Web Tokens, and maybe even some things you don’t! Keep user credentials safe, while still communicating effectively with APIs.
Description
Single Page Apps are slick and fast. By moving much of the business logic to the browser, they gain advantages both for the application, as well as the load on hosting infrastructure.
But if they’re running in the browser, how do we secure them? The code is there for all to see. Cookies and local storage aren’t 100% safe. And what if the user refreshes?!
JSON Web Tokens provide a way to make sure that user credentials are kept safe, while still allowing browser-based apps to communicate with APIs.
This talk will take you from knowing what JWTs are to understanding how to use them, and where to get started. We’ll look at the request lifecycle of the authentication process, and cover best practices for JWT storage and handling.