Implementing User Authentication on an N-Tier Web Application
I appreciate all help and feedback. Parts bolded are critical parts if this is too verbose. Perhaps it will help to mention I am a green developer. I have found some useful info from related questions posted here and on Stack Overflow but nothing that felt 100%.
Implementing User Authentication on an N-Tier Web Application
I appreciate all help and feedback. Parts bolded are critical parts if this is too verbose. Perhaps it will help to mention I am a green developer. I have found some useful info from related questions posted here and on Stack Overflow but nothing that felt 100%.
Implementing User Authentication on an N-Tier Web Application
I appreciate all help and feedback. Parts bolded are critical parts if this is too verbose. Perhaps it will help to mention I am a green developer. I have found some useful info from related questions posted here and on Stack Overflow but nothing that felt 100%.
Implementing OAuth for Google Calendar in iOS (SwiftUI) with Django Backend
I’m building an iOS app (SwiftUI) that needs to access Google Calendar, with a Django backend handling token management. I’m unsure about the correct OAuth flow implementation. My main questions are:
Edge Case For Cookie Based Token Management
I have a React frontend and a Nodejs backend that uses authentication via an OIDC service provider. After a user goes through the SSO authentication flow I store the token (containing a refresh token with a 5 hr expiration) in a HTTPOnly cookie with a similar expiration time. I also store a JWT token (1 hr expiration) in a cookie that’s generated by my backend so that I don’t have to keep sending the OIDC token to the service provider on every request. On every request I verify the JWT token. If the JWT token has expired I use the OIDC refresh token to refresh the OIDC token (new access token, new id token, new refresh token) and generate a new JWT token. My web server is configured such that if the cookie containing the OIDC token is missing, it will redirect to /api/login which will start a new SSO authentication flow.
Edge Case For Cookie Based Token Management
I have a React frontend and a Nodejs backend that uses authentication via an OIDC service provider. After a user goes through the SSO authentication flow I store the token (containing a refresh token with a 5 hr expiration) in a HTTPOnly cookie with a similar expiration time. I also store a JWT token (1 hr expiration) in a cookie that’s generated by my backend so that I don’t have to keep sending the OIDC token to the service provider on every request. On every request I verify the JWT token. If the JWT token has expired I use the OIDC refresh token to refresh the OIDC token (new access token, new id token, new refresh token) and generate a new JWT token. My web server is configured such that if the cookie containing the OIDC token is missing, it will redirect to /api/login which will start a new SSO authentication flow.
Best Practices for Securing OTP Request Endpoint for Unauthenticated Users
I’m developing an iOS app using SwiftUI and have a backend built with Django. The app includes a feature where users can request a One-Time Password (OTP) via SMS. Since this feature is available to unauthenticated users, I’m concerned about potential abuse, such as spamming the OTP request endpoint to send a large number of SMS messages.
I got this problem when i connect with another user domaine
Nous n’avons pas pu vous connecter avec ces informations d’identification, car votre domaine n’est pas disponible. Vérifiez que votre appareil est connecté au réseau de votre organisation, puis réessayez. Si vous vous connectiez sur cet appareil avec d’autres informations d’identification auparavant, vous pouvez utiliser celles-ci pour vous connecter.
Problem on frontend Authentication development
<script> document.addEventListener(‘DOMContentLoaded’, function() { fetchUserData(); }); function fetchUserData() { const apiUrl = ‘https://game-mate.onrender.com/api/user/login’; fetch(apiUrl, { method: ‘GET’, headers: { ‘Content-Type’: ‘application/json’, ‘Authorization’: ‘Bearer ‘ + localStorage.getItem(‘token’) } }) .then(response => response.json()) .then(data => { if (data && data.username) { document.getElementById(‘welcomeMessage’).textContent = ‘Welcome, ‘ + data.username + ‘!’; } }) .catch(error => { console.error(‘Error fetching user […]
How do I authenticate myself when I authenticate myself in Guatemala? In the case of websites
In Korea,In the case of websites not IOS, Android
it can be done through mobile phone carrier API, but what should I do if I want to get my date of birth through my ID in Guatemala?