How To Build Your Own Auth
Syntax - Tasty Web Development Treats17 Maalis 2021

How To Build Your Own Auth

In this episode of Syntax, Scott and Wes talk about building your own authentication — diving deep into JWT, sessions, tokens, cookies, local storage, CSRF, and how it all works! Prismic - Sponsor Prismic is a Headless CMS that makes it easy to build website pages as a set of components. Break pages into sections of components using React, Vue, or whatever you like. Make corresponding Slices in Prismic. Start building pages dynamically in minutes. Get started at prismic.io/syntax. LogRocket - Sponsor LogRocket lets you replay what users do on your site, helping you reproduce bugs and fix issues faster. It’s an exception tracker, a session re-player and a performance monitor. Get 14 days free at logrocket.com/syntax. Hasura - Sponsor With Hasura, you can get a fully managed, production-ready GraphQL API as a service to help you build modern apps faster. You can get started for free in 30 seconds, or if you want to try out the Standard tier for zero cost, use the code “TryHasura” at this link: hasura.info. We’ve also got an amazing selection of GraphQL tutorials at hasura.io/learn. Show Notes 01:51 - Overview Level Up uses a JWT & secure cookie-based authentication and tracks sessions via a db table. Accounts.js 05:13 - JWT Base 64 encoded (not encrypted) token that contains data. We have both accessTokens and refreshTokens. JWT has three parts: Header What kind of algo was used Payload Data about the user Email Username UserID refreshToken, authToken, sessionId Signature This ensures that no one monkeyed with the above parts. If you change your email in the payload, the signature is not invalid, because in order to generate the signature, it uses the header and payload as part of it. accessToken A short lived JWT that contains the sessionToken, userId and expires after 90min. refreshToken A long lived JWT that contains just the sessionToken and doesn’t expire. JWT can be decoded and read, but you have to encode them with your secret. JWT can be stored anywhere, there are two main places: 20:26 - Cookies We use httpOnly, secure cookies to store the accessToken and the refreshToken. The accessToken is a session cookie and is removed whenever the browser is closed. The refreshToken is valid for 100 days but is also re-created and revalidated for 100 more days each time the accessToken is generated. Because these are httpOnly cookies, they cannot be accessed by JavaScript in the client and can only be set and removed on the server. Note: Safari has stricter rules than others for same domain cookies (e.g. localhost won’t work). 34:26 - Sessions Sessions are when a user logs in on a device. If you open a phone and log in and a computer and log in, those will create two different sessions. A session contains information about the user’s connection (like their IP) but it also contains the userId which allows us to create new accessTokens from a valid session. Sessions can be valid or invalid. This allows us to log anyone out by setting their session to valid: false. Sessions also have sessionToken which are generated on authentication or create account. 38:10 - CORS Cross-origin-resource-sharing Can be super tricky to get working cross-domain You usually have to actually visit the website for the cookie to be set, even with lax cors 46:06 - CSRF 48:47 - Authentication process bcrypt.js 52:13 - Helper Packages NextAuth.js is super easy Passport.js auth0 Links Caddy Fastify ××× SIIIIICK ××× PIIIICKS ××× Scott: reMarkable 2 Wes: Opration Odessa Shameless Plugs Scott: Node Fundamentals Authentication - Sign up for the year and save 25%! Wes: Advanced React - Use the coupon code ‘Syntax’ for $10 off! Tweet us your tasty treats! Scott’s Instagram LevelUpTutorials Instagram Wes’ Instagram Wes’ Twitter Wes’ Facebook Scott’s Twitter Make sure to include @SyntaxFM in your tweets

Jaksot(970)

818: CJ × Hosting Meetups - Lunch and Learn

818: CJ × Hosting Meetups - Lunch and Learn

In this episode of Syntax, Wes and Scott talk with CJ Reynolds about the resurgence of meetups in a post-COVID world. They discuss the benefits of attending and speaking at meetups, and the logistics of organizing them. CJ also shares his experiences running the DenverScript meetup, including sourcing speakers, finding venues, and ensuring a welcoming community. Show Notes 00:00 Welcome to Syntax! 01:35 Brought to you by Sentry.io 01:49 CJ’s history hosting meetups DenverScript Code Talent 06:35 How do you structure a meetup? 09:50 How do you raise awareness for a meetup and get people to attend? Meetup.com Guild 13:27 How to pay for a meetup 15:22 How to get speakers at meetups 16:50 The length of these talks 17:03 Does live-streaming hurt attendance? Syntax 806 - The King of Drag and Drop: Alex Reardon 19:32 Is there a vetting process for finding speakers? Syntax 019 - How to Get Into Speaking at Conferences 24:26 A meetup doesn’t have to be talks Develop Happy Hour 27:48 What’s the worst part about hosting a meetup? 29:37 What was your first meetup like? 33:27 What’s the best meetup you’ve been to and why? 37:10 How to be a good attendee 40:45 Are meetups back? 44:00 Tips for organizing a great meetup 45:29 How to find a meetup 47:37 Sick Picks & Shameless Plugs Sick Picks CJ: Fillo’s Walking Tamales Shameless Plugs CJ: DenverScript You Should Use Hono in your Next Project Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

6 Syys 202450min

817: You Need These 30 Apps - PART 1

817: You Need These 30 Apps - PART 1

Scott and Wes kick off part 1 of a 2-part series, breaking down 30 must-have apps for web developers and productivity enthusiasts. From file management tools to media utilities, they cover everything you need to supercharge your workflow. Show Notes 00:00 Welcome to Syntax! 01:03 Brought to you by Sentry.io. 01:27 File management applications. 01:43 DaisyDisk. 04:19 Marta. 07:50 EasyFind. 10:16 Czkawka. 12:53 Backblaze. 14:40 Hazel. 17:42 AutoMounter. 18:43 Media applications. 18:52 Automator HIEC to JPG. 20:04 Rant on QuickView. 20:32 DVD idea. 22:06 IINA. 24:07 Capture One. 25:02 YouTube Enhance. 27:16 HandBrake. 28:05 MakeMKV. 30:33 Overkill for Mac. 33:42 Search by Image. 37:09 eqMac. 37:37 Utility applications. 37:52 Stats & iStat Menu. 40:19 Alternatives to popular Mac applications. 40:23 Ice. 41:03 PearCleaner. 43:08 Numi. 44:17 Bottom (btm). 44:53 Sip Color Picker. 50:25 Sick Picks & Shameless Plugs. Sick Picks Scott: Wilde Chips Wes: Apple TV+: The Big Conn Shameless Plugs Scott: Syntax on YouTube Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

4 Syys 202457min

816: Why Your CSS Sucks

816: Why Your CSS Sucks

Scott and Wes break down why your CSS might suck—from misusing specificity to not leveraging CSS variables. Tune in as they dive into common pitfalls that are making your stylesheets a hot mess. Show Notes 00:00 Welcome to Syntax! 00:33 Breakdancing in the Olympics. 05:29 Brought to you by Sentry.io. 05:44 Why your CSS sucks. 07:01 You’re styling the wrong element. 11:01 Nesting too deep. 12:37 You don’t understand specificity. 14:56 Your classes don’t use a system. 16:24 You’re using values instead of CSS vars. 20:16 You don’t understand block vs inline vs inline-block. CSS Logical Properties 21:16 You aren’t using the right tool for the job. CSS Flexbox, CSS Grid. 24:15 You’re setting the value in too many places. 24:31 You’re scoping to tightly or not tightly enough. Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

2 Syys 202428min

815: Deno 2 with Ryan Dahl

815: Deno 2 with Ryan Dahl

In this episode of Syntax, Wes and Scott talk with Ryan Dahl about Deno 2.0, its new features and use of web standards, and how it seamlessly integrates with popular frameworks like Next.js. Ryan shares insights on the motivations behind Deno’s creation, its emphasis on simplicity and security, and offers his take on the evolving JavaScript ecosystem. Show Notes 00:00 Welcome to Syntax! 00:34 What is Deno? 05:08 Deno 2.0 07:49 NPM compatibility 09:40 What parts of Node aren’t doable in Deno? 11:22 Do we need a hard break from Require? 13:51 Package management 16:25 Security and performance benefits of Deno 20:57 Brought to you by Sentry.io 20:57 Thoughts on Bun and Node additions 26:25 Ryan’s favorite Deno projects Lume Fresh webgpu-examples gpucraft minecraft clone + deno + webgpu gpucraft example Shaderplay Orillusion 28:42 Will we ever see a unified file system API? 31:49 Typescript 36:12 Jupyter Notebooks with Deno Polars 39:11 AI and WASM in JavaScript 42:01 Deno 2.0 features and future 43:08 Sick Picks & Shameless Plugs Sick Picks Ryan: McCarren Park Shameless Plugs Ryan: https://deno.com/enterprise Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

30 Elo 202444min

814: Fundamentals: HTML

814: Fundamentals: HTML

In this episode of Syntax, Wes and Scott talk about HTML fundamentals — from basic structure and semantics to practical tips for better accessibility and SEO. They also discuss the difference between block and inline elements, form functionalities, HTML5 elements like dialog and canvas, and more. Show Notes 00:00 Welcome to Syntax! 02:33 Brought to you by Sentry.io 03:25 Why HTML is important 06:52 Semantic vs non-semantic 07:58 The basic structure of an HTML page HTML elements reference The Main element 08:45 Doctype 15:24 Nav 18:47 Section 20:41 Aside 22:09 Article 22:54 Span 27:18 Why use a span when you have a div and a paragraph tag? 29:29 Figure and Caption 31:16 Fieldset 31:53 UL vs OL 32:44 DFN The Definition element 34:16 Form 36:56 Button vs Anchor 38:22 Headings 674 - A11y Treats - Heading Design 40:21 Output The Output element 41:46 Dialog 42:04 Tables 44:03 Media media-chrome 45:06 Canvas https://githubuniverse.com/ https://maximeheckel.com/ 46:07 On graphics programming 47:38 Search 354 - The Surprisingly Exciting World of HTML Elements 48:27 Sick Picks + Shameless Plugs Sick Picks Scott: 2Pack Traditional Natural Bamboo Wok Brushes Wes: Logitech MX Master 3S Shameless Plugs Syntax YouTube Channel The Easiest Way to Infinite Scroll with React | Full Example Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

28 Elo 202455min

813: CSS: Scroll Driven Animations

813: CSS: Scroll Driven Animations

In this episode of Syntax, Wes and Scott talk about CSS’ new scroll-driven animations, its implementation, uses, and potential pitfalls. They also discuss animation-timeline and animation-range, and how they can be utilized to control animations based on scroll positions. Show Notes 00:00 Welcome to Syntax! 00:46 Brought to you by Sentry.io. 01:35 Scroll-driven animations. Syntax 695: 5 New CSS Features You Should Know Scroll-driven animations demos and tools. 04:13 @keyframes. 05:22 animation-timeline. 11:35 animation-range. 08:49 View-based timelines. 17:45 Neat uses: Dave Rupert on styling :stuck. Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

26 Elo 202421min

812: CSS 4, 5, and 6! With Google’s Una and Adam

812: CSS 4, 5, and 6! With Google’s Una and Adam

In this episode of Syntax, Wes and Scott talk with Una Kravetz and Adam Argyle from Google Chrome about the evolution of CSS, new features, and the push toward more advanced UI capabilities on the web. They discuss the introduction of CSS versioning, exciting new properties like text-box-trim, state queries, and scroll state functionalities, select, and more! Show Notes 00:00 - Welcome to Syntax!. 01:43 - Brought to you by Sentry.io. 02:19 - The evolution of CSS. 04:07 - CSS versioning and spec levels. CSS RFC. 17:49 - Use-cases for allow-discrete. 20:34 - State queries. 24:19 - Where does the baseline data come from? 25:17 - Will the RFC become official? The latest in Web UI (Google I/O ‘24). 27:33 - New features Una is excited about. 29:44 - Select. https://open-ui.org/components/customizableselect. https://codepen.io/argyleink/pen/YzoEPOG. 38:31 - New features Adam is excited about. 39:24 - text-box-trim. 40:59 - State queries. 54:56 - Sick Picks + Shameless Plugs. Sick Picks Una: Logitech MX Master 3 Adam: Teenage Engineering K.O. II Shameless Plugs Una: Una.im Adam: The CSS Podcast Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

23 Elo 20241h 2min

811: NodeJS Evolves

811: NodeJS Evolves

In this episode of Syntax, Wes and Scott talk about the latest features in Node.js, including native support for TypeScript, .env parsing, a built-in test runner, watch mode, SQLite integration, glob support, and top-level await. They also discuss some wishlist items, and experimental features like WebSocket support and the require module. Show Notes 00:00 Welcome to Syntax! 01:13 Brought to you by Sentry.io. 01:37 Node.js new features. Deno. Bun. 02:51 TypeScript. tsx. swc/wasm-typescript. 10:03 SQLite v22.5. 14:35 .env support. 16:24 Test runner. Jest. 19:42 Watch Mode. nodemon. 21:22 Glob support. 22:48 Top-Level Await. Top-level await is a footgun. 26:40 Experimental require module. Default ESM Detection. Web request standards. HonoJS. 29:39 Experimental WebSocket support. 30:13 Async local storage. 31:43 Single file executables. 32:46 Wishlist. 32:54 Hot reload. 34:20 Window shim. globalThis. 35:30 Better server. 35:56 Better terminal integration. NIM. styleText. chalk. warp. 41:36 Twitter responses. Coolify. n. 46:54 Sick Picks + Shameless Plugs. Sick Picks Scott: Cascadia Wes: Roborock Qrevo Shameless Plugs Scott: YouTube Channel Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads Randy: X Instagram YouTube Threads

21 Elo 202455min

Suosittua kategoriassa Politiikka ja uutiset

tervo-halme
aikalisa
rss-ootsa-kuullut-tasta
ootsa-kuullut-tasta-2
politiikan-puskaradio
viisupodi
rss-kuka-mina-olen
rss-vaalirankkurit-podcast
rss-podme-livebox
otetaan-yhdet
rikosmyytit
rss-kaikki-uusiksi
et-sa-noin-voi-sanoo-esittaa
rss-hyvaa-huomenta-bryssel
rss-asiastudio
radio-antro
rss-kiina-ilmiot
rss-poliittinen-talous
rss-merja-mahkan-rahat
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset