Posts

Implementing an OAuth 2.0 Client - Node.js

Image
Hello! I hope you had a good day and an awesome week. 😊 Daily we come across many websites that would require us to register with them in order to fulfil our requirements. As we need to complete our work we would make an account on these websites even though we are not going to use them regularly or ever again. This would result in a long list of usernames and passwords for us to remember and forgetting at least one would be a troublesome task of resetting it. As a solution to this problem, Single sign-on was introduced along with social logins. Single sign-on provides a way for users to have a single set of credentials (username and password) for multiple applications. This was achieved using social logins, where existing login details of a social platform provider can be used to register to a third-party website instead of creating a new set of credentials. OAuth 2.0 is a framework which helps in such a situation. What is OAuth 2.0? OAuth (Open Authorization)...
Post a Comment
Read more

Double Submit Cookies Pattern - Node.js

Image
Hello! I hope you had a good day and an awesome week. 😊 In this post, we are going to talk about how to prevent Cross-site Request Forgery (CSRF) using Double Submit Cookies Pattern and its Node.js implementation. If you are unaware of CSRF, I recommend you to read my previous post here as it is crucial to understand Double Submit Cookies Pattern. Prerequisites are the knowledge about cookies, CSRF and Synchronizer Token Pattern. As discussed earlier, there are some drawbacks of Synchronized Token Pattern, namely, The requirement of excessive storage space in the server due to the fact that all the CSRF tokens are stored. Useless if the server supports cross-domain AJAX requests. To overcome the aforementioned reasons and to prevent CSRF, Double Submit Cookies Pattern can be used . Double Submit Cookies Pattern Double Submit Cookies Pattern When Harry signs in to the bank’s website using his username and password, the bank’s server would create a ses...
Post a Comment
Read more

Synchronizer Token Pattern - Node.js

Image
Hello! I hope you had a good day and an awesome week. 😊 With the advancement of technology in information and communication sectors, millennials are electronics-filled, increasingly online and socially networked, which is exactly why everything can be done once you are connected to the internet. Doing online transactions have become so much easy making it is just a button click but, can we guarantee the safety of these transactions? Cross-site Request Forgery (CSRF) is a type of attack which targets such online transactions. You’ll need to have the knowledge of cookies as a prerequisite to fully understand CSRF. What is Cross-site Request Forgery? Cross-site Request Forgery (CSRF) is a malicious exploit of a website where unauthorized commands are sent from a user the website trusts, without this particular user’s knowledge. This is a vulnerability found in websites. Let’s see the below example to understand CSRF. Cross-site Request Frogery When Harry ...
Post a Comment
Read more

What's new with Java 8?

Image
Hello! I hope you had a good day and an awesome week. 😊 Java is a widely-used programming language. Java is fast, secure and reliable. From Java 6 to Java 7, much didn’t change, but Java 8 is a massive step forward. So many things changed and has made easier in Java 8. There are so many changes to look at but in this post, I’ll go through some major changes. ‘default’ and ‘static’ methods in interfaces In previous versions of Java, interface methods can’t have a method body or a method implementation. This has changed in Java 8. In Java 8, interface methods which are declared using ‘default’ and ‘static’ keywords can have a method implementation. This introduce multiple inheritance. At first, Java didn’t support multiple inheritance due to the ‘Diamond Problem’. Diamond Problem is an ambiguity which occurs when a class inherits from two classes which has the same method. In the below diagram, we can see that B and C have inherited from A and D has inherited from both...
Post a Comment
Read more

Introduction to Angular JS

Image
Hello! I hope you had a good day and an awesome week. 😊 In this post, I thought of giving you an idea what AngularJS is. Before getting to know what AngularJS is, you need to know what a single page application is.  A single page application(SPA) is a web application or a web site which loads only a single web page and dynamically update that page as per user’s interaction. The goal of SPAs is to provide a user experience similar to that of a desktop application. SPAs use AJAX and HTML to create responsive web pages without constant page reloads. This means most of the work is done in the client side or front-end. Client having a dynamic communication with the server is a must in SPAs. Let’s see some features of SPAs,            Appropriate content is dynamically added to the webpage.            Use of AJAX for client server communication.            Use of sockets for bidirec...
Post a Comment
Read more

Different Streams in Node.js

Image
Hello! I hope you had a good day and an awesome week. 😊 In this post, I thought talking about different types of streams in Node.js. A stream as defined in computer science is a sequence of data elements (usually bytes, but not necessarily) made available over time which can be accessed sequentially. In Node.js, there are 4 types of streams namely,           Readable             -   stream which is used to read data           Writable                -   stream which is used to write data           Duplex                 -   stream which is used to both read and write data           Transform            -   stream which can modify or tra...
Post a Comment
Read more