Sysadmin/Programming tips
Hello there,
From time to time, I have a few idea, tips, solutions to a problem that bothered me for several days or simply neat pieces of code that I want to keep in one corner of the Internet for later use.
I think it would be selfish to keep these for myself, and if they may ever be useful to someone else, well, there you go! Unless mentioned otherwise or being own by someone else, every piece of code you’ll find here is under my favorite license: BSD-3, under the same reservations, the rest of the text and content is licensed CC-BY 4.0. Feels free to use it and adapt it yourself and if you have any kind of improvements, I’ll be happy to hear about it. In particular, translation is encouraged if you feel it could be useful to someone else (again, although not a requirement, droping a note would be nice ;) ). To contact me, you can do it either through github or via blog@mlemoine.name.
Don’t expect any kind of regular or high-profile posting here, it’s just my little corner of the Internet that could be useful to you too!
This is the fifth part of my Authentication and security for REST API in the context of Web Apps series of posts. In the previous post, we integrated various user authentication scheme to our authentication API. In this post, we will focus on mitigating several important security issues. Although our authentication API includes protections against...
This is the sixth and last (but not least) part of my Authentication and security for REST API in the context of Web Apps series of posts. We covered each steps of designing and securing a RESTful authentication API. Security in the authentication mechanism is paramount. A secure authentication layer ensures no user will be...
This is the forth part of my Authentication and security for REST API in the context of Web Apps series of posts. In the previous post, we designed a RESTful authentication API. In this post, we will integrate several user authentication schemes to it (criteria 5). As for the previous post, http://ld.lemoinem.name/ns/rest-auth# is used as...
This is the first part of my Authentication and security for REST API in the context of Web Apps series of posts. In this one, we will focus on how to design credentials containers (tokens and such). When one says authentication, one automatically thinks about credentials. In the context of a Web App, there are...
This is the third part of my Authentication and security for REST API in the context of Web Apps series of posts. In the previous post, we discussed how to store and provide tokens to the server. In this post, we will try to design an API to authenticate users and manage tokens. As mentioned...
While writing the the second part of my Authentication and security for REST API in the context of Web Apps series of posts, I realized that discussing the different alternatives to store credentials token was more extensive than I previously thought. This post focuses on storing and transmitting credentials out-of-band. This means the API is...
While writing the the second part of my Authentication and security for REST API in the context of Web Apps series of posts, I realized that discussing the different alternatives to store credentials token was more extensive than I previously thought. This post focuses on storing and transmitting credentials in band. This means the API...
This is the second part of my Authentication and security for REST API in the context of Web Apps series of posts. In the previous post, we designed a strong credentials’ vessel (token). In this post, we will try to find the best way to store and provide them to the API. Having secure tokens...
I am, finally, starting to look at developing REST APIs as the backend of a Web Apps. I’m certainly not the first and the community has already been developing great tools and technologies for this. In particular, given my background with PHP and Symfony, I’ve been looking at: JSON-LD, JWT, HYDRA, API Platform For anyone,...
tmux/GNU Screen are a terminal multiplexer. That means, it re-implements the “Multiple Tabs” features for your console/terminal, but natively (it works in (almost) any terminal (emulator)) and you can detach/reattach it (very useful if you just want to leave that script running for a while without keeping your SSH connection or session opened). Since I...