Category: Web
-
Forgot Password Feature with Python and Flask
The article discusses user authentication options, highlighting the “Forgot Password” feature implementation using JWT in Python and Flask. It outlines a secure workflow for resetting passwords via email, emphasizing the importance of short-lived JWTs for security. Proper authentication procedures enhance user trust and experience in applications.
-
How to Solve the CORS error with Flask
This article addresses the common CORS error faced by web developers when connecting a front-end application to a Flask API. It explains the security reasons behind CORS policies, the role of preflight requests, and provides solutions using Flask-CORS.
-
OAuth2, Which Workflow to Choose?
In this article, we’re breaking down the essentials of OAuth2, from the classic Authorization Code Flow to the more modern and secure PKCE. Along the way, you’ll learn which grant types fit your project’s needs (and which ones you should leave behind in the digital dust). And don’t worry—I’ll sprinkle in some jokes to keep…
-
5 Essential Tips for Securing Your Spring Application
In the world of application security, one weak point can bring everything crashing down. This article explores why layering multiple security measures—like password encryption, session management, and using third-party authentication—is key to protecting your Spring Boot application from potential threats. By combining these strategies, you can create a more resilient defense and minimize the risk…
-
Authenticate Your Spring Application With AWS Cognito
Recently, I needed to create an authentication system for one of my applications. But I need to create it quickly and securely. I may use a JWT with email and password, but people are lazy creating new passwords. So, I choose for a social Sign-In with AWS Cognito.
-
The 5 Keys to Effective RESTful API Design
A RESTful communication is about standards, naming strategies and readability. In this article, I list 5 points to build an RESTful compliant application. I talk about the HTTP verbs, the nouns used, hierarchy, how to use verbs in the URL and the HTTP response code.
-
Which HTTP Response Code to Use?
I have the HTTP verbs and URL that define the request. And I have the HTTP response code that defines my response. All the parts of a request must be clear and understandable. The most used one is 200, which means Ok. However there are other important HTTP response codes for different situations. In this…
-
OAuth2 With Google, Spring Boot And Angular
In this article, I describe how to create the Google OAuth2 client, how to connect Spring Security to Google OAuth2 workflow, and have a React frontend to communicate with my Spring Boot application.
-
Which HTTP Verb to Use?
There are many HTTP verbs. All have a different meaning and usage. Not using the adequate verb makes the API harder to read and understand. In this article, I describe the main HTTP verbs to use in a regular RESTful application.
-
Use Pagination to Speed Up Your API
In this article, I show the main steps to implement the pagination to optimize the response time of your API. I start by reproducing it locally, then, determine the sort order and page size, adapt the database queries, and finally adapt the frontend.
The Dev World - Sergio Lema 