Category: Web
-
Spring Security and Roles Authorization
In this article I will explain the difference between Authentication and Authorization. I will also explain how to implement the Authorization pattern with Spring Security. For that, I will use the @PreAuthorize annotation.
-
Jinja Templates
In this article, I show how a Flask backend can render and return Jinja templates. I will show how to use variables inside the Jinja templates, blocks and macros.
-
Python Pre-Commit
In this article I show how to configure pre-commit in a Python project to format and check the code. I will show 4 tools which will run automatically with the Git hooks.
-
The CSRF Protection with Spring Security
In this article I will explain the CSRF attack, the Cross-Site Request Forgery attack. I will show how Spring Security can protect against this attack, in both a server side rendering server and with a separated frontend and the Cookie repository.
-
MongoDB with Spring Data
In this article I show how connect a Spring Boot application with MongoDB. I will show how to configure a Spring Boot application to be connected to a single noSQL database as MongoDB. And I will show how to use Spring Data to request a MongoDB database.
-
Unit Tests with Pytest
In this article I show how to write unit tests with Pytest. I show the parametrized tests, the conftest and the fixtures.
-
Mapping and Validating with Marshmallow
In this article I explain the 3-tier architecture. From that I explain the need to have a mapping with Marshmallow. I will use Marshmallow to map my database entities to JSON objects.
-
SQLAlchemy
In this article I show how to configure SQLAlchemy in a Flask backend. I also show how to create entities which reflect some tables in a database. And show how some relationships are managed with SQLAlchemy as one-to-one, one-to-many and many-to-many.
-
Basic Authentication & JWT
In this article I show how to secure a Flask backend with Basic Authentication and also with JWT. I will show the usage of the library flask-http-auth for the Basic Authentication and the token based Authentication. Then, I will add the library pyjwt to encode and decode a JWT.
-
Log4Shell Vulnerability
In this article I show how the Log4Shell vulnerability can impact. I show how the JNDI commands are intercepted with an LDAP server, and how to protect against this vulnerability.
The Dev World - Sergio Lema 