This is a Javascript project created in order to learn about security methods using node.js. Creating this application i could learn about:
- identify vulnerabilities
- What is a Hashing Function
- The differences between hashing functions
- How the bcrypt hashing function works
- Implement password protection in the database using bcrypt
- Different types of login systems;
- The advantages of a token login system;
- How JSON Web Token Works;
- How to implement sessionless local authentication.
- How to generate JSON Web Tokens;
- How to configure an authentication strategy for tokens;
- How to generate random passwords;
- How to store values in an environment variable;
- How to handle authentication errors.
- How to create tokens with expiration time;
- How to invalidate JSON Web Tokens with a blacklist;
- How to use Redis on Node to create a blacklist;
- How to use Redis methods on Node;
- Implement a token logout system.
- Limitations of using a single JWT token for sessions
- How to use refresh tokens for authentication
- How to implement a refresh token
- What are opaque tokens
- How to use moment.js to set the token expiration time
- How to perform search and delete operations in Redis
- How to create an interface for manipulating a generic list
- How to create an allowlist for refresh tokens
- How to manually interact with redis from the command line
- How to refactor the blocklist
- How to check refresh tokens
- How to Implement the Token Update Route
- How to Implement the Refresh Tokens Logout Route
- How to modularize token creation
- How to modularize token verification
- How to modularize token invalidation
- How email verification is important
- How the email verification process works
- How to send emails on Node.js
- How to Create Email Verification Emails
- How to store information that a user's email is verified
- How to Modify a User's Email Verification State
- How to implement the email verification route
- How to generate dynamic addresses using tokens
- How to send emails in a production environment
- coming soon
Open a terminal and run the following commands:
# To copy this repository
git clone https://github.com/CarlosDanielS3/nodeSecurity.git
# To move to project directory
cd nodeSecurity
# To install the dependencies
yarn
You can run the application in development mode with the command:
#Run the Server
yarn start