Auth api with Node js, Typescript, Fastify and PostgreSQL.
Get our Postgres container
docker run --name postgresql-container -p 5432:5432 -e POSTGRES_PASSWORD=<password> -d postgresRun this command to run bash in our postgres container
docker exec -it b560c37eb491 bashThen login
psql -h localhost p- 5432 -U postgres -WCreate new database
CREATE DATABASE <NAME>;Check if it exists
\lExit from postgres
\qExit from bash
exitEncryption, Allows you to use a key to obfuscate and retrieve data
password
password X key
qbttxpse
qbttxpse / key
password
Hashing A one way trip. Not meant to be reversed
password password x hash function hashed data
md4, md5, sha Sha - security hashing algorithm sha-256
Salt
adds additional data (salt)
passwordsalt passwordsalt x hash function creates a unique hash
Local Storage and normal cookies are both
- Stored in the browser
- Accessible by the client
- Able to be read / wrote by the browser
- Able to be accessed by any browser extension on your browser
HTTPOnly Cookies
- Only accessible via the server
- Only writeable via the server
- JWT
- Contains all of the info someone needs to be logged
- Says this user has access
- Only available current session
Refresh Token
- JWT
- Only contains session id
- Be used to generate new access token
- Used to refresh the access token