Access Control
- When is Basic Authorization used vs. Bearer Authorization?
- Basic authorization is used to check directly to user’s password
- Bearer authorization is checking the token used between the client and the server
- What does the JSON Web Token package do?
- it is the encrypted information goes in between clients, servers, and databases
- What considerations should we make when creating and storing a SECRET?
- encrypting your SECRET
- use .env file to store it
- keep changing it
Term
- encryption: a way to hid information and it can only be compared with the correct information
- token: security credentials for a login session and identifies the user
- bearer: bearer token is a cryptic string, usually generated by the server in response to a login request
- secret: a secret information that used to generate a token
- JSON Web Token: a compact and self-contained way for securely transmitting information between parties as a JSON object
<==Back