python (12.9k questions)

javascript (9.2k questions)

reactjs (4.7k questions)

java (4.2k questions)

java (4.2k questions)

c# (3.5k questions)

c# (3.5k questions)

html (3.3k questions)

Questions - restful-authentication

Why not to have two access_tokens and two refresh_tokens stored one in cookie and one in localstorage to protect from XSS and CSRF

Background Scenario is that we have a REACT SPA and a single API which is both a resource server and an authentication server. We want to implement simple tokens based auths. There is no dedicated SSO...
test-img

Rychu

security

authentication

access-token

restful-authentication

refresh-token

Votes: 0

Answers: 1

Latest Answer

We have implemented this flow and here are two main conclusions: This flow works great and gives more security when API and frontend are hosted on the same domain (e.g., api.example.com and example.c...
test-img

Rychu

Can any body answer my question about Oauth2?

I am buiding an app using svelteKit and django rest framework. SvelteKit is responsible for rendering HTML page(SSR) and django rest framework is responsible for providing restful API. Both App server...
test-img

xiayulu

django-rest-framework

oauth-2.0

server-side-rendering

restful-authentication

Votes: 0

Answers: 1

Latest Answer

I can use Authorization Code grant flow auth APP server, but how about the browser? In fact the authorization code based flow is the one that is suitable & meant for web client. While using this...
test-img

b.s

Consume SOAP XML in Rest WebService

I am able to consume xml based request in rest webservice. Below is the sample code how I am consuming XML request in my rest webservice. Now, I want to consume soap request XML and I know SOAP is a m...
test-img

suleman

java

json

xml

web-services

restful-authentication

Votes: 0

Answers: 1

Latest Answer

Mainly a Rest API is based on JSON documents, and is usually the main standard for most implementations. Even so, nothing prevents you from sending the application/json content type to your HTTP serve...
test-img

Sergio Martinez

Posts

Questions

Blogs

Jobs