Open in app
Home
Notifications
Lists
Stories

Write
Peter Locke
Peter Locke

Home

Published in Lightrail

·Jul 7, 2017

Getting Token Authentication Right in a Stateless Single Page Application

Single page application architecture is becoming more prevalent, yet many established patterns to implement authentication security and user experience have not caught up. Patterns used by traditional web applications do not cross over well, or at all, to a true stateless architecture where there is no server-side web session. The…

Authentication

12 min read

Getting Token Authentication Right in a Stateless Single Page Application
Getting Token Authentication Right in a Stateless Single Page Application

Published in Lightrail

·Jun 26, 2017

Prevent Business Intelligence Leaks by Using UUIDs Instead of Database IDs on URLs and in APIs

Let’s examine an innocuous looking URL that you may see when you are looking at your order history on some e-commerce site: https://www.yourfavsite.com/account/orders?orderid=5963 Speaking strictly from an application security perspective, there is no problem here. As long you’ve done your job on the back end checking that the order’s user…

Programming

6 min read

Prevent Business Intelligence Leaks by Using UUIDs Instead of Database IDs on URLs and in APIs
Prevent Business Intelligence Leaks by Using UUIDs Instead of Database IDs on URLs and in APIs
Peter Locke

Peter Locke

Cofounder and CTO @giftbit / @lightrailhq — Builder of business focussed engineering teams and technology strategies.

Following
  • Bored Elon

    Bored Elon

  • Medium

    Medium

  • Nina Patkai

    Nina Patkai

  • Adam Jordens

    Adam Jordens

  • Tim Jordison

    Tim Jordison

See all (66)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Knowable