| 1. Should the client or the server take more security precautions? | |
| Yes the server should take more security precautions probably from a security firm that specializes in security to make sure no one will be stealing information from your users. | |
| 2. What's the difference between local storage and session storage? | |
| Session storage is the same as local storage except that the data doesn't persist outside of the tab (session). | |
| 3. What problem does a JWT expiry time solve? | |
| Some users keep there tabs open for hours and a JWT is always valid so a malicious party can find one from years ago and use it access your API. Expiry time solves this issue. | |
| 4. Is a refresh endpoint protected or public? | |
| Protected endpoint | |
| 5.What would happen if a refreshed JWT was requested with a JWT that had already expired? | |
| If the JWT has expired, the method will throw an error and our middleware will respond with the unauthorized error. | |
| 6.What does it mean to queue a callback? | |
| It means setting a particular time to run a function which is your callback. | |
| 7.What does the clearTimeout function do and what argument do you pass into it? | |
| Function cancels the timeout that is currently being counted and you pass in the ID of the timeout you want to cancel. | |
| 8. For which of the following events should a refresh request be queued after? | |
| A successful login request | |
| A successful API request to a protected endpoint for posting a comment | |
| A successful page load | |
| A successful refresh request | |
| A push state navigation event | |
| 9. What is OIDC? | |
| This protocol enables a range of clients to securely authenticate. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment