1. Should the client or the server take more security precautions? | |
Yes the server should take more security precautions probably from a security firm that specializes in security to make sure no one will be stealing information from your users. | |
2. What's the difference between local storage and session storage? | |
Session storage is the same as local storage except that the data doesn't persist outside of the tab (session). | |
3. What problem does a JWT expiry time solve? | |
Some users keep there tabs open for hours and a JWT is always valid so a malicious party can find one from years ago and use it access your API. Expiry time solves this issue. | |
4. Is a refresh endpoint protected or public? | |
Protected endpoint | |
5.What would happen if a refreshed JWT was requested with a JWT that had already expired? | |
If the JWT has expired, the method will throw an error and our middleware will respond with the unauthorized error. | |
6.What does it mean to queue a callback? | |
It means setting a particular time to run a function which is your callback. | |
7.What does the clearTimeout function do and what argument do you pass into it? | |
Function cancels the timeout that is currently being counted and you pass in the ID of the timeout you want to cancel. | |
8. For which of the following events should a refresh request be queued after? | |
A successful login request | |
A successful API request to a protected endpoint for posting a comment | |
A successful page load | |
A successful refresh request | |
A push state navigation event | |
9. What is OIDC? | |
This protocol enables a range of clients to securely authenticate. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment