Skip to content

Instantly share code, notes, and snippets.

View mikiTesf's full-sized avatar

Mikyas Tewoldebirhan mikiTesf

  • Scalable Capital
  • Berlin, Germany
View GitHub Profile
@rosswd
rosswd / sql.md
Last active October 21, 2023 16:19
Learn Relational Database Design and SQL
@soulmachine
soulmachine / jwt-expiration.md
Last active February 22, 2024 11:33
How to deal with JWT expiration?

First of all, please note that token expiration and revoking are two different things.

  1. Expiration only happens for web apps, not for native mobile apps, because native apps never expire.
  2. Revoking only happens when (1) uses click the logout button on the website or native Apps;(2) users reset their passwords; (3) users revoke their tokens explicitly in the administration panel.

1. How to hadle JWT expiration

A JWT token that never expires is dangerous if the token is stolen then someone can always access the user's data.

Quoted from JWT RFC:

@joyrexus
joyrexus / README.md
Last active June 8, 2023 07:45
form-data vs -urlencoded

Nice answer on stackoverflow to the question of when to use one or the other content-types for POSTing data, viz. application/x-www-form-urlencoded and multipart/form-data.

“The moral of the story is, if you have binary (non-alphanumeric) data (or a significantly sized payload) to transmit, use multipart/form-data. Otherwise, use application/x-www-form-urlencoded.”


Matt Bridges' answer in full:

The MIME types you mention are the two Content-Type headers for HTTP POST requests that user-agents (browsers) must support. The purpose of both of those types of requests is to send a list of name/value pairs to the server. Depending on the type and amount of data being transmitted, one of the methods will be more efficient than the other. To understand why, you have to look at what each is doing