Skip to content

Instantly share code, notes, and snippets.

View rdegges's full-sized avatar

Randall Degges rdegges

2.5k followers · 350 following
View GitHub Profile
@rdegges
rdegges / abstract.md
Created June 1, 2017 06:25
Talk Abstract

JWTs Aren't So great

JSON Web Tokens (JWTs) are all the rage in the security world. They’re becoming more and more ubiquitous in web authentication libraries, and are commonly used to store a user’s identity information.

In this talk, Randall Degges, Developer Advocate at Okta, will walk you through web authentication from the ground up, explaining how it works both with and without JWTs. Along the way you’ll learn why JWTs aren’t as great as you might hear, and learn about better ways to speed up web authentication for your websites.

Through this talk, you’ll learn:

  • How web authentication works.
  • How HTTP sessions and cookies store information.
@rdegges
rdegges / lookup.py
Created May 8, 2017 17:47
Convert a Heroku application email into a Heroku owner email.
"""
heroku-email-lookup
~~~~~~~~~~~~~~~~~~~
Given a text file that contains Heroku app email addresses (one on each
line), this program will spit out a list of app owner email addresses.
This is useful for Heroku addon providers (like me) who want to email their
addon customers. Because Heroku customers may change their account email
address from time-to-time, Heroku exposes a special API endpoint that this
@rdegges
rdegges / custom-data.json
Created September 20, 2016 21:00
s3 custom data example
{
"s3": {
"some-file.txt": {
"href": "https://s3.amazonaws.com/<bucket>/<userid>/some-file.txt",
"lastModified": "2016-09-19T17:59:22.364Z"
},
"another-file.txt": {
"href": "https://s3.amazonaws.com/<bucket>/<userid>/another-file.txt",
"lastModified": "2016-09-19T17:59:22.364Z"
}
@rdegges
rdegges / bucket-example.txt
Created September 20, 2016 19:43
s3 bucket structure example
bucket
├── userid1
│   └── avatar.png
├── userid2
│   └── avatar.png
└── userid3
└── avatar.png
@rdegges
rdegges / customdata.json
Created September 20, 2016 16:01
express-stormpath-s3 customdata example
{
"s3": {
"some-file.txt": {
"href": "https://s3.amazonaws.com/<bucketname>/<accountid>/some-file.txt",
"lastModified": "2016-09-19T17:59:22.364Z"
}
}
}
@rdegges
rdegges / server.js
Created September 19, 2016 18:30
express-stormpath-s3 sync file example
app.get('/sync', stormpath.loginRequired, (req, res, next) => {
req.user.syncFiles(err => {
if (err) return next(err);
res.send('files synced!');
});
});
@rdegges
rdegges / server.js
Created September 19, 2016 18:27
express-stormpath-s3 delete file example
app.get('/delete', stormpath.loginRequired, (req, res, next) => {
req.user.deleteFile('some-file.txt', err => {
if (err) return next(err);
res.send('file deleted!');
});
});
@rdegges
rdegges / server.js
Created September 19, 2016 18:25
express-stormapth-s3 file download example
app.get('/download', stormpath.loginRequired, (req, res, next) => {
req.user.downloadFile('some-file.txt', '/tmp/some-file.txt', err => {
if (err) return next(err);
res.send('file downloaded!');
});
});
@rdegges
rdegges / server.js
Last active September 19, 2016 18:39
express-stormpath-s3 file upload example
app.get('/upload', stormpath.loginRequired, (req, res, next) => {
// Note the 'public-read' ACL permission.
req.user.uploadFile('./some-file.txt', 'public-read', err => {
if (err) return next(err);
req.user.getCustomData((err, data) => {
if (err) return next(err);
res.send('file uploaded as ' + data.s3['package.json'].href);
});
@rdegges
rdegges / server.js
Created September 19, 2016 18:00
express-stormpath-s3 file upload
app.get('/', stormpath.loginRequired, (req, res, next) => {
req.user.uploadFile('./some-file.txt', err => {
if (err) return next(err);
req.user.getCustomData((err, data) => {
if (err) return next(err);
res.send('file uploaded as ' + data.s3['package.json'].href);
});
});