Tim Wilde Developer

JWT Token Replay Mitigation in ASP.NET

In a previous post, we had a look at how JWT tokens can be revoked before they expire in order to build a sign out feature. The next problem is that tokens can be captured and used in nefarious requests: token replay attacks.

Let’s look at a method for reducing the viability of these attacks in ASP.NET projects.

Read the full post »

Better Cypress Selectors in ASP.NET

This post is tagged with:

Working with Cypress on an ASP.NET project recently, I was getting frustrated with adding arbitrary strings to the markup as selectors for the tests. Strings are difficult to work with: they have no structure, can contain nearly anything, and are difficult to refactor. They are, in my opinion, the junk drawer of programming languages. I prefer more structured data.

I designed a tiny utility for generating Cypress selectors from a hierarchy of nested classes; making them easier to work with using developer tools and adding structure to the way the selectors are defined throughout the project.

Read the full post »

JWT Token Revocation in ASP.NET

JWT tokens are a popular way to implement authentication and authorization. The problem with JWT tokens is that they don’t intrinsically provide a revocation mechanism: tokens are valid until they expire.

Let’s take a look at one way to add that feature to ASP.NET projects.

Read the full post »

Building a Kubernetes Cluster from Scratch

This post is tagged with:

I’ve been using Docker and Docker Swarm for several years but have always been under the impression that Kubernetes wasn’t necessary unless you were managing hosting at Google scale - hundreds or thousands of servers, and astronomical numbers of services. I’d had a look at Kubernetes a few times but, compared to the Docker Compose files I was used to, it just seemed so… complicated.

Read the full post »