September 19th, 2022
This post is tagged with:
In a previous post, we had a look at how JWT tokens can be revoked before they expire in order to build a sign out feature. The next problem is that tokens can be captured and used in nefarious requests: token replay attacks.
Let’s look at a method for reducing the viability of these attacks in ASP.NET projects.
Read the full post »
September 16th, 2022
This post is tagged with:
Working with Cypress on an ASP.NET project recently, I was getting frustrated with adding arbitrary strings to the markup as selectors for the tests. Strings are difficult to work with: they have no structure, can contain nearly anything, and are difficult to refactor. They are, in my opinion, the junk drawer of programming languages. I prefer more structured data.
I designed a tiny utility for generating Cypress selectors from a hierarchy of nested classes; making them easier to work with using developer tools and adding structure to the way the selectors are defined throughout the project.
Read the full post »
September 14th, 2022
This post is tagged with:
JWT tokens are a popular way to implement authentication and authorization. The problem with JWT tokens is that they don’t intrinsically provide a revocation mechanism: tokens are valid until they expire.
Let’s take a look at one way to add that feature to ASP.NET projects.
Read the full post »
January 10th, 2020
This post is tagged with:
I’ve been using Docker and Docker Swarm for several years but have always been under the impression that Kubernetes wasn’t necessary unless you were managing hosting at Google scale - hundreds or thousands of servers, and astronomical numbers of services. I’d had a look at Kubernetes a few times but, compared to the Docker Compose files I was used to, it just seemed so… complicated.
Read the full post »