Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Vue.js ❤️ JWT

Ignacio Anaya
September 19, 2017
Programming
0
85

Vue.js ❤️ JWT

JWT seems to be the new black in the authentication world. It is also a perfect fit when we need to add security in the client side. I will make an introduction to JWT, share my experience using it to "protect" SPA and show how easy is to implement it in your Vue.js app.

Ignacio Anaya

September 19, 2017
Tweet

More Decks by Ignacio Anaya

See All by Ignacio Anaya
Security is not a feature‼️
ianaya89
2
410
Rompiendo Paradigmas Otra Vuez! 🔨📜3️⃣
ianaya89
0
110
Security is not a feature!
ianaya89
1
310
What's next in Vue 3? 🖖 3️⃣
ianaya89
0
86
What's next in Vue 3? 🖖 3️⃣
ianaya89
0
240
Vue.js, PWA & The Subway Dilemma
ianaya89
0
140
PWA with PWF
ianaya89
0
69
Decentralizing the Web with JavaScript
ianaya89
0
96
hey-devs-time-to-care-about-web-apps-security.pdf
ianaya89
0
73

Other Decks in Programming

See All in Programming
Next.js App Router
quramy
12
1.9k
検証も兼ねて個人開発でHonoとかと向き合った話
hanetsuki
1
1.3k
Balkan Ruby 2024 — How and why to run SQLite on Rails in production
fractaledmind
0
100
GraphQLサーバの構成要素を整理する #ハッカー鮨 #tsukijigraphql / graphql server technology selection
izumin5210
4
910
雑に思考を整理する技術と効能
konifar
64
30k
GitLab CI/CD で C#/WPFアプリケーションのテストとインストーラーのビルド・デプロイを自動化する
hacarus
0
430
2 週間で Twitter Bot を作ってみた
contour_gara
0
790
新宿ダンジョンを可視化してみた
satoshi7190
3
400
Git Rebase
bkuhlmann
11
1.6k
Build Apps for iOS, Android & Desktop in 100% Kotlin With Compose Multiplatform (mDevCamp 2024)
zsmb
0
470
Elm Form Validation
bkuhlmann
0
520
Git Lint
bkuhlmann
4
760

Featured

See All Featured
Why Our Code Smells
bkeepers
PRO
331
56k
The Art of Programming - Codeland 2020
erikaheidi
43
12k
Designing the Hi-DPI Web
ddemaree
276
33k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
8
3.4k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
245
20k
Infographics Made Easy
chrislema
238
18k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
14
1.5k
Embracing the Ebb and Flow
colly
80
4.2k
The Straight Up "How To Draw Better" Workshop
denniskardys
228
130k
WebSockets: Embracing the real-time Web
robhawkes
59
7k
Testing 201, or: Great Expectations
jmmastey
30
6.4k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
20
1.8k

Transcript

  1. Vue.js ❤ JWT { Vue.js ❤ JWT } - @ianaya89

    1

  2. Ignacio Anaya @ianaya89 > Full Stack Developer, Tech Trainer &

    Speaker > @Auth0 Ambassador > @Vuenos_Aires Organizer { Vue.js ❤ JWT } - @ianaya89 2

  3. ! Why Tokens? 4 Stateless 4 Decoupled 4 Scalable {

    Vue.js ❤ JWT } - @ianaya89 3

  4. { Vue.js ❤ JWT } - @ianaya89 4

  5. ! Why JWT? 4 Standard 4 Secure 4 Self Contained

    4 JSON ! { Vue.js ❤ JWT } - @ianaya89 5

  6. JWT { Vue.js ❤ JWT } - @ianaya89 6

  7. JWT ! Header { "alg": "HS256", "typ": "JWT" } {

    Vue.js ❤ JWT } - @ianaya89 7

  8. JWT ! Payload { "sub": "1234567890", "name": "John Doe", "admin":

    true, "iss": "https://api.com" } { Vue.js ❤ JWT } - @ianaya89 8

  9. JWT ✍ Signature HMACSHA256( base64UrlEncode(header) + "." + base64UrlEncode(payload), secret

    ) { Vue.js ❤ JWT } - @ianaya89 9

  10. JWT ! Use Cases 4 SPA's 4 Serverless 4 API's

    4 Mobile 4 IoT { Vue.js ❤ JWT } - @ianaya89 10

  11. { Vue.js ❤ JWT } - @ianaya89 11

  12. ! What we need? 4 Auth Api 4 vue-router 4

    trae (http library) 4 localStorage { Vue.js ❤ JWT } - @ianaya89 12

  13. Server Auth = Auth Client Auth = UX { Vue.js

    ❤ JWT } - @ianaya89 13

  14. ! Auth API 4 Send credentials & get JWT 4

    Validate JWT 4 node, express, jsonwebtoken, express-jwt { Vue.js ❤ JWT } - @ianaya89 14

  15. ! vue-router 4 SPA's 4 1 route = 1 component

    { Vue.js ❤ JWT } - @ianaya89 15

  16. ! vue-router Routes Meta const router = new Router({ routes:

    [{ path: '/', component: Home }, { path: '/login', component: Login, meta: { isPublic: true } }] }) { Vue.js ❤ JWT } - @ianaya89 16

  17. ! vue-router Guardian Navs router.beforeEach((to, from, next) => { //

    resolve if user is authenticated... if (!to.meta.isPublic && !isAuthenticated()) { return next('login') } next() }) { Vue.js ❤ JWT } - @ianaya89 17

  18. ! trae 4 HTTP Library 4 Fetch Wrapper with steroids

    4 Similar axios 4 Promised Based { Vue.js ❤ JWT } - @ianaya89 18

  19. ! trae Example import trae from 'trae' trae.baseUrl('http://api:com') trae.get('/', {})

    .then(res => console.log(res.data)) .catch(err => console.log('[ERROR]', err)) { Vue.js ❤ JWT } - @ianaya89 19

  20. trae Middlewares trae.before((config) => { const token = '123456789' config.headers['Authentication']

    = token return config }) { Vue.js ❤ JWT } - @ianaya89 20

  21. localStorage trae.post('/auth', { email, password }) .then(res => { localStorage.token

    = res.data localStorage.user = atob(res.data.split('.')[1]) }) .catch(err => console.log('[ERROR]', err)) { Vue.js ❤ JWT } - @ianaya89 21

  22. Demo { Vue.js ❤ JWT } - @ianaya89 22

  23. More? { Vue.js ❤ JWT } - @ianaya89 23

  24. More! 4 jwt.io 4 Auth0 4 jwt-handbook 4 trae {

    Vue.js ❤ JWT } - @ianaya89 24

  25. Questions { Vue.js ❤ JWT } - @ianaya89 25

  26. ! Thanks! @ianaya89 { Vue.js ❤ JWT } - @ianaya89

    26