Authentication on the Web (Sessions, Cookies, JWT, localStorage, and more)

preview_player
Показать описание
In this video, we will cover the fundamentals of user authentication in modern web applications and websites. In particular, we will explore stateful (session-based) and stateless (token-based) auth, and examine cookies, JWT, and client storage in close detail. We will also touch on security aspects inherent with each authentication scheme and lay out practical strategies for implementing authentication in single-page apps and RESTful APIs.

  1. Code Realm
  2. authentication
  3. auth
  4. security
  5. sessions
  6. cookies
Рекомендации по теме
Session vs Token 0:02:18

Session vs Token Authentication in 100 Seconds

Authentication on the 0:37:05

Authentication on the Web (Sessions, Cookies, JWT, localStorage, and more)

Session Vs JWT: 0:07:00

Session Vs JWT: The Differences You May Not Know!

Session Based Authentication 0:02:35

Session Based Authentication | Authentication Series

Difference between cookies, 0:11:53

Difference between cookies, session and tokens

How do server 0:15:26

How do server side authentication sessions work (express & cookies)

A High Level 0:07:07

A High Level Overview of Server Side Sessions for Authentication

How Does JWT 0:11:27

How Does JWT Authentication Work? (JSON Web Token) | Tokens vs Sessions

Create a Secure 0:32:45

Create a Secure Login Form with PHP Sessions and Cookies | Remember Me

Understanding Authentication in 0:30:54

Understanding Authentication in Node.js - Sessions and Cookies - Web Development Concepts Explained

User Authentication in 6:13:29

User Authentication in Web Apps (Passport.js, Node, Express)

How Sessions work 0:05:42

How Sessions work in Web Servers

Stop using JSON 0:23:33

Stop using JSON Web Tokens. Use Cookies & Server Sessions instead

Token vs Session 0:15:19

Token vs Session Authentication | Authentication Explained!!!

JSON Web tokens 0:14:14

JSON Web tokens vs sessions for authentication | should you use JWTs as session tokens?

JSON Web Tokens 0:05:13

JSON Web Tokens (JWTs) vs Sessions Cookies : Web Authentication

Don’t Use JWT 0:01:00

Don’t Use JWT for Login Sessions

Next.js App Router 0:11:31

Next.js App Router Authentication (Sessions, Cookies, JWTs)

ExpressJS Tutorial #6 0:10:12

ExpressJS Tutorial #6 - Sessions

Stealing Web Session 0:08:50

Stealing Web Session Cookies to Bypass MFA (Credential Access)

JavaScript Cookies vs 0:14:28

JavaScript Cookies vs Local Storage vs Session Storage

What Is JWT 0:14:53

What Is JWT and Why Should You Use JWT

Understanding Firebase Authentication 0:03:24

Understanding Firebase Authentication Session Persistence with the Web SDK

Cookies, Sessions, JSON 0:46:41

Cookies, Sessions, JSON Web Tokens (JWT) and More 🍪🔐

Комментарии
Автор

Best video on web auth that has ever been produce by the mankind. Period.

agustinbs
Автор

This video cant be better than it is now, dead simple, concise, strictly to the point, thank you so much for the GREAT content, keep up

medi
Автор

Dude. You are the man. The world needs more videos like this.

MasonE
Автор

this is still, a year later, the best resource that I've found on cookies and sessions! Chapeau

twiggeh
Автор

You're the man! It's incredible that we can consume this content for free in such a concise yet thoroughly delivered manner. A big thank you for the time you put in creating these videos and for sharing your knowledge with us!

ArthurBurgan
Автор

My goodness, man, not a single second wasted, just a non-stopping flow of information. Your videos are the best on the whole internet; concise, packed, and straight to the point. Thank you very much for what you're doing.

awabelmahe
Автор

LIKE from INDIA. At least 15 videos, 10 articles, countless days I spent to understand (10%) about authentication techniques and you refreshed that knowledge in one shot!

nitindaphale
Автор

No one had explained like this, it is exceptional and beyond any online presentation that mankind has ever encountered.
Absolutely Phenomenal.
If a grade has to be given to you, you deserve for five courses in a term with
a grade of A+, A+, A+, A+, A+ with flying colors, or in simple terms " very great distinction" .

girmamoges
Автор

This video must be the *prerequisite* video for every web development/backend course out there.
Thanks, man! crystal clear explanation!

fb_a
Автор

I would LOVE to hear the same topic but in context of SPA & WebSockets authentication (distributed micro-service systems). This is the No.1 explanation in the whole YouTube! You have a talent!

Oswee
Автор

This is the kinds of videos that I've been looking for like 3 years, Thank you so much Sr.

NikogBazza
Автор

one of the damn best video I've seen on the topic. Well done sir! And thank you!

MrFallout
Автор

This is the single most amazing piece of information on web auth on the entire internet. Wow.

ninadmanjaramkar
Автор

Finally, an explanation for web authentication for people who are not 5 years olds.

TheLordoftheDarkness
Автор

Best video on Auth. Deserves to be ranked higher by Youtube ...

muj
Автор

This video summarizes hours of other videos and blog posts all over the Internet. Well done.

fooked
Автор

i tried this same style to create a tutorial on php. i got pummeled down with down votes. people didt like it when i read out from a slide show. but you! you have done a great service to a lot of people. thank you!

karma_yogi_
Автор

hey you! solve most of the missed bridges in my brain. you deserve thumbs up

jaycelila
Автор

Nicely done. Clear and concise. One tiny quibble: The word "opaque" should be pronounced as "oh-pake", not as "oh-pack". It is a word borrowed from optics, where it means non-transparent. One might say that a one-way mirror is transparent on one side and opaque on the other.

JimLloyd
Автор

Full, comprehensive, unbiased and objective unlike most of the speakers go gaga about 1000% STATELESS blah blah!
Only REAL benefit I can think of jwt is, that it can mitigate DDSA, that a Front End service, which can reject the request with a just simple signature verification made on JWT, instead of every time going down to authenticate and then reject, as in the case of stateful.

BharCode