NG-BE Live Episode 5 - Token Security and ESLint in Angular with Philippe De Ryck and James Henry

Welcome to NG-BE Live Episode 5 with:

SPEAKERS:
- Philippe De Ryck—Token security in Angular applications
- James Henry—Angular and ESLint, Together at Last

PANELISTS:
- Bonnie Brennan
- Maarten Tibau
- Yannick Houbrix

HOSTS:
- Sam Vloeberghs
- Jurgen Van de Moere

—
TOKEN SECURITY IN ANGULAR APPLICATIONS
Philippe De Ryck

Can an Angular application store tokens in localStorage?

- Yes, of course! LocalStorage is persistent storage, so the token is available to all tabs and windows. It even survives a browser restart.
- No, absolutely not! LocalStorage is insecure, and an attacker will be able to steal the token.

Believe it or not, but both answers are correct. As simple as this question is, the answer is far from straightforward.

In this session, Philippe dives into the security properties of Angular applications. He uncovers why localStorage is insecure and discuss potential alternatives.

By the end of this session, you will be able to decide where to store tokens in your applications.

Even better, you’ll be able to argue why your decision is the right one.

—
ANGULAR AND ESLINT, TOGETHER AT LAST
James Henry

James Henry is a Microsoft MVP for TypeScript, Consultant Architect for Nrwl, and the creator of typescript-eslint and angular-eslint.

In this session, James teaches us about the evolution of linting in Angular projects and how we can use Angular and ESLint together today.

James covers starting a brand new project from scratch, as well as migrating existing projects from TSLint to ESLint and what the future of the Angular CLI's linting support looks like.

—
LINKS