eVision

------ git  ------------------------------------------ interceptor https://github.com/jpssasadara/SrpingBoot_JWT ----------------------------------------- videos What Happens If Your JWT Is Stolen? All of us know what happens if our user credentials (email and password) are discovered by an attacker: they can log into our account and wreak havoc. But a lot of modern applications are using JSON Web Tokens (JWTs) to manage user sessions—what happens if a JWT is compromised? Because more and more applications are using token-based authentication, this question is increasingly relevant to developers and critical to understand if you’re building any sort of application that uses token-based authentication. To help explain the concepts fully, I’ll walk you through what tokens are, how they’re used, and what happens when they’re stolen. Finally: I’ll cover what you should actually do if your token has been stolen, and how to prevent this in the future. This post was...

https://www.youtube.com/watch?v=rhTkRK53XdQ One of the characteristics of a good REST API is that it uses the standard HTTP methods in a way they are supposed to be used. We hear this all the time and this is the most fundamental guideline of REST. As generally understood, we use the following HTTP methods while designing REST APIs GET —  For returning resources POST —  For creating a new resource PUT —  For updating a resource PATCH  — For updating a resource DELETE —  For deleting a resource But beyond the basics, why is it like that? Isn’t use of two methods, PUT and PATCH for an update operation confusing? What do the specs say? Let’s first get the obvious out of the way. Let’s see what the specs say GET The GET method requests transfer of a current selected representation for the  target resource . GET is the primary mechanism of information retrieval What this really means is that you should use GET for an API method that ret...