Secure API Authentication with JWT and Microservices Architecture
Week 6: Secure Authentication Using JWT for APIs
Cloud Account – Billing Purpose // DB Account – DB Access
Implementing Secure Authentication Using JWT for APIs
Goal: Implement secure authentication using JWT (JSON Web Tokens) for managing API access.
Topics Covered:
- JWT Generation
- JWT Validation
- JWT Integration with API Endpoints
- Security Best Practices
JWT Generation
Steps:
- Install PyJWT library:
pip install pyjwt - Configure the JWT secret, header, and payload.
Summary of HS256 – Encrypts and Gives Symmetry
Read MoreAPI Design: Comparing gRPC, OpenAPI, and REST
Topic 4: API Design
Understanding gRPC, OpenAPI, and REST in API Design
Introduction
- Two primary models for API design: RPC [Procedure] and REST [Entity]
- Most modern APIs map to the HTTP protocol
- RPC API designs often adopt ideas from HTTP
- This presentation explains the choices and provides guidance
gRPC Overview
- gRPC: Technology for implementing RPC APIs using HTTP 2.0
- RPC model: Addressable entities are procedures, data hidden behind procedures
- HTTP model: Addressable entities are data entities (resources)
Cybersecurity Concepts: Authentication, Encryption, and Threats
Cybersecurity Fundamentals
2-Second Authentication and CAPTCHAs
A 2-second authentication process alone does not inherently make a system secure because security depends on factors such as password strength, multifactor authentication, and system design. While it might slow down brute-force attacks, attackers could still exploit other vulnerabilities. CAPTCHAs address automated threats by ensuring that actions like login attempts are performed by humans rather than bots. This additional layer of defense
Read MoreDatabase Concepts: Questions and Answers
Database Fundamentals: Q&A
Questionnaire 1
- What method is needed for flexible storage and retrieval of large amounts of data?
Management System Database (DBMS) - What is a set of data elements that describes itself with relations between these elements?
Database - What is a relationship?
It’s a sense of unity that exists between certain data elements. - Mention the 5 models of database:
- Relational
- Object Oriented
- Deductive
- Network
- Hierarchical
- What is the most popular database model?
Relational model. - What
Redis Data Handling and gRPC-JSON Conversion
Redis: Insertion, Indexing & Query
| Insertion | Index Creation | Query |
|---|---|---|
JSON.SET <key> $ '<JSON data>' | FT.CREATE <index_name> ON JSON PREFIX 1 <key_prefix> SCHEMA <field_path> AS <field_alias> <data_type> | FT.SEARCH <index_name> <query> |
JSON.SET user:1 $ '{"name": "Alice", "age": 30, "skills": ["Python", "Redis"]}' | FT.CREATE idx:user ON JSON PREFIX 1 user: SCHEMA $.name AS name TEXT $.age AS age NUMERIC |
|
Web Development Tools, Planning, and Legal Considerations
Web Development Tools
For basic web pages, a lot of resources are not required. A text editor and a browser to check the result are enough. Moreover, these two tools are included in most operating systems by default.
Types of Text Editors
Text editors allow developers to write and edit digital files consisting of plain text.
- Simple: Notepad
- Dedicated to the creation of websites: These incorporate some useful features for developers, such as highlighting keywords, a list of labels, and automatic insertion