As someone working on a side project that allows people to upload data publically (think something like codepen), what can I do to stay away from trouble like this?
Could be worth noting that the pay of an entry level scientist or engineer is less than 1,000$ a month, probably making less sense to someone from outside India. It's because of a low cost of living in India.
If the JWT is as long as the refresh token, then what's the point of having a refresh token? You would then probably need to get new refresh tokens then to make the session last longer. The idea is to make the refresh…
The point is that it would reduce the DB/cache load, as the refresh token would need to be verified once in a few minutes or so as opposed to verifying it for every request. Regular requests could be authenticated in…
I have personally experienced the security disadvantage you mentioned. I used my Google login to sign into an email client. I immediately realised that the app was going to store all of my email data in their private…
The thing that scares me about using JWT is that all security completely relies on the one secret that is used to sign tokens - any person with access to that secret has got potentially unlimited access to the app. They…
For this, you can use refresh tokens and set the JWT expiration to a low interval - say 10 minutes. After every 10 minutes, the JWT expires,authentication fails, and the client uses the refresh token to get a new JWT.…
Julia is great too for this kind of work
I really like go. I just love that it compiles to a native binary and is so easy to distribute. I love the way interfaces work and that types specify interfaces automatically without explicitly specifying that. I love…
I used to get paid 500€ a month as a developer for a consulting firm, and it was a 12-hours-a-day kind of a job. The firm would then bill its clients 40-60$ for every hour I worked. From one perspective it does seem…
That would be 4*26=104 hours right? That seems a good amount of time.
I have been looking for a solution to the same problem - short projects with no long term commitment for some side income. Maybe this is useful - CodeGophers: https://news.ycombinator.com/item?id=11663869
This used to happen to me every time I had to go to the airport in the night, and would book some local taxi to do that. The drivers just never cared about the traffic signals in the night. The prevalent attitude seems…
I'm in New Delhi, getting 54ms to Bangalore, 84ms to Singapore and 304ms to London.
Looks like it has been implemented in only Chrome and Opera so far. No Microsoft Edge support, and Firefox support is under discussion. https://www.chromestatus.com/feature/4672634709082112
As someone working on a side project that allows people to upload data publically (think something like codepen), what can I do to stay away from trouble like this?
Could be worth noting that the pay of an entry level scientist or engineer is less than 1,000$ a month, probably making less sense to someone from outside India. It's because of a low cost of living in India.
If the JWT is as long as the refresh token, then what's the point of having a refresh token? You would then probably need to get new refresh tokens then to make the session last longer. The idea is to make the refresh…
The point is that it would reduce the DB/cache load, as the refresh token would need to be verified once in a few minutes or so as opposed to verifying it for every request. Regular requests could be authenticated in…
I have personally experienced the security disadvantage you mentioned. I used my Google login to sign into an email client. I immediately realised that the app was going to store all of my email data in their private…
The thing that scares me about using JWT is that all security completely relies on the one secret that is used to sign tokens - any person with access to that secret has got potentially unlimited access to the app. They…
For this, you can use refresh tokens and set the JWT expiration to a low interval - say 10 minutes. After every 10 minutes, the JWT expires,authentication fails, and the client uses the refresh token to get a new JWT.…
Julia is great too for this kind of work
I really like go. I just love that it compiles to a native binary and is so easy to distribute. I love the way interfaces work and that types specify interfaces automatically without explicitly specifying that. I love…
I used to get paid 500€ a month as a developer for a consulting firm, and it was a 12-hours-a-day kind of a job. The firm would then bill its clients 40-60$ for every hour I worked. From one perspective it does seem…
That would be 4*26=104 hours right? That seems a good amount of time.
I have been looking for a solution to the same problem - short projects with no long term commitment for some side income. Maybe this is useful - CodeGophers: https://news.ycombinator.com/item?id=11663869
This used to happen to me every time I had to go to the airport in the night, and would book some local taxi to do that. The drivers just never cared about the traffic signals in the night. The prevalent attitude seems…
I'm in New Delhi, getting 54ms to Bangalore, 84ms to Singapore and 304ms to London.
Looks like it has been implemented in only Chrome and Opera so far. No Microsoft Edge support, and Firefox support is under discussion. https://www.chromestatus.com/feature/4672634709082112