Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Should the client or the server take more security precautions?
- server
- What's the difference between local storage and session storage?
- session is only valid during a session, local is always valid.
- What problem does a JWT expiry time solve?
- a token being used after a user is no longer around. 20 minutes...20 years etc
- Is a refresh endpoint protected or public?
- Protected
- What would happen if a refreshed JWT was requested with a JWT that had already expired?
- It would not actually get refreshed, since it is already expired.
- What does it mean to queue a callback?
- Push the callback further back so that it does not get called.
- What does the clearTimeout function do and what argument do you pass into it?
- The clearTimeout() method clears a timer set with the setTimeout() method. The setTimeout id.
- For which of the following events should a refresh request be queued after?
- A successful user registration request
- A successful login request - yes
- A page load - yes
- A successful API request to a protected endpoint for posting a comment - yes
- A successful refresh request -yes
- A push state navigation event - yes
- A user logs out
- What is OIDC?
- This protocol enables a range of clients to securely authenticate, for example, web clients can authenticate, mobile clients
- or even servers themselves might need to authenticate with other servers.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement