Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Should the client or the server take more security precautions?
- The server should take more security precautions, but both should be done.
- # What's the difference between local storage and session storage?
- Local storage will store for an infinite amount of time, session storage
- only stores until the window/tab is closed
- # What problem does a JWT expiry time solve?
- Users being authenticated for a prolonged period of time by staying logged
- in with the tab open. Closes a security loophole that could be exploited
- by a malicious individual.
- # Is a refresh endpoint protected or public?
- Protected.
- # What would happen if a refreshed JWT was requested with a JWT that had already expired?
- It would be a bad request (400)
- # What does it mean to queue a callback?
- To put the callback into a queue for a certain time/after certain action.
- # What does the clearTimeout function do and what argument do you pass into it?
- The clearTimeout function allows us to remove a timeout function on a specific event.
- Essentially, this allows us to reset a timeout function during some activity with our
- program/website.
- # For which of the following events should a refresh request be queued after?
- - Successful login
- - Successful registration
- - A page load
- - Successul API request to post
- - Successful refresh request
- - A push state navigation event
- # What is OIDC?
- OpenID Connect. It's an open source authentication tool that offers greater security than JWT.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement