Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Milestone # 2: Upgrade authentication && api lessons #28807

Open
01zulfi opened this issue Sep 18, 2024 · 0 comments
Open

Milestone # 2: Upgrade authentication && api lessons #28807

01zulfi opened this issue Sep 18, 2024 · 0 comments
Labels
Project Node Revamp Issues/PRs related to the Node Revamp project
Milestone
Node Revamp: Mile...

Comments

@01zulfi
Copy link
Member

01zulfi commented Sep 18, 2024
edited
Loading

READ THIS: this is an informal outline for Milestone # 2. this is a living issue i.e. I'll keep editing over. this is not indicative of what the final version of the lessons might cover or where its placed in the course. please refer to the lesson issue for specific details.

GOAL: upgrade auth & api lessons

introduction to auth lesson

  • why webapps need auth
  • what is auth vs authorization
  • auth schemes we'll cover in the curriculum

session based auth lesson

  • implement session based auth from scratch, we can discuss how much hand holding we want the lesson to be. EDIT: we won't be too much handhold-y here and trust our learners to figure it out. the lesson will cover high level concepts of session auth with a few code snippets thrown in
  • dive into persisting sessions in the database
  • explore cookies and its options i.e. 'secure' 'http-only'. most likely will be a separate lesson
  • password hashing. preferably a separate lesson, it could be after members-only project, needs discussion

members only project

now learners get to cover members-only project, but its requirements will be revised. It will just be a mini message board project with auth. No rbac i.e. admin. Primary objective of this project will be for learners to implement session auth

private events project

here we ask learners to implement rbac where a user can be "site admin", "event creator", "event attendee", "event speaker". we could instruct to implement separate logins

now they continue learning Prisma and file uploader project

restful apis lesson

  • restful apis and how to write them guide, covers stuff like http methods, url conventions

[insert new project here]

add a small project here for learners to practice restful apis

json web tokens lesson

  • implement jwts from scratch, again it can be discussed how hand holdeyy we want to be
  • handle cors: preferably a separate lesson

[insert new project here]

we could add another small project here for learners to run jwt before diving into refresh tokens

Refresh tokens lesson

  • imo we need to cover refresh tokens in the curriculum

blog api project

now learners proceed to the blog api project

sessions vs jwts lesson

  • could be a fun lesson, can be discussed

helpful libraries for auth lesson

  • here we can cover Passport.js, Lucia or whatever we like
@01zulfi 01zulfi added this to the Node Revamp: Milestone # 2 milestone Sep 18, 2024
@01zulfi 01zulfi added the Project Node Revamp Issues/PRs related to the Node Revamp project label Sep 18, 2024
This was referenced Sep 21, 2024
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Project Node Revamp Issues/PRs related to the Node Revamp project
Projects
Node Revamp
Status: No status
Milestone
Node Revamp: Milestone # 2
Development

No branches or pull requests
1 participant
@01zulfi