GithubHelp home page GithubHelp logo

dcsean / taffy_withui Goto Github PK

View Code? Open in Web Editor NEW

This project forked from jmohler1970/taffy_withui

0.0 2.0 0.0 69 KB

Taffy with some real basic authentication

License: MIT License

ColdFusion 32.12% JavaScript 13.79% HTML 54.09%

taffy_withui's Introduction

Taffy_withToken

This code covers

  • Taffy for REST: Part 5 Access Tokens with some real simple authorization
  • Taffy for REST: Part 6 CAPTCHA
  • Taffy for REST: Part 7 Login
  • Taffy for REST: Part 8 VueJS + Bulma
  • Taffy for REST: Part 9 VueJS + Bootstrap

For part 8

Change server.json to:

{ "name":"Taffy_withToken", "app":{ "cfengine":"adobe@2018" }, "web":{ "http":{ "port":8080 }, "welcomeFiles":"home-buefy.html" } }

Video 4

Quick Overview

Commandbox

None of the command box files have been updated

Entity Updates

StatesProvinces in now Read Only

Users now has new fields

Resource Updates

Users

Even thought Entity has new fields we will not be sending them over

Users_ID

Even thought Entity has new fields we will not be sending them over

Login

This is going to be covered in this video

Captcha

This is going to be covered in video 5. Ignore this for the time being

config.json

This is a brand new file. Let's take a look at it

{
	"authorization" 			: "hawkfeedflaw",
	"hash_algorithm" 	: "SHA-384",
	"tokenSkipped" 	: ["/login", "/login/captcha"],
	"tokenExpiration" 	: 60
}

First we have the apikey

APIkey provides our first round of security. It must be sent over with any and every request. It is static; it never changes. This does not provide security. It is just there to make sure the real dumb hackers can't do anything. This is a string that will be on your HTML file. It can be read and found out.

hash_algorithm

We don't save passwords in the clear. We encrypt them. Same goes for CAPTCHA. This is to make sure that even if someone had access to the database, no passwords are compromised.

tokenRequired

This identifies the resources that do not require the user to have a valid login token. If a new resource is added to our rest application, it will almost certainly require the user to be logged in.

tokenExpiration

This is how long a login a token is good for in minutes.

Application.cfc

All kinds of things to support authentication and authorization. One of the biggest is that we will be storing some configuration information into config.json

Resources

taffy_withui's People

Contributors

jmohler1970 avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.