- CSRF is already handled by samesite=strict
- Read up on CORS - https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
- CSP (Content Security Policy) - https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
Backend and Frontend for Traveler's Abode.
عَبْدِ اللَّهِ بْنِ عُمَرَ ـ رضى الله عنهما ـ قَالَ أَخَذَ رَسُولُ اللَّهِ صلى الله عليه وسلم بِمَنْكِبِي فَقَالَ كُنْ فِي الدُّنْيَا كَأَنَّكَ غَرِيبٌ، أَوْ عَابِرُ سَبِيلٍ
Abdullah bin Umar said, "Allah's Messenger (ﷺ) took hold of my shoulder and said, 'Be in this world as if you were a stranger or a traveler.'"
Allama Iqbal (رح) wrote this in the context of the situation of the Muslims in India, however its words are still extremely relevant today.
- Rocket - Webserver
- Prisma - ORM
- MySQL - Database
- This does not matter at all, I can swap to another database simply by changing the
datasource
inbackend/prisma/schema.prisma
. From a developer POV, the actual database doesn't matter because Prisma provides an abstraction layer independent of it.
- This does not matter at all, I can swap to another database simply by changing the
- JWT - Authentication
- Here, we use the jsonwebtoken crate. Implementation details can be found in the
backend/src/routes/utils/jwt.rs
file.
- Here, we use the jsonwebtoken crate. Implementation details can be found in the
- Rocket - Webserver
- Tera - Templates
- It is used with rocket_dyn_templates for easy integration with Rocket.
- Reqwest - HTTP client (for querying the backend)