Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Full-Stack React Projects

You're reading from   Full-Stack React Projects Modern web development using React 16, Node, Express, and MongoDB

Arrow left icon
Product type Paperback
Published in May 2018
Publisher Packt
ISBN-13 9781788835534
Length 470 pages
Edition 1st Edition
Tools
Arrow right icon
Author (1):
Arrow left icon
Shama Hoque Shama Hoque
Author Profile Icon Shama Hoque
Shama Hoque
Arrow right icon
View More author details
Toc

Table of Contents (14) Chapters Close

Preface 1. Unleashing React Applications with MERN FREE CHAPTER 2. Preparing the Development Environment 3. Building a Backend with MongoDB, Express, and Node 4. Adding a React Frontend to Complete MERN 5. Starting with a Simple Social Media Application 6. Exercising New MERN Skills with an Online Marketplace 7. Extending the Marketplace for Orders and Payments 8. Building a Media Streaming Application 9. Customizing the Media Player and Improving SEO 10. Developing a Web-Based VR Game 11. Making the VR Game Dynamic Using MERN 12. Following Best Practices and Developing MERN Further 13. Other Books You May Enjoy

Enhancing security


In the MERN applications developed for this book, we kept the auth-related security implementations simple by using JSON Web Tokens as an authentication mechanism and by storing hashed passwords in the User collection. In this section, we will go over these choices and point to possible enhancements.

JSON web tokens – client-side or server-side storage

With the JWT authentication mechanism, the client side becomes responsible for maintaining user state. Once the user signs in, the token sent by the server is stored and maintained by the client-side code on browser storage, such as sessionStorage. Hence, it is also up to the client-side code to invalidate the token by removing it when a user signs out or needs to be signed out. This mechanism works out well for most applications that need minimal authentication to protect access to resources. However, for instances where it may be necessary to track user sign-ins, sign-outs, and to let the server know that a specific token...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image