End-to-End Security with Auth0 by Ryan Chenkie

What's included?

56 videos 1 file

Contents

Getting Started

Tour the Application

3 mins

Sign Up for MongoDB Atlas

5 mins

Clone the Repo and Install Dependencies

2 mins

Run the React App and Express API

3 mins

Checkout the Start Branch

1 min

JSON Web Tokens

Anatomy of a JSON Web Token

11 mins

Sign a JSON Web Token

3 mins

JSON Web Token Dos and Don'ts

6 mins

Signup and Login

View the Signup and Login Endpoints

5 mins

Complete the User Signup Form

6 mins

Complete the User Login Form

3 mins

Handing Auth State

Set Auth State after Login

6 mins

Use Auth State in UI Elements

2 mins

Persist Auth State on Page Refresh

5 mins

Check if the User is Currently Authenticated

5 mins

Navigate Conditionally Based on Auth State

2 mins

Add Logout Functionality

5 mins

Check the User's Role

3 mins

Conditionally Display Sidebar Items

6 mins

Handling Client-Side Routing

Guard Client Side Routes Based on Auth State

6 mins

Guard Client Side Routes Based on Role

2 mins

Handling Authenticated HTTP Requests

Add a JWT to an Axios Request

6 mins

Add an HTTP Interceptor to Axios

5 mins

Protecting API Endpoints

Add a JWT Verification Middleware

8 mins

Attach a User to the Request Object

5 mins

Limit Access to Admin Users

5 mins

Get the User ID from Requests

6 mins

Hardening the Application

Use Lazy Loading to Limit Access to Code

5 mins

Maintain an Allowed Origin List for Tokens

4 mins

Sanitize Content when Setting InnerHTML

4 mins

Carry Out a Cross-Site Scripting Attack

4 mins

Steal a JSON Web Token

3 mins

Sanitize a Cross-Site Scripting Attack

3 mins

Switching to Auth0

03-third-party-auth.zip

5.37 MB

Run the App and API

2 mins

Why Use a Third-Party Auth Provider?

6 mins

Sign Up for an Auth0 Account

3 mins

Configure Application URLs

2 mins

Create a User in Auth0

3 mins

Set Up an API and Permissions

4 mins

Add User Roles in Auth0

2 mins

Use the Universal Login Screen

2 mins

Install the Auth0-React SDK

6 mins

Redirect Users to Auth0 to Log In

3 mins

Use isLoading to Wait for Authentication

5 mins

Use isAuthenticated to Check Auth Status

2 mins

Get an Access Token from Auth0

7 mins

Use a JWKS Verification Middleware

6 mins

Augment the User's Profile with a Rule

7 mins

Use the Auth0 Role in the React App

3 mins

Request Scopes for an Access Token

8 mins

Apply Scope Check Middleware to Endpoints

3 mins

Add a Custom User ID with an Auth0 Rule

10 mins

Allow Users to Log Out

3 mins

Display the User's Name and Picture

2 mins

Remove AuthContext, Login, and Signup

4 mins

Renew Access Tokens

6 mins