LinkedIn

Protect Your Data with Secure Token Rotation

𝗪𝗲 𝗔𝗹𝗹 𝗛𝗮𝘃𝗲 𝗢𝘂𝗿 𝗖𝗹𝗶𝗲𝗻𝘁 𝗦𝗲𝗰𝗿𝗲𝘁𝘀 Secrets hide behind every login and API call. You notice them only when things break. A leaked string is a debt you must pay later. A weak token ...
LinkedIn

Lessons from Two Bugs: Trust No Assumptions

How I fixed it: - I embedded a unique tokenId in the JWT. - I saved the tokenId and the hashed token in the database. - To refresh a session, I first look up the session by the tokenId. - Then I use ...
GitHub

kota64453/ecommerce-micro-services-kota

🛒 E-Commerce Microservices Platform A production-ready, fully containerized E-Commerce backend built with Spring Boot microservices, featuring JWT authentication, OTP verification, event-driven ...