These resources are helpful extra reading that may clarify or enhance concepts you're learning in the main curriculum.
Despite the title this talk actually covers most aspects of web authentication in a very accessible way
How to work with cookies while you are developing
The 8 Principles of Secure Development & Deployment set out by the National Cyber Security Center
Your project this week is to build a web app that authenticates users and stores user-specific data in a SQLite database.
Before you start writing features you need to create a security plan. This should a section in your README.md
that describes how you will secure your app and mitigate different potential attacks.
Will you store session info in a cookie (stateless) or in your database (stateful)?
How will you check a user's identity (authentication)?
How will you control what actions a user can take (authorization)?
How will you mitigate Cross-site Request Forgery (CSRF) attacks?
As a user, I want to: submit information to your site for anyone to see
As a user, I want to: come back to your site later and see what I posted is still there
As a user, I want to: be the only person allowed to delete my stuff
Since this project is open-ended you'll need to write your own more specific user stories once you know what you want to build.
Founders & Coders book sharing system
Food / coffee recommendations around Founders & Coders
Founders & Coders events calendar