Articles
SSH keys
Using a key file can greatly increase security when connecting to a host via SSH. This article presents how to create such keys and configure hosts to use them.
A template for Vue.js applications
Over the years, I have built multiple Vue.js applications. Although their business logic differs, those applications often share similar components such as a navigation panel, a header with my logo and an authentication mechanism. Writing those from scratch for each application would be time consuming so I designed an application template that can be installed using NPM to bootstrap my projects.
User management microservice based on Neo4J
Web applications commonly require a user database and the management logic for it. Having to build such software infrastructure for each individual app would be time consuming so I designed a general-purpose user management microservice that can be easily integrated in a project.
Multi-user MQTT platform
Mosquitto is usually the first candidate to come to mind when looking for an MQTT broker. However, by default, Mosquitto manages users using a password file. This makes it difficult to easily add or remove users, especially when the broker is deployed in Kubernetes.
User management and authentication service using MongoDB
More often than not, web applications require restrictions regarding who can access the content that they serve. This involves an user management and authentication system, which, if designed inappropriately, can lead to security concerns. However, the development of such system can be time consuming, especially if done repeatedly for multiple applications.
Encrypting Mosquitto using Certbot
This article presents how to encrypt a Mosquitto MQTT broker using SSL certificates obtained with Let's Encrypt
Securing an ingress with basic auth
This article describes how to use basic auth to protect an ingress in Kuberentes. It it <a href="https://kubernetes.github.io/ingress-nginx/examples/auth/basic/" rel="noopener noreferrer nofollow">based on this page</a>.
Express authorization middleware
Many applications require some form of authorization mechanism to prevent users from accessing restricted content. Authenticated users are commonly in possession of a cookie containing identification data. With the authentication microservice that I designed, this cookie contains a JWT that contains the user's username. This JWT is sent in the authorization header of HTTP requests. Thus, authorization can be performed easily within each application by simply decoding the JWT. To do so, I designed this simple middleware for ExpressJS.
Cookies
Cookies are key-value pairs stored on a web browser. They can be set (i.e. created) using client-side JavaScript. Conversely, a server can get a client's browser to set cookies via instructions in an HTTP response. As such, cookies can be set by both the client and the server.
Cookie-session
User authenticates using username and password, server sets a signed cookie containing serialized user info
0 - 10 / 10