Security Features and Best Practices
The wise man therefore always holds in these matters to this principle of selection: he rejects pleasures to secure other greater pleasures, or else he endures pains to avoid worse pains.
Authentication Methods
These cases are perfectly simple and easy to distinguish. In a free hour, when our power of choice is untrammelled and when nothing prevents our being able to do what we like best.
JWT Tokens
Every pleasure is to be welcomed and every pain avoided. But in certain circumstances and owing to the claims of duty or the obligations of business it will frequently occur that pleasures have to be repudiated and annoyances accepted.
const jwt = require('jsonwebtoken');
function generateToken(user) {
return jwt.sign(
{
id: user.id,
email: user.email
},
process.env.JWT_SECRET,
{ expiresIn: '24h' }
);
}
OAuth Integration
The wise man therefore always holds in these matters to this principle of selection: he rejects pleasures to secure other greater pleasures.
Data Encryption
Or else he endures pains to avoid worse pains. These cases are perfectly simple and easy to distinguish.
At Rest Encryption
- Database Level: In a free hour, when our power of choice
- File System: Is untrammelled and when nothing prevents
- Backup Encryption: Our being able to do what we like best
In Transit Security
const https = require('https');
const fs = require('fs');
const options = {
key: fs.readFileSync('private-key.pem'),
cert: fs.readFileSync('certificate.pem')
};
https.createServer(options, app).listen(443);
Access Control
Every pleasure is to be welcomed and every pain avoided. But in certain circumstances and owing to the claims of duty or the obligations of business.
Role-Based Access Control (RBAC)
It will frequently occur that pleasures have to be repudiated and annoyances accepted. The wise man therefore always holds in these matters to this principle of selection.
Row Level Security
He rejects pleasures to secure other greater pleasures, or else he endures pains to avoid worse pains.