From the course: Microservices Security Workshop: From Build to Production
Join today to access over 25,500 courses taught by industry experts.
Always use a framework
From the course: Microservices Security Workshop: From Build to Production
Always use a framework
- [Instructor] Now, let's head over to the lesson five branch to talk about how we can redesign this authentication system correctly using the FastAPI framework. First, at a high level, the important thing to understand here is not the intricacy of how this works in FastAPI, it's to understand that when we try to build things from scratch, we tend to create security issues along the way. Instead, you should look at whatever framework your development team is currently using. Some common ones are Spring and FastAPI, and look at the documentation for how to handle authentication and just make sure that you're building within those specifications. However, it's worth highlighting a couple of common patterns across how authentication works in these different frameworks. First, you can notice that I'm importing a bunch of security libraries and Middleware here in order to intercept every request that goes to the backend. This new authentication service is sitting in between every other…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
(Locked)
How to threat model in a microservice world4m 50s
-
(Locked)
Realistic team workflows for security involvement4m 26s
-
(Locked)
James' "Top 10" microservice vulnerabilities4m 51s
-
(Locked)
Designing authentication5m 14s
-
(Locked)
Always use a framework4m 52s
-
(Locked)
Designing API gateways3m 10s
-
(Locked)
I've got 99 problems and they're all auth-related4m 21s
-
(Locked)
Never forget the front-end4m 41s
-
(Locked)
Challenge: Getting hands-on with JWT1m 9s
-
(Locked)
Solution: Getting hands-on with JWT1m 16s
-
(Locked)
-
-
-
-