Robert Damphousse is the Lead Front-End Developer at Stormpath.
Prior to Stormpath, he was the Director of Engineering at Colingo, a 24/7 online language school where he specialized in full-stack Javascript environments and immersive browser-based applications with realtime technologies. When he’s not coding, you’ll find Robert working on more physical projects, whether that’s building hardware or converting a 1952 school bus into an RV.
With new tools like Angularjs and Nodejs, it is easier than ever to build User Interfaces for the systems that you manage. But how to do it securely? Web browsers are woefully insecure, and hand-rolled APIs are risky.
JSON Web Tokens (JWTs) are being prescribed as a panacea for webapp security, but you need to know your security basics before you can implement them with peace of mind. JWTs are a great mechanism for persisting authentication information in a verifiable and stateless way, but that token still needs to be stored somewhere.
In this talk, Robert Damphousse, lead front-end developer at Stormpath, will explain the security loopholes in web browsers, and what you can do about them keeping your JWTs safe and secure. Topics covered include:
Robert will demonstrate these points with a simple single-page-application, built with Angular.js, and backed by a REST API.