Secure Your Angular App Using JWT and GraphQL

Slide Note
Embed
Share

Ankit Sharma presents an insightful talk on securing Angular applications using JWT and GraphQL. He discusses the technology stack involving .NET, Angular, and GraphQL to create a secure API system with route guards. The talk explains the significance of JWT and when to use it, detailing its structure and benefits. Ankit emphasizes the secure transmission of information between parties through JSON Web Tokens, providing a comprehensive guide on implementing JWT in Angular apps.

keon511
keon511 Follow

Uploaded on Sep 24, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. ANKIT SHARMA PRESENTS Secure Your Angular App Using JWT And GraphQL

  2. SDE III at Cisco Systems, India Author & Speaker GDE for Angular, Microsoft MVP Blog https://ankitsharmablogs.com/ Ankit @ankitsharma_007 in/ankitsharma-007

  3. What this talk is about? JWT GraphQL .NET based GraphQL server with secure APIs using JWT. Angular client to consume the API using Apollo Angular. Route guards to secure routes. @ankitsharma_007 in/ankitsharma-007

  4. Technology stack .NET Angular GraphQL Hot Chocolate for server Apollo Angular for client @ankitsharma_007 in/ankitsharma-007

  5. What is JWT? JWT - JSON Web Token A compact and self-contained way for securely transmitting information between parties as a JSON object. The information shared can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with HMAC algorithm) or a public/private key pair using RSA. @ankitsharma_007 in/ankitsharma-007

  6. What is JWT? Compact: Because of its size, it can be sent through an URL, POST parameter, or inside an HTTP header. Additionally, due to its size its transmission is fast. Self-contained: The payload contains all the required information about the user, to avoid querying the database more than once. @ankitsharma_007 in/ankitsharma-007

  7. When should we use JWT? Authorization : Once the user is logged in, each subsequent request will include the JWT, allowing the user to access routes, services, and resources that are permitted with that token. Information Exchange : A great way of securely transmit information between parties. Since the JWTs can be signed, you can be sure the senders are who they say they are. @ankitsharma_007 in/ankitsharma-007

  8. Structure of JWT XXXXX.YYYYY.ZZZZZ Header Payload Signature @ankitsharma_007 in/ankitsharma-007

  9. JWT Header Two parts: Type of token Signing algorithm @ankitsharma_007 in/ankitsharma-007

  10. JWT Payload Contains the claims. Claims are statements about an entity (typically, the user) and additional data. @ankitsharma_007 in/ankitsharma-007

  11. JWT Signature The signature is used to verify that the message was not changed during transmission. If the token is signed with a private key, it can also verify that the sender of the JWT is who it says it is. @ankitsharma_007 in/ankitsharma-007

  12. JWT Signature To create the signature, we should sign the encoded header and the encoded payload using the specified algorithm with the help of a secret key. @ankitsharma_007 in/ankitsharma-007

  13. How does JWT work? @ankitsharma_007 in/ankitsharma-007

  14. What is GraphQL? GraphQL is a query language for APIs. Allows the client to ask for the specific data that it needs. Apps that use GraphQL are fast and stable because they control the data they get, not the server. Open source. @ankitsharma_007 in/ankitsharma-007

  15. Hot Chocolate Hot Chocolate is an open-source GraphQL server for the .NET platform. Allows us to create GraphQL endpoints. Easy to set up and allows us to deliver our application quickly by removing the need to build a fully-fledged GraphQL server. @ankitsharma_007 in/ankitsharma-007

  16. Apollo Angular Apollo Angular is the ultra-flexible, community driven GraphQL client for Angular, JavaScript, and native platforms Features: Incrementally adoptable Universally compatible Simple to get started with Small and flexible Community driven @ankitsharma_007 in/ankitsharma-007

  17. GraphQL Query A GraphQL query is used to fetch values from a server. It is a read-only operation. It is similar to a GET operation in REST. @ankitsharma_007 in/ankitsharma-007

  18. GraphQL Mutation A GraphQL mutation is used to change the data on the server. It is similar to a POST/PUT/DELETE operation in REST. @ankitsharma_007 in/ankitsharma-007

  19. Prerequisites Visual Studio 2022 with the ASP.NET and web development workload Angular CLI Node.js VS Code (optional) @ankitsharma_007 in/ankitsharma-007

  20. Demo Time !!! @ankitsharma_007 in/ankitsharma-007

  21. Resources Scan QR for GitHub repo https://jwt.io https://graphql.org/ https://chillicream.com/ @ankitsharma_007 in/ankitsharma-007

Related


Angular Mechanics - Angular Momentum Concepts and Examples

Angular Mechanics - Angular Momentum Concepts and Examples

tanisha
Physics Concepts: Angular Velocity, Radians, and Acceleration Explained

Physics Concepts: Angular Velocity, Radians, and Acceleration Explained

maya
Understanding Angular Momentum in Mechanics

Understanding Angular Momentum in Mechanics

nikolai
Understanding Angular Momentum in Quantum Mechanics

Understanding Angular Momentum in Quantum Mechanics

marwa
Understanding JSON Web Tokens (JWT) in Web Development

Understanding JSON Web Tokens (JWT) in Web Development

sigmund
Understanding Rotational Motion: Angular Velocity and Acceleration

Understanding Rotational Motion: Angular Velocity and Acceleration

zofia
Understanding Angular Velocity, Torque, and Conservation of Angular Momentum in Physics

Understanding Angular Velocity, Torque, and Conservation of Angular Momentum in Physics

zane883
Implementation of Angular Momentum Formalism in Low-Energy Fusion Reactions

Implementation of Angular Momentum Formalism in Low-Energy Fusion Reactions

eplou
Understanding Latitude and Angular Distance on Earth

Understanding Latitude and Angular Distance on Earth

aarabhis
Understanding Circular Motion in Physics

Understanding Circular Motion in Physics

aarush
Introduction to Rotational Motion in Physics

Introduction to Rotational Motion in Physics

elo_cin
Understanding Rotational Motion in Chapter 10

Understanding Rotational Motion in Chapter 10

jaydan
Understanding Angular Momentum and Rotational Dynamics in Physics

Understanding Angular Momentum and Rotational Dynamics in Physics

bajl
Understanding Angular Overlap Method in Advanced Inorganic Chemistry

Understanding Angular Overlap Method in Advanced Inorganic Chemistry

taya
Understanding Arc Length and Angular Velocity in Circles

Understanding Arc Length and Angular Velocity in Circles

pkhy
Understanding Rotational Motion in Physics

Understanding Rotational Motion in Physics

posey
Physics Practice Problems: Wheels, Rotations, and Acceleration

Physics Practice Problems: Wheels, Rotations, and Acceleration

valerian
Understanding Nucleon Spin Decomposition and Proton Spin Problem

Understanding Nucleon Spin Decomposition and Proton Spin Problem

istr_tti
Understanding Satellite Orbits and Motion

Understanding Satellite Orbits and Motion

aagamri
Understanding Rotational Motion and the Radian

Understanding Rotational Motion and the Radian

alisha
Understanding Rotational Motion: Linear vs. Angular Speed

Understanding Rotational Motion: Linear vs. Angular Speed

town_pa
Understanding Spin Magnetism in NMR: An Introduction to Angular Momentum and Magnetic Moments

Understanding Spin Magnetism in NMR: An Introduction to Angular Momentum and Magnetic Moments

shar_26
Understanding Orbital Dynamics: From Newton's Laws to Kepler's Laws

Understanding Orbital Dynamics: From Newton's Laws to Kepler's Laws

ble_b
Understanding Intensity Noise and Angular Distribution Measurements in LED Selection

Understanding Intensity Noise and Angular Distribution Measurements in LED Selection

vanc_joy

More Related Content

Tamper-Evident Pairing (TEP) Protocol for Secure Wireless Pairing Without Passwords
Tamper-Evident Pairing (TEP) Protocol for Secure Wireless Pairing Without Passwords
CAS 6.0 Update: Enhancements and New Features
CAS 6.0 Update: Enhancements and New Features
Insights from OpenID Connect Success
Insights from OpenID Connect Success
Accessing and Utilizing CPCSSN Secure Research Environment (SRE)
Accessing and Utilizing CPCSSN Secure Research Environment (SRE)
Secure Computation Techniques in RAM Models with Efficient Automation
Secure Computation Techniques in RAM Models with Efficient Automation
Actively Secure Arithmetic Computation and VOLE Study
Actively Secure Arithmetic Computation and VOLE Study
Introduction to SFTP & PGP Encryption for Secure Data Transfer
Introduction to SFTP & PGP Encryption for Secure Data Transfer
Understanding Android App Development Basics
Understanding Android App Development Basics
An Open-Source SPDM Implementation for Secure Device Communication
An Open-Source SPDM Implementation for Secure Device Communication
Understanding Secure PRFs and PRPs in Cryptography
Understanding Secure PRFs and PRPs in Cryptography
STM32WB BLE Secure Connections Overview
STM32WB BLE Secure Connections Overview
Understanding Secure Act 2.0 Key Provisions
Understanding Secure Act 2.0 Key Provisions
Ensuring Secure Testing Environments in Oregon Education System
Ensuring Secure Testing Environments in Oregon Education System
Understanding Secure Electronic Transactions (SET)
Understanding Secure Electronic Transactions (SET)
Enhancing Animal Telemetry Data Systems for Secure Collaboration
Enhancing Animal Telemetry Data Systems for Secure Collaboration
Exploring Secure Care Services in Scotland
Exploring Secure Care Services in Scotland
Introduction to Google App Engine - A Platform for Easy Application Development
Introduction to Google App Engine - A Platform for Easy Application Development
Step-by-Step Guide to Using secure.colostate.edu NetConnect
Step-by-Step Guide to Using secure.colostate.edu NetConnect
Linear Communication in Secure Multiparty Computation for Efficient and Fast Processing
Linear Communication in Secure Multiparty Computation for Efficient and Fast Processing
Advancements in Multi-Key Homomorphic Encryption Using TFHE
Advancements in Multi-Key Homomorphic Encryption Using TFHE
Secure Multiparty Computation: Enhancing Privacy in Data Sharing
Secure Multiparty Computation: Enhancing Privacy in Data Sharing
Full Stack Skills for Digital Era Technology Architect
Full Stack Skills for Digital Era Technology Architect
Unsheltered Homeless PIT Count Volunteer Training using Mobile App
Unsheltered Homeless PIT Count Volunteer Training using Mobile App
Importance of Secure Passwords in Internet Safety
Importance of Secure Passwords in Internet Safety