#authentication code explainers

java

@Component
public class JwtAuthenticationFilter extends OncePerRequestFilter {
 
    private final JwtTokenProvider tokenProvider;

How a JWT auth filter works in Spring

authentication jwt servlet-filter

Intermediate 8 steps

ruby

class SessionsController < ApplicationController
  MAX_ATTEMPTS = 5
  THROTTLE_WINDOW = 15.minutes

Throttling failed logins in Rails

rate-limiting authentication caching

Intermediate 7 steps

go

package handlers
 
import (
	"net/http"

Cookie-based sessions in Gin

authentication cookies middleware

Intermediate 7 steps

php

<?php
 
namespace App\Security;

Secure password hashing with Argon2id in PHP

password-hashing argon2id timing-attacks

Intermediate 8 steps

python

from flask import Blueprint, render_template, redirect, url_for, flash
from flask_login import login_required, current_user
from flask_wtf import FlaskForm
from wtforms import StringField, TextAreaField, SubmitField

Handling a post form with a Flask Blueprint

blueprints form-validation post-redirect-get

Intermediate 7 steps

go

package webhooks
 
import (
	"crypto/hmac"

Verifying GitHub webhooks in Gin

hmac webhooks middleware

Intermediate 6 steps

rust

use axum::{
    extract::FromRequestParts,
    http::{request::Parts, StatusCode, header::AUTHORIZATION},
};

How a JWT extractor works in Axum

authentication jwt extractors

Intermediate 8 steps

php

<?php
 
function verifyJwt(string $token, string $secret): array
{

Verifying an HS256 JWT in PHP

jwt hmac authentication

Intermediate 9 steps

go

package middleware
 
import (
	"net/http"

Building a bearer-token auth middleware in Gin

middleware authentication closures

Intermediate 5 steps