Let's JAM!
North Bay App Developers (NBAD)
facebook.com/groups/northbayappdevs
Why are we here?
Static?
That's a baby's toy!
Or is it???
Security
Performance
Freedom
Security
- Authoring is decoupled from Viewing
- No "CMS" to hack into!
- Generated sites are tied to Version Control (aka Git), easy to rollback
Performance
- Generated sites are just HTML, CSS, and Javascript
- Slap that puppy on a CDN
- Scale from 1 to 1,000,000 pageviews without breaking a sweat
Don't be this guy.
Freedom
- SSG (Static Site Generators) like Jekyll, Hugo, etc. just use regular files (in common formats like Markdown, JSON, etc.)
- Content not silo'ed inside a complex, confusing database schema
- Switch authoring tools, hosts, even SSGs at any time, no vendor lock-in
Ready for some JAM?
One More Thing...
JWT
JSON Web Tokens
JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties.
Example:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ
Payload:
{
"sub": "1234567890",
"name": "John Doe",
"admin": true
}
How to use it?
Authorization: Bearer eyJhbGc…
In HTTP POST, PUT, GET, etc.
include this HTTP header:
Server Libraries for
Ruby/Rails, Node, PHP, Python, and so on...
Auth Server
API Servers
Social Signin
oAuth Callback
JWT
(user credentials in Payload)
JWT
(user credentials in Payload)
Same Secret Signature Key!!!
Thank you.
North Bay App Developers (NBAD)
facebook.com/groups/northbayappdevs