Using plain-text passwords such as banana is not at all secure. We should use a token scheme to make our authentication secure. We'll use the JSON Web Token (JWT) standard (defined in RFC 7519: https://tools.ietf.org/html/rfc7519), which is very simple but also very powerful. JWT allows the client to use a shared secret (such as banana) to sign a set of claims to generate a token which is then sent to the server. A claim is a piece of information that the client sends to the server and which must be authenticated. Most commonly, this would be the username but it can include any set of data. Previous to JWT, such info was included in various ways and there was room for error due to poorly designed claims encoding or mistaken implementations. Many different kinds of digest algorithms are supported, as well as asymmetric public/private key pairs to generate the token from the claims. This allows for the security mechanism to be easily adjusted without having to change the overall...
RSpec Essentials
By :
RSpec Essentials
By:
Overview of this book
This book will teach you how to use RSpec to write high-value
tests for real-world code. We start with the key concepts of
the unit and testability, followed by hands-on exploration of
key features. From the beginning, we learn how to integrate
tests into the overall development process to help create
high-quality code, avoiding the dangers of testing for its
own sake.
We build up sample applications and their corresponding
tests step by step, from simple beginnings to more
sophisticated versions that include databases and external
web services. We devote three chapters to web applications
with rich JavaScript user interfaces, building one from the
ground up using behavior-driven development (BDD) and
test-driven development (TDD).
The code examples are detailed enough to be realistic while
simple enough to be easily understood. Testing concepts,
development methodologies, and engineering tradeoffs are
discussed in detail as they arise. This approach is designed
to foster the reader’s ability to make well-informed decisions
on their own.
Related Content you might be interested in
Current Title:
RSpec Essentials
No titles found
Table of Contents (17 chapters)
RSpec Essentials
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Free Chapter
Exploring Testability from Unit Tests to Behavior-Driven Development
Specifying Behavior with Examples and Matchers
Taking Control of State with Doubles and Hooks
Setting Up and Cleaning Up
Simulating External Services
Driving a Web Browser with Capybara
Building an App from the Outside In with Behavior-Driven Development
Tackling the Challenges of End-to-end Testing
Configurability
Odds and Ends
Index
Customer Reviews