"Backend Engineerâs meetup ~ãã¤ã¯ããµã¼ãã¹ã«ãããèªè¨¼èªå¯åºç¤~"ã®çºè¡¨è³æã§ãã https://connpass.com/event/142624/
注ï¼ãæ¬ç¨¿ã¯å ã¯JSON Web Tokensï¼JWTï¼ã«ã¤ãã¦æ¸ãããã®ã§ãããJWTã¯Javascript Object Signing and Encryptionï¼JOSEï¼ã®ãµãã»ããã§ããããã以ä¸ã®æ¹è©ã¯ã©ã¡ããã¨ããã¨JOSEå ¨ä½ã«ç¦ç¹ãå½ã¦ã¦ãã¾ãã ããæ¢ã«Javascript Object Signing and Encryptionï¼JOSEï¼ãå®è£ ãããã¨ã決ãã¦ãããªãããããJSON Web TokensãJSON Web Encryptionï¼JWEï¼ãJSON Web Signaturesï¼JWSï¼ã®ãããã§ãã£ã¦ãããã®æ±ºæã«çåãæã¤ã¹ãã§ããééããç¯ããã¨ãã¦ããå¯è½æ§ãããã¾ãã ãã®æ稿ã«æ¸ãããã¨ã¯ãã¹ã¦ãRFC 7519ãRFC 7515ãããã¦RFC 7516ã«åã£ã¦ãã¾ããå°æ¥ãæ°è¦ã®RFCã§ã¯ä»¥ä¸ã«æãããããªæ¬ é¥ã¯ãªããªã£ã¦ããå¯è½
13 best practices for user account, authentication, and password management Editor's note: This post includes updated best practices including the latest from Google's Best Practices for Password Management whitepapers for both users and system designers. Account management, authentication and password management can be tricky. Often, account management is a dark corner that isn't a top priority f
ä»åã¯èªè¨¼ã®ãã¹ã¯ã¼ããããã·ã¥åããé¨åã«ã¤ãã¦ã®è©±ã§ãã ãã¹ã¯ã¼ãã®ããã·ã¥åãããSHA256ãªã©ã®ããã·ã¥é¢æ°ã§ããã·ã¥åãã¦ããã®ã§ããã°ãã§ããã°BCryptã«ä¹ãæããæ¹ãè¯ãããã¨ããã®ãä»åã®è©±ã§ãã 詳細ã¯ãããåèã«ãªãã¾ãã ããããã«SHAã¯é«éãèãã¦ä½ãããã®ã§ããã¹ã¯ã¼ãã®ããã·ã¥é¢æ°åãã§ã¯ãªããã¨ãé«éã«å®è¡ã§ãã¦ãã¾ãã¨ããã ãã¬ã¤ã³ãã¼ãã¼ãã«ã®ä½æã容æã«ãªããã¨ãããã¨ã§ãããã»ãã¥ã¢ãããªãã§ããã ãã ãããã§ãBCryptã¨ãã使ãã°ã¹ãã¬ããã³ã°ããããªãããã¨ãã訳ã§ã¯ãªãããã§ããããã¾ã§å¾æ¥éãèãæ¹ã¯ããã·ã¥é¢æ°ï¼ã½ã«ãï¼ã¹ãã¬ããã³ã°ã§ãã ãã ãBCryptã®å®è£ ã§ããjBCryptã使ãã¨ããªãæ±ãã楽ã«ãªãã®ã§ã¯ãªããã¨æãã¾ããã©ã®ããã«æ¥½ã«ãªããæ¸ãã¦ãã¾ãã jBCryptã®ä½¿ãæ¹ Scalaã§ã使ãã¾ãããä»åã¯
OAuth 2.0 ã¸ã®ç解ãæ·±ãããããèªåãOAuthãã©ãæãã¦ããããæ´çãã¾ãã å¤åã«èª¤è§£ãå«ã¾ãã¦ããå¯è½æ§ãããã®ã§æªããããã OAuth 2.0 OAuth 2.0ãå©ç¨ãã¦ãªã½ã¼ã¹ãµã¼ã(=Web API)ã¨éä¿¡ãè¡ãå ´åã 以ä¸ã®å¦çãè¡ããã¾ãã ã¦ã¼ã¶ã¯èªè¨¼æ å ±ãèªè¨¼ãµã¼ãã«æ¸¡ãã¦ã¢ã¯ã»ã¹ãã¼ã¯ã³ãçºè¡ãã¦ããã ã¦ã¼ã¶ã¯ãªã½ã¼ã¹ãµã¼ãã¨éä¿¡ããéã«ã¢ã¯ã»ã¹ãã¼ã¯ã³ãä¸ç·ã«æ¸¡ã ãªã½ã¼ã¹ãµã¼ãã¯åãåã£ãã¢ã¯ã»ã¹ãã¼ã¯ã³ããã¦ã¼ã¶ãèå¥ãã ãªã½ã¼ã¹ãµã¼ãã¯èå¥çµæããã¨ã«é©åãªå¦çãè¡ãã¬ã¹ãã³ã¹ãè¿ã èªè¨¼æ å ± èªè¨¼æ å ±ã«ã¯å¹¾ã¤ãã®ãã¿ã¼ã³ãããã以ä¸ã®æ å ±ãå«ã¾ãã¾ãã ã¢ããªã±ã¼ã·ã§ã³ãèå¥ããããã®æ å ± ã¦ã¼ã¶ãèå¥ããããã®æ å ± èªè¨¼æ¹æ³ãªã©ã表ãã¡ã¿æ å ± èªè¨¼ãµã¼ãã¨ãªã½ã¼ã¹ãµã¼ã èªè¨¼ãµã¼ãã¯ãã¢ããªã±ã¼ã·ã§ã³ãç»é²ããããã¢ã¯ã»ã¹ãã¼ã¯ã³ãçº
â æ±æ¬§ãã«ãä¸å½ã®ä¸è§ã§ããã¨ã¹ããã¢å ±åå½ã§ã¯ãICããããæè¼ããå½æ°IDã«ã¼ããåºãæ®åãã¦ãããé»åæ¿åºå é²å½ãã ã人å£ç´135ä¸äººã«å¯¾ãã¦ãããã¾ã§100ä¸æ以ä¸ã®IDã«ã¼ããçºè¡ããããå 許証ãä¿éºè¨¼ã®ä»£æ¿å©ç¨ãã§ããã»ããå ¬å ±äº¤éæ©é¢ã®ãã±ãããEUå ã§ã®ãã¹ãã¼ãã¨ãã¦ä½¿ããã¨ãã§ãããï¼å ç° éä¹ ï¼æ¬¡ä¸ä»£é»åååå¼æ¨é²åè°ä¼ï¼ECOMï¼ä¸»å¸ç 究å¡ãåç° é½äºï¼æ¬¡ä¸ä»£é»åååå¼æ¨é²åè°ä¼ï¼ECOMï¼ä¸»å¸ç 究å¡ï¼ â»ããã®ã³ã³ãã³ãã¯ãæ¥çµBPã¬ãã¡ã³ããã¯ããã¸ã¼ã第15å·ï¼2007å¹´4æ1æ¥çºè¡ï¼ã«æ²è¼ãããè¨äºãåæ§æãããã®ã§ãã ä¸çã§åãã¦å½å®¶ã¬ãã«ã®ã¤ã³ã¿ã¼ãããé»åæ票ãå®æ½ãããªã©ãè¿å¹´ITã®åéã§æ³¨ç®ãæµ´ã³ã¦ããããã«ãä¸å½ãã®ã²ã¨ã¤ã§ããã¨ã¹ããã¢å ±åå½ï¼ä»¥ä¸ãã¨ã¹ããã¢ï¼ãæ¥æ¬ã®ä½åºã«ã¼ãã®ãããªä½ç½®ã¥ãã®æ¥è§¦åICã«ã¼ããå½æ°IDã«ã¼ãï¼ä»¥ä¸ãIDã«
ãªãªã¼ã¹ãé害æ å ±ãªã©ã®ãµã¼ãã¹ã®ãç¥ãã
ææ°ã®äººæ°ã¨ã³ããªã¼ã®é ä¿¡
å¦çãå®è¡ä¸ã§ã
j次ã®ããã¯ãã¼ã¯
kåã®ããã¯ãã¼ã¯
lãã¨ã§èªã
eã³ã¡ã³ãä¸è¦§ãéã
oãã¼ã¸ãéã
{{#tags}}- {{label}}
{{/tags}}