Sometimes I get jealous of the speed people can build complex apps with things like laravel/rails. Node is a great run time but it is arguably a more complex choice for your tech stack, there is no standout MVC framework that does it all for you, instead, there are lots of small specialised tools. I want to talk about one of those. It’s called Postgraphile. It lets you generate a GraphQL API from a schema in a Postgres database. By writing just a little SQL you can create an application that would take a long time to create normally!
I'm going to show you how you can use it to build a meetup.com clone complete with JWT based authentication, real-time meetup ratings, and role-based access control.
While working on large node.js projects, I’ve noticed that there is no clear answer to common questions like “how do I securely store passwords”. I’ve also noticed that all the popular frameworks lack key security features such as CSRF protection and Rate Limiting by default. It’s really easy to get security wrong, and it’s not your fault that this is so difficult.
In this talk, I’ll present some practical steps you can take to secure your applications, including protecting against some of the most common attack vectors. I’ll also attempt to inspire you to think differently about what the defaults should be when you build new applications and libraries. We can make our code default to security; it doesn’t have to be this way.