The arena of proper authentication and data security standards is often some of the most misunderstood, confusing, and tricky aspects of building any Node site, app, or service, and the fear of data breaches with unencrypted or poorly encrypted data doesn’t make it any better.
We’re going to tackle this field, exploring the proper methodologies for building secure authentication and data security standards. We’ll run through:
- Building on top of OAuth 2 and OpenID Connect
- Node middleware services for authentication
- Working with proper hashing and salting algorithms, and avoiding others, for private user data
- Common auth and security pitfalls and solutions
In the end, we’re going to see that by understanding proper data security and authentication standards, pitfalls, and reasons for choosing one solution over another, we can make intelligent decisions on creating a solid infrastructure to protect our users and data.