Set cookies for cross origin requests

How to share cookies cross origin? More specifically, how to use the Set-Cookie header in combination with the header Access-Control-Allow-Origin? Here’s an explanation of my situation: I am attempting to set a cookie for an API that is running on localhost:4000 in a web app that is hosted on localhost:3000. It seems I’m receiving the … Read more

Creating an API for mobile applications – Authentication and Authorization

Overview I’m looking to create a (REST) API for my application. The initial/primary purpose will be for consumption by mobile apps (iPhone, Android, Symbian, etc). I’ve been looking into different mechanisms for authentication and authorization for web-based APIs (by studying other implementations). I’ve got my head wrapped around most of the fundamental concepts but am … Read more

What is the purpose of a “Refresh Token”?

I have a program that integrates with the YouTube Live Streaming API. It runs on timers, so its been relatively easy for me to program in to fetch a new Access Token every 50 minutes with a Refresh Token. My question is, why? When I authenticated with YouTube, it gave me a Refresh Token. I … Read more

How are people managing authentication in Go? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers. We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations. Closed 2 years ago. Improve this question For those building RESTful APIs and … Read more

How does cookie based authentication work?

Can someone give me a step by step description of how cookie based authentication works? I’ve never done anything involving either authentication or cookies. What does the browser need to do? What does the server need to do? In what order? How do we keep things secure? I’ve been reading about different types of authentication … Read more

user authentication libraries for node.js?

Are there any existing user authentication libraries for node.js? In particular I’m looking for something that can do password authentication for a user (using a custom backend auth DB), and associate that user with a session. Before I wrote an auth library, I figured I would see if folks knew of existing libraries. Couldn’t find … Read more