I'm using svelte 5 instead of svelte 4 here is an overview of the changes.
Svelte 5 introduces runes, a set of advanced primitives for controlling reactivity. The runes replace certain non-runes features and provide more explicit control over state and effects.
| import { ReactNode, useRef } from 'react' | |
| import { Button, FormControl, FormErrorMessage, FormLabel, Icon, InputGroup } from '@chakra-ui/react' | |
| import { useForm, UseFormRegisterReturn } from 'react-hook-form' | |
| import { FiFile } from 'react-icons/fi' | |
| type FileUploadProps = { | |
| register: UseFormRegisterReturn | |
| accept?: string | |
| multiple?: boolean | |
| children?: ReactNode |
TLDR: JWTs should not be used for keeping your user logged in. They are not designed for this purpose, they are not secure, and there is a much better tool which is designed for it: regular cookie sessions.
If you've got a bit of time to watch a presentation on it, I highly recommend this talk: https://www.youtube.com/watch?v=pYeekwv3vC4 (Note that other topics are largely skimmed over, such as CSRF protection. You should learn about other topics from other sources. Also note that "valid" usecases for JWTs at the end of the video can also be easily handled by other, better, and more secure tools. Specifically, PASETO.)
A related topic: Don't use localStorage (or sessionStorage) for authentication credentials, including JWT tokens: https://www.rdegges.com/2018/please-stop-using-local-storage/
The reason to avoid JWTs comes down to a couple different points:
| /** | |
| * @license | |
| * Copyright Akveo. All Rights Reserved. | |
| * Licensed under the MIT License. See License.txt in the project root for license information. | |
| */ | |
| import { Component, OnInit } from '@angular/core'; | |
| import { AnalyticsService } from './@core/utils/analytics.service'; | |
| import { TranslateService } from '@ngx-translate/core'; | |
| @Component({ |
I recently had several days of extremely frustrating experiences with service workers. Here are a few things I've since learned which would have made my life much easier but which isn't particularly obvious from most of the blog posts and videos I've seen.
I'll add to this list over time – suggested additions welcome in the comments or via twitter.com/rich_harris.
Chrome 51 has some pretty wild behaviour related to console.log in service workers. Canary doesn't, and it has a load of really good service worker related stuff in devtools.
By: @BTroncone
Also check out my lesson @ngrx/store in 10 minutes on egghead.io!
Update: Non-middleware examples have been updated to ngrx/store v2. More coming soon!
Table of Contents
(by @andrestaltz)
If you prefer to watch video tutorials with live-coding, then check out this series I recorded with the same contents as in this article: Egghead.io - Introduction to Reactive Programming.
