Please go through the points below and answer questions in the comments and discuss them with your mates.
- What are the benefits of registration and signing in on GitHub?
- What is the difference between authentication and authorization?
- How can we prevent a request from being fulfilled? Like trying to access a private GitHub repo of someone else?
- After the user logs in using the backend end-point we create, how can we can keep that user logged in all the time without asking them to login again each time they visit the website or send a request that require authentication?
- What is base64 encoding?
- What are salt rounds? how does it work?
- What is Caesar Cipher? How only the communicating sides knows how to decrypt the message?
Sara, Emine, Huzeyfe
Github has different types of accounts, There are three types of accounts on GitHub.
Personal accounts, Organization accounts, Enterprise accounts
Every person who uses GitHub signs into a personal account. An organization account enhances collaboration between multiple personal accounts, and an enterprise account allows central management of multiple organizations
Benefits of using Github;
1. It makes it easy to contribute to your open source projects
To be honest, nearly every open-source project uses GitHub to manage its project. Using GitHub is free if your project is open source and includes a wiki and issue tracker that makes it easy to include more in-depth documentation and get feedback about your project. If you want to contribute, you just fork a project, make your changes and then send them a pull request using GitHub web interface.
2. Documentation
By using GitHub, you make it easier to get excellent documentation. Their help section and guides have articles for nearly any topic related to git that you can think of.
3. Showcase your work
Are you a developer who wishes to attract recruiters? GitHub is the best tool you can rely on for this. Today, when searching for new recruits for their project, most companies look into the GitHub profiles. If your profile is available, you will have a higher chance of being recruited even if you are not from a great university or college.
4. Markdown
Markdown allows you to use a simple text editor to write formatted documents. GitHub has revolutionized writing by channeling everything through Markdown: from the issue tracker, user comments, everything. With so many other programming languages to learn for setting up projects, it’s really a big benefit to have your content inputted in a format without having to learn yet another system.
5. GitHub is a repository
This was already mentioned before, but it’s important to note, that GitHub is a repository.
What this means is that it allows your work to get out there in front of the public. Moreover, GitHub is one of the largest coding communities around right now, so it’s wide exposure for your project.
6. Track changes in your code across versions
When multiple people collaborate on a project, it’s hard to keep track of revisions—who changed what, when, and where those files are stored. GitHub takes care of this problem by keeping track of all the changes that have been pushed to the repository. Much like using Microsoft Word or Google Drive, you can have a version history of your code so that previous versions are not lost with every iteration.
7. Integration options
GitHub can integrate with common platforms such as Amazon and Google Cloud, services such as Code Climate to track your feedback, and can highlight syntax in over 200 different programming languages.
what is the difference between authentication and authorization? Simply put, authentication is the process of verifying who someone is, whereas authorization is the process of verifying what specific applications, files, and data a user has access to.
Using validation and custom rules to block specific situations or users from accessing parts where security is required.
The better way is to never let a user's information leave the server, except for the id.
When the user logs in, generate a large (128 to 256 bit) random token. Add that to a database table that maps the token to the user, and then send it to the client in the cookie
an API token is similar to a password and allows you to authenticate to Dataverse Software APIs to perform actions as you. Many Dataverse Software APIs require the use of an API token
The base64 is a binary to a text encoding scheme that represents binary data in an ASCII string format.
When data transfer over the network, it is chopped into chunks called packets, and each packet contains data in binary format(0101000101001), base64 It takes binary data and transforms it into a long string of plain text.
What are salt rounds? how does it work?
salt is a random string added to the hashing password, since hashing passwords return the same length for the specific password, they are predictable.
When you have hushing + salt, the hash algorithm’s output is no longer predictable. Because you are adding an automatically random string to the hashing algorithm each time and you do not need to store it in a database.
What is Caesar Cipher? How only the communicating sides knows how to decrypt the message?
is an encryption technique. It is a type of substitution cipher in which each letter is replaced by another letter located a little further in the alphabet.
The communicating is based on shifted letters.
Example: Crypt DCODEX with a shift of 3.
To encrypt D, take the alphabet and look 3 letters after: G. So D is encrypted with G.
To encrypt X, loop the alphabet: after X : Y, after Y : Z, after Z : A. So X is coded A.
DCODEX is coded GFRGHA
source:
Q2: https://www.sailpoint.com/identity-library/difference-between-authentication-and-authorization/
Q3:https://blog.logrocket.com/how-to-handle-data-validation-in-node-using-validatorjs/
Q4: https://stackoverflow.com/questions/1354999/keep-me-logged-in-the-best-approach
Q5: https://levelup.gitconnected.com/what-is-base64-encoding-4b5ed1eb58a4
Q6:https://heynode.com/blog/2020-04/salt-and-hash-passwords-bcrypt/
Q7: https://www.dcode.fr/caesar-cipher