</>

#security

28 snippets tagged with #security

typescriptintermediate

In-Memory Rate Limiter for Express

Token bucket rate limiter middleware for Express with configurable window and max requests per IP.

Best for: API abuse prevention

#express#rate-limit
typescriptadvanced

JWT Refresh Token Rotation

Implement secure token rotation with short-lived access tokens and one-time-use refresh tokens.

Best for: Secure API authentication

#jwt#authentication
typescriptbeginner

Bcrypt Password Hash & Verify

Hash and verify passwords with bcrypt using configurable salt rounds and timing-safe comparison.

Best for: User registration

#bcrypt#password
typescriptintermediate

Node.js Crypto Utility Functions

Common cryptographic operations: hashing, HMAC, encryption, random tokens, and password hashing.

Best for: Secure password storage and verification

#nodejs#crypto
typescriptintermediate

Node.js Token Bucket Rate Limiter

Implement an in-memory token bucket rate limiter for controlling API request throughput.

Best for: Protecting APIs from abuse and DDoS

#nodejs#rate-limiting
typescriptbeginner

CORS Configuration Middleware

Configure Cross-Origin Resource Sharing with origin allowlists, credentials, and preflight handling.

Best for: API CORS configuration

#nodejs#cors
typescriptintermediate

Secure Cookie and Session Management

Handle HTTP cookies with signing, encryption, and session management using secure defaults.

Best for: Authentication session handling

#nodejs#cookies
typescriptintermediate

Webhook Handler with Signature Verification

Process incoming webhooks with HMAC signature verification, replay protection, and idempotency.

Best for: GitHub/Stripe webhook processing

#nodejs#webhook
typescriptbeginner

API Key Authentication Middleware

Simple API key validation middleware that checks the X-API-Key header against a set of valid keys.

Best for: Public API authentication

#express#authentication
typescriptintermediate

Webhook Signature Verification

Verifies HMAC-SHA256 webhook signatures to ensure payloads are from trusted sources.

Best for: GitHub webhook handlers

#webhook#security
typescriptadvanced

Sliding Window Rate Limiter

Implements sliding window rate limiting that distributes limits more evenly than fixed windows.

Best for: API rate limiting

#rate-limiting#security
typescriptadvanced

Edge Middleware Rate Limiter

Rate limit API requests at the edge using a sliding window counter with configurable thresholds.

Best for: API abuse prevention

#middleware#rate-limiting
typescriptadvanced

Next.js Middleware for Authentication

Protect routes with Next.js middleware using token verification and role-based redirects.

Best for: Protecting authenticated routes at the edge

#nextjs#middleware
typescriptintermediate

API Route Rate Limiting

Add rate limiting to Next.js API routes with sliding window, IP-based limits, and custom responses.

Best for: API abuse prevention

#nextjs#api
typescriptbeginner

Server-Only Utility Functions

Ensure utility functions only run on the server using the server-only package to prevent client leakage.

Best for: protecting secrets

#nextjs#server-only
typescriptadvanced

Rate Limiter for Edge Functions

Implement sliding window rate limiting in Next.js middleware using in-memory or KV store.

Best for: API protection

#nextjs#rate-limiting
typescriptadvanced

Content Security Policy Headers

Configure strict CSP and security headers in Next.js for production-grade security.

Best for: production security

#nextjs#csp
typescriptadvanced

Webhook Handler with Signature Verification

Handle incoming webhooks with signature verification and idempotent processing.

Best for: payment webhooks

#nextjs#webhooks
sqladvanced

Row-Level Security Policies

Enforce data access rules at the database level with PostgreSQL Row-Level Security policies.

Best for: Multi-tenant databases

#security#rls
sqlintermediate

GRANT and REVOKE Permission Management

Manage database permissions with GRANT and REVOKE for roles, schemas, and tables.

Best for: database security

#sql#permissions
bashintermediate

Nginx SSL Setup with Certbot

Bash script to install and configure SSL certificates with Certbot for Nginx with auto-renewal.

Best for: Setting up HTTPS for production websites

#ssl#certbot
bashintermediate

Nginx Rate Limiting Configuration

Nginx rate limiting with multiple zones for API and login routes, burst handling, and custom error pages.

Best for: Protecting APIs from abuse and DDoS

#nginx#rate-limiting
bashintermediate

Fail2ban Security Configuration

Configure Fail2ban to protect SSH and Nginx from brute force attacks with custom jail rules.

Best for: Protecting SSH from brute force attacks

#fail2ban#security
javaadvanced

Spring Security — JWT Authentication

Implement JWT authentication with Spring Security: token generation, validation, and filter chain.

Best for: Securing REST APIs with JWT tokens

#spring-boot#jwt
javaadvanced

AES Encryption and Decryption

Encrypt and decrypt data with AES-GCM in Java: key generation, secure random IV, and Base64 encoding.

Best for: Encrypting sensitive data at rest

#java#encryption
javaintermediate

Secure Password Hashing

Hash passwords securely with PBKDF2 and verify them — no external libraries required.

Best for: User registration password storage

#java#security
javaadvanced

Spring Security — Role-Based Access Control

Configure RBAC with Spring Security: roles, method security, endpoint permissions, and custom filters.

Best for: Fine-grained API endpoint authorization

#spring-boot#security
kotlinadvanced

Spring Security with JWT Authentication

Configure Spring Security in Kotlin: JWT token generation, validation, role-based access, and security filters.

Best for: JWT-based stateless authentication

#kotlin#spring

Related Topics

#express#middleware#nodejs#api#nextjs#postgres