WDX-180
Web Development X
Week 36 | Mini CMS
Week 36 - Day 1 | Mini CMS Project
Schedule
- Watch the lectures
- Study the suggested material
- Practice on the topics and share your questions
Study Plan
Your instructor will share the video lectures with you. Here are the topics covered:
- Part 1: Creating a POST Controller for handling the creation of new Blog posts
- Part 2: Creating a View and a Controller for displaying all the available Blog posts in our Database.
You can find the lecture code here
Important: The code link above, points to a particular commit in the repository. Click the Code
=> Download Zip
button on GitHub, to download the code as it was in that exact commit.
References & Resources:
Exercises
CHALLENGE: Find out how you can automatically redirect the user to the newly created Post page.
IMPORTANT: Make sure to complete all the tasks found in the daily Progress Sheet and update the sheet accordingly. Once you’ve updated the sheet, don’t forget to commit
and push
. The progress draft sheet for this day is: /user/week36/progress/progress.draft.w36.d01.csv
You should NEVER update the draft
sheets directly, but rather work on a copy of them according to the instructions found here.
Week 36 - Day 2 | Practice Day
Schedule
- Practice on the topics and share your questions
Study Plan
Today is practice day. Practice on the topics covered so far and share your thoughts, questions and insights.
Happy hacking!
Week 36 - Day 3 | Authentication
Schedule
- Watch the lectures
- Study the suggested material
- Practice on the topics and share your questions
Study Plan
Your instructor will share the video lectures with you. Here are the topics covered:
- Part 1: Work on the Home Page Controller
- Part 2: Authentication
You can find the lecture code here and the diagrams here.
Important: The code link above, points to a particular commit in the repository. Click the Code
=> Download Zip
button on GitHub, to download the code as it was in that exact commit.
Lecture Notes & Questions:
References & Resources:
- Authentication (AuthN) vs Authorization (AuthZ)
Week 36 - Day 4 | Practice Day
Schedule
- Practice on the topics and share your questions
Study Plan
Today is practice day. Practice on the topics covered so far and share your thoughts, questions and insights.
Happy hacking!
Week 36 - Day 5 | Protected Routes
Schedule
- Watch the lectures
- Study the suggested material
- Practice on the topics and share your questions
Study Plan
Your instructor will share the video lectures with you. Here are the topics covered:
- Part 1: Authentication & Security
- Part 2: Authentication & Security
You can find the lecture code here and the diagrams here.
Important: The code link above, points to a particular commit in the repository. Click the Code
=> Download Zip
button on GitHub, to download the code as it was in that exact commit.
References & Resources:
- POST Method details (encoding, etc.)
- Percent encoding
- Base64 Encoding/Decoding
- Be very careful with the test data and accounts that you use during development/debugging. It’s important for this data and accounts not ending up in production. (Especially the DB accounts with weak passwords)
- HTTP Set-Cookie header
- ALWAYS REMEMBER: “No data from the browser is trustworthy”
- When the user logs out, the cookie must always be removed or invalidated.
Exercises
Here’s your challenges for today:
- Find out all the appropriate HTTP status codes and make sure that all endpoints send back the appropriate codes, e.g. 404, 200, 401, 302, etc.
- Learn about the differences between the various encoding schemes: percent encoding, URI encoding, base64, etc.
- Explore cookies in-depth and try out things, deal with more
key=value
pairs, like parsing multiple cookies and restricting cookies to particular paths and setting an expiration date- References: https://stackoverflow.com/a/20912911/4861760
- Research: how to detect cookie tampering
-
CHALLENGE: secure the cookie authentication mechanism by introducing hashing (learn/Cookie.Tampering.101.md)
- Use Tailwind CSS to prettify the Post pages! (Pick a ready made template)
IMPORTANT: Make sure to complete all the tasks found in the daily Progress Sheet and update the sheet accordingly. Once you’ve updated the sheet, don’t forget to commit
and push
. The progress draft sheet for this day is: /user/week36/progress/progress.draft.w36.d05.csv
You should NEVER update the draft
sheets directly, but rather work on a copy of them according to the instructions found here.
Weekly feedback: Hey, it’s really important for us to know how your experience with the course has been so far, so don’t forget to fill in and submit your mandatory feedback form before the day ends. Thanks you!