Overview

Single Packet Authorization (SPA) is defined as the communication of authentication information over spa server port, together with the dynamic reconfiguration of a default-drop firewall policy to allow access to services that would otherwise be blocked, SPA communicates authentication information within the payload portion of a single packet. Because packet payloads are used, SPA offers many enhancements over PK such as stronger usage of cryptography, protection from replay attacks, minimal network footprint (in terms of what IDS’s may alert on - PK sequences look like port scans after all), the ability to transmit full commands and complex access requests, and better performance.

For simple, access service is blocked by firewall, SPA client requests to open that service for itself, SPA server authenticates the request, adds proper firewall rules to that client, after that client can access server as normal.

Kernel

Overview

cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages; various aspects in information security such as data confidentiality, data integrity, authentication, and non-repudiation are central to modern cryptography.

OAuth

OAuth 2 is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service, such as Facebook, GitHub, and DigitalOcean. It works by delegating user authentication to the service that hosts the user account, and authorizing third-party applications to access the user account. OAuth 2 provides authorization flows for web and desktop applications, and mobile devices.

Overview

Traditionally, client sends a request to the server to retrieve data; that is, client requests data from the server. With server-sent events(SSE), it’s possible for a server to send new data to client at any time, but only server can send message, one way communication.

Client with http GET method to setup a connection(keep it), server accepts it and keeps the connection as well, later on server sends event to client by this connection, when server sends event, the event is as TCP payload, not http, no http at all for event sending.

Overview

An HTML form is used to collect user input. The user input is most often sent to a server for processing.

Overview

Bootstrap which is the most popular HTML, CSS, and JavaScript framework for developing responsive, mobile-first websites, most of its code are CSS, CSS classes defines how each components looks like.

Responsive Web Design

Responsive web design is broken down into three main components, including flexible layouts, media queries, and flexible media.

Frameworks

There are two popular test frameworks for React application, one is Enzyme developed by Airebnb, Enzyme is used by React early days, later on React developed its own framework React Testing Library(RTT), Both two frameworks are specific to React Application, lack of assert, mock which is provided by other framework like chai, sinon and Jest developed by FackBook.

Basic about React like JSX, Function Component, Class Component, State, Event, Hooks