{"id":22538045,"url":"https://github.com/buzzcosm/ztm-course-exercises-nodejs-security-example","last_synced_at":"2025-03-28T06:42:56.399Z","repository":{"id":265146125,"uuid":"895270849","full_name":"buzzcosm/ztm-course-exercises-nodejs-security-example","owner":"buzzcosm","description":"Security Example","archived":false,"fork":false,"pushed_at":"2024-12-08T15:00:53.000Z","size":30,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-02T07:28:44.240Z","etag":null,"topics":["2fa-security","helmetjs","security","ssl","tls","ztm","ztm-course-exercises"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/buzzcosm.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-11-27T22:15:13.000Z","updated_at":"2024-12-08T15:00:56.000Z","dependencies_parsed_at":"2024-11-27T23:34:22.062Z","dependency_job_id":null,"html_url":"https://github.com/buzzcosm/ztm-course-exercises-nodejs-security-example","commit_stats":null,"previous_names":["buzzcosm/ztm-course-exercises-nodejs-security-example"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/buzzcosm%2Fztm-course-exercises-nodejs-security-example","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/buzzcosm%2Fztm-course-exercises-nodejs-security-example/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/buzzcosm%2Fztm-course-exercises-nodejs-security-example/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/buzzcosm%2Fztm-course-exercises-nodejs-security-example/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/buzzcosm","download_url":"https://codeload.github.com/buzzcosm/ztm-course-exercises-nodejs-security-example/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245984558,"owners_count":20704794,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["2fa-security","helmetjs","security","ssl","tls","ztm","ztm-course-exercises"],"created_at":"2024-12-07T11:09:54.335Z","updated_at":"2025-03-28T06:42:56.378Z","avatar_url":"https://github.com/buzzcosm.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Security Example\n\n`ZTM` Udemy Course - [Complete NodeJS Developer](https://www.udemy.com/course/complete-nodejs-developer-zero-to-mastery).\n\n## Prerequisite\n\n- `Node.js` is installed โšก\n- Prefered Code-Editor/IDE is installed (For example: `vscode`) โœ\n- Terminal is ready ๐Ÿ˜Ž\n\nOrigin source on GitHub [here](https://github.com/odziem/security-example).\n\n## Description\n\nExercises for Security Example.\n\n## Open SSL\n\nCreaate:\n\n```shell\nopenssl req -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 365\n```\n\n## Process\n\nInstall npm packages โฌ‡\n\n```shell\nnpm install\n```\n\nRun node application ๐ŸŽ๏ธ๐Ÿ’จ\n\n```shell\nnpm start\n```\n\n```shell\nnpm run dev\n```\n\nClean packages ๐Ÿงน๐Ÿชฃ\n\n```shell\nnpm run clean\n```\n\nCheck vulnerabilities ๐Ÿค”\n\n```shell\nnpm audit\n```\n\nFix vulnerabilities if needed โœ…\n\n```shell\nnpm audit fix\n```\n\n## Useful references\n\n- [wireshark](https://www.wireshark.org/)\n- [Let's Encrypt](https://letsencrypt.org/)\n- [Wikipedia - Self-signed certificate](https://en.wikipedia.org/wiki/Self-signed_certificate)\n- [openssl](https://openssl.org/)\n- [helmet.js](https://helmetjs.github.io/) ๐Ÿ”๐Ÿ›ก๏ธโšก๐Ÿ’ก๐Ÿ”ฅ\n - My Docs: [helmet.md](./docs/helmet.md)\n- get free ca-signed certificate\n - [Let's Encrypt](https://letsencrypt.org/)\n - [ZeroSSL](https://zerossl.com/)\n - [SSL For Free](https://www.sslforfree.com/)\n- Security\n - [Cross-Site Scripting (XSS)](https://www.blackduck.com/glossary/what-is-cross-site-scripting.html#:~:text=Definition,the%20user%20to%20click%20it.)\n - [okta - article: authentication vs authorization](https://www.okta.com/identity-101/authentication-vs-authorization/#:~:text=Authentication%20confirms%20that%20users%20are,and%20access%20management%20(IAM).)\n - My Docs: [Two-Factor Authentication (2FA)](./docs/two-factor-authentication.md)\n - [JWT - JSON Web Tokens Standard](https://jwt.io/)\n \u003e **Warning**: JWTs are credentials, which can grant access to resources. Be careful where you paste them! We do not record tokens, all validation and debugging is done on the client side.\n - [okta: What is OAuth 2.0](https://auth0.com/intro-to-iam/what-is-oauth-2)\n - [okta: OAuth 2.0 Flow](https://auth0.com/docs/get-started/authentication-and-authorization-flow/which-oauth-2-0-flow-should-i-use)\n\n## Interesting Stuff\n\n- [BOOMERANG - A simple testing tool to debug your APIs](https://boomerangapi.com/)\n- [akamai - mPulse Boomerang](https://techdocs.akamai.com/mpulse-boomerang/docs/welcome-to-mpulse-boomerang)\n- [Mozilla: HTTP response status codes](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status)\n- [Google Cloud Platform (GCP)](https://cloud.google.com/gcp)\n- [Auth for Generative AI Applications](https://www.auth0.ai/)\n- [okta: Homepage - Everything starts with Identity](https://www.okta.com/)","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbuzzcosm%2Fztm-course-exercises-nodejs-security-example","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbuzzcosm%2Fztm-course-exercises-nodejs-security-example","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbuzzcosm%2Fztm-course-exercises-nodejs-security-example/lists"}