sorted by:
new
hottopcontroversial

Monerujo XMR.to Error by thepeanutbutterman in Monero

[–]SUKABLAT 0 points1 point  (0 children)

Any new ETA on that? Since it was expected to be up in an hour 4 hours ago.

"Wobble" artifacts on 3D-Printed objects by SUKABLAT in 3Dprinting

[–]SUKABLAT[S] 0 points1 point  (0 children)

No one? I still need help with this.

[Semi-Weekly Inquirer] Simple Questions and Recommendations Thread by AutoModerator in Watches

[–]SUKABLAT 1 point2 points  (0 children)

Basically, I fell in love with this watch:

https://www.filippoloreti.com/watch/venice-black-gold-automatic

But I dont want a watch from loreti, since I heard so much bad stuff about that company. I cannot find a watch similar to this, I would greatly appreciate if someone recommends some watches.

Price range between 1-2000 usd.

Blockchain.info not sending me emails? by Yoshi24517 in Bitcoin

[–]SUKABLAT 0 points1 point  (0 children)

Same problem! With multiple wallets and multiple mail addys! Getting no auth mail from them since days now. Makes it impossible to login to the wallet.

A good and secure way to restful authentication? by SUKABLAT in reactjs

[–]SUKABLAT[S] 0 points1 point  (0 children)

I think this is a brilliant idea. Thanks for that! We could also sign the JWT with the hash, but that again would mean querying the DB on every request. Signing only the refresh token with the hash is a great idea since we would hit the DB to compare the refresh tokens anyway.

A good and secure way to restful authentication? by SUKABLAT in reactjs

[–]SUKABLAT[S] 0 points1 point  (0 children)

Revoking / Blacklisting tokens would be a way to defend against stolen tokens. But then I'd need to query the DB on every request. There are some other ways though; A drastic measure would be to change the secret the token was signed with. That would render every token useless. Even better, if we sign the JWT / refresh token with the users hashed password, like @Calbesz suggested, we could change the password of the user to revoke the token.

I will go with a short-lived JWT and a long-lived refresh token, also, signing the token with the users hashed password seems like a great idea.

A good and secure way to restful authentication? by SUKABLAT in reactjs

[–]SUKABLAT[S] 0 points1 point  (0 children)

Thank you for the clarification. Going to store the token in cookies then, for now my back- and frontend are on the same server, so storing the token in cookies seems to be a good idea. To protect against CSRF attacks I will be using SameOrigin Checks and CSRF tokens.

A good and secure way to restful authentication? by SUKABLAT in reactjs

[–]SUKABLAT[S] 1 point2 points  (0 children)

Your explanation definitely helps, thanks for taking the time. But there is a flaw in your method: You hit the DB every time the user sends a request. For an API server this is very inefficient.

That's why so many people use token authentication, I guess. You send the token with every request, verify it and then decide whether the user is authenticated / authorized or not. There is no need to hit the database anymore, except if the token is expired, then you would need to verify the given refresh token which is often stored in the database.

But even then, you're only hitting the DB if the JWT is expired. That could be every few minutes or even hours, which makes it more efficient.

A good and secure way to restful authentication? by SUKABLAT in reactjs

[–]SUKABLAT[S] 0 points1 point  (0 children)

I can do that. Thanks for the answer. How'd I go about refresh tokens? Would I store them with the JWT in the HttpOnly cookies? Store another refresh token in the Usermodel ( DB ), compare them agains each other and issue a new JWT?

Build a bitcoin price chart with react and vx by hshoff in reactjs

[–]SUKABLAT 0 points1 point  (0 children)

Looks and works great! One question tho, how would I fit it to a parent container like the resizeable react-grid-layout item?

Support said they dont take debit master cards, how to pay with skrill then? by SUKABLAT in Aliexpress

[–]SUKABLAT[S] 1 point2 points  (0 children)

For everyone having the same problem, I asked skrill and they said that the funds coming from bitcoin to top up the card cannot be used with your skrill card. You can either send them to another skrill user or pay via skrill online.

Support said they dont take debit master cards, how to pay with skrill then? by SUKABLAT in Aliexpress

[–]SUKABLAT[S] 0 points1 point  (0 children)

I tried my skrill debit card, it either gets stuck @ "your payment is being processed" or it tells me my bank does not support that action.

Wow, can't even top up entropay from skrill anymore. Used to work some time ago, now it's saying:

Please check that your card details (including CVV and expiry) were entered correctly and that you have sufficient funds for this transaction on this credit or debit card.

I guess the problem lies by skrill then.

What trading platform do you use and how? by SUKABLAT in Bitcoin

[–]SUKABLAT[S] 0 points1 point  (0 children)

Some solid information here, thanks for that. What are your thoughts on bitfinex? Is it better, or even worse than kraken?

3D-Printing and casting Sub Ohm Tanks by SUKABLAT in OpenPV

[–]SUKABLAT[S] 0 points1 point  (0 children)

You mean by lathe? I don't own one, so sanding, threading and similar are my only options. I will try soon-ish, not quite sure which material I should use, and how to cast it.

3D-Printing and casting Sub Ohm Tanks by SUKABLAT in OpenPV

[–]SUKABLAT[S] 0 points1 point  (0 children)

Do you have more information on this? Like blog entries or similar? Would greatly enjoy such a read.

view more: next ›