Token Based Security, OAuth 2.0, OIDC and IdentityServer4

Introduction We all know the username/password mechanism of login to a web application. We also might have heard, used or implemented authentication/authorization systems, with or without frameworks. Token-based security is one of common mechanism to secure backend APIs. A common architecture for web applications typically consist of a web client app (e.g. an Angular or … Read more

AWS Application Deployment Basics – Docker Containers

Introduction In previous few posts in this series, we deployed and ran couple of applications on our EC2 based infrastructure. Here is how our architecture currently looks like from the previous post: Our applications are running in private subnet and NGNIX working as reverse proxy is allowing access over the internet. Today, we will just … Read more

AWS Application Deployment Basics – .NET Core Apps

Introduction In previous two posts in this series, we have setup a VPC with public and private subnets, launched EC2 instances. Setup PostgreSQL database and deploy a Nodejs application which we served via NGINX reverse proxy mechanism. We have the following architecture in place: If you are new to these topics, you can first check … Read more

AWS Applications Deployment Basics – Part 2 (Setup NGINX)

Introduction In the previous post of this series “AWS Application Deployment Basics”, we setup a PostgreSQL database and then we connect to it via a Nodejs application. However, the Nodejs application is running on the same machine and database access is local for it. It is a totally valid setup and because it is on … Read more

AWS Applications Deployment Basics – Part 1 (VPC and PostgreSQL Setup)

Introduction In this series about deploying applications in AWS, I will discuss different methods and steps required to run different applications in AWS. We will be covering different moving parts in AWS as needed to run typical applications. This series will be arranged in different parts to discuss different services, topics and/or technologies needed for … Read more

Node Dependency Management (Part2)

Introduction In my previous post about Nodejs – Dependency Management, we looked at basics of what is Nodejs module. How can we use module.exports and require to work with dependencies. How folder dependencies work and why they are useful. We all look at how Nodejs lookup system works to look for dependencies and some basics … Read more

Creating Self Signing Certificates for IdentityServer

Introduction Recently I was deploying IdentityServer4 to AWS and I needed self signing certificates for that purpose. I went online to get the settings for this configuration and there were a lot of articles describing in various different ways and sometimes a lot of extra information was there, which was rather confusing. Here I am … Read more

Nodejs – Dependency Management

Introduction An Important concept, in Node.js is that you want to know the way dependency management is handled. This dependency management is the part of core Node.js experience. In this post, we will learn various pattern of dependency management and how Nodejs load dependencies. So, we could write our application using a single js file … Read more

Structure JavaScript Code

Introduction Modern JavaScript frameworks like Angular, Vue etc have built-in mechanism to structure JavaScript code. When not using these frameworks, we can use simple techniques to structure our JavaScript. In this post I will show you one of them using Revealing module pattern. This pattern is very popular and there are great many resources online … Read more

AWS Security Groups Basics

Introduction Security Groups are one of the fundamental concept you need to learn when you are setting up infrastructure in AWS. Having good understanding of their working will help you not only design proper access for your EC2 instances but you will be also able to quickly spot and deal with issues with existing designs. … Read more