Joined June 2014
·
Posted to
Goodbye PHP Sessions, Hello JSON Web Tokens
over 1 year
ago
Don't actually put your secret key in the code. Store it as an environment variable or define it inside an included file outside of the web root.
Don't have error messages enabled on production. You should be showing users a generic friendly error message with no technical details.
Posted to
$q and Promise with ajax call in AngularJS
over 1 year
ago
Thanks for this. I have found $q to be really useful in AngularJS and promises are a very useful design pattern when dealing with asynchronous services.
Posted to
Goodbye PHP Sessions, Hello JSON Web Tokens
over 1 year
ago
The server doesn't need to store the token. The server only needs to remember the secret key that the token was signed with. That would be most likely stored in some sort of configuration.php and would not change often.
Posted to
CodeIgniter and Angularjs project
over 1 year
ago
Achievements
654 Karma
322,646 Total ProTip Views
Cub
Have at least one original jQuery or Prototype open source repo
Forked
Have a project valued enough to be forked by someone else
Nephila Komaci
Have at least one original repos where PHP is the dominant language
Charity
Fork and commit to someone's open source project in need
@getuliodtj No, not really. That's what exceptions are for. You should wrap the code in a try/catch block and handle any exceptions that it throws.