RestAPI

2020


cover-jwt-authentication-rethinking-pattern.png

JWT Authentication: Rethinking the Pattern

Michael Ashton

Part two of a two-part series. View part one.

Stateless authentication with JSON Web Tokens  —  safely!

As developers who build REST APIs, we are quite familiar with JSON Web Token (JWT) based authentication. The typical pattern is this:

cover-jwt-authentication-how-does-it-work.png

JWT Authentication: How Does it Work?

Michael Ashton

Part one of a two-part series.

A REST API is a wonderful way to expose application data to a wide variety of clients. Anything that can speak HTTP can communicate with a REST API, and these days that means an exciting variety of devices. From plain old web browsers to mobile devices to a whole array of IoT applications  —  there are a lot of good reasons to use a REST API. And if you’ve ever built one, you’re familiar with the predominant means of restricting endpoints to authenticated users  —  JSON Web Token (JWT) based authentication.

2019


cover-single-page-application-rest-abstraction.jpg

Single Page Application + REST as an Abstraction: The Benefits of Decoupling Your Front & Back Ends

Michael Ashton

Monolithic, consolidated applications are not bad. These are your Rails apps, your Django apps, etc. — the ones where your server sends back HTML and assets. You’ve faithfully followed the Model-View-Controller (MVC) pattern as best you can and your concerns are “separated.” This design principle is not passé. It just so happens that for a long time, it was your only option.

2015


cover-q2-2015-shipit-day-recap.jpg

Q2 2015 ShipIt Day ReCap

Liza Chabot

Last Friday everyone at Caktus set aside their regular client projects for our quarterly ShipIt Day, a chance for Caktus employees to take some time for personal development and independent projects. People work individually or in groups to flex their creativity, tackle interesting problems, or expand their personal knowledge. This quarter’s ShipIt Day saw everything from game development to Bokeh data visualization, Lego robots to superhero animation. Read more about the various projects from our Q2 2015 ShipIt Day.

Webinar: Testing Client-Side Applications with Django

Hao Nguyen

Technical Director Mark Lavin will be hosting a free O’Reilly webinar today at 4PM EST or 1PM PT on Testing Client-Side Applications with Django. Mark says testing is one of the most popular question topics he receives. It’s also a topic near and dear to Caktus’ quality-loving heart. Mark’s last webinar garnered more than 500 viewers, so sign up quick!

2014


Webcast: Creating Enriching Web Applications with Django and Backbone.js

Hao Nguyen

Update: The live webcast is now available at O’Reilly Media

Our technical director, Mark Lavin, will be giving a tutorial on Django and Backbone.js during a free webcast for O’Reilly Media tomorrow, November 6th, 1pm EST. There will be demos and a discussion of common stumbling blocks when building rich client apps.

OSCON 2014 & REST API Client Best Practices

Hao Nguyen

Mark Lavin, Caktus Technical Director and author of the forthcoming LightWeight Django was recently at OSCON 2014 in Portland where he gave a talk on improving the relationship between server and client for REST APIs. OSCON, with over 3000 attendees, is one of the largest open source conferences around. I sat down with him to ask him about his time there.