Skip to content

Instantly share code, notes, and snippets.

View slavaaaaaaaaaa's full-sized avatar
💭
🦙

Slava I. Maslennikov slavaaaaaaaaaa

💭
🦙
34 followers · 130 following
View GitHub Profile
@samsch
samsch / stop-using-jwts.md
Last active June 23, 2026 05:47
Stop using JWTs

Stop using JWTs!

TLDR: JWTs should not be used for keeping your user logged in. They are not designed for this purpose, they are not secure, and there is a much better tool which is designed for it: regular cookie sessions.

If you've got a bit of time to watch a presentation on it, I highly recommend this talk: https://www.youtube.com/watch?v=pYeekwv3vC4 (Note that other topics are largely skimmed over, such as CSRF protection. You should learn about other topics from other sources. Also note that "valid" usecases for JWTs at the end of the video can also be easily handled by other, better, and more secure tools. Specifically, PASETO.)

A related topic: Don't use localStorage (or sessionStorage) for authentication credentials, including JWT tokens: https://www.rdegges.com/2018/please-stop-using-local-storage/

The reason to avoid JWTs comes down to a couple different points:

  • The JWT specification is specifically designed only for very short-live tokens (~5 minute or less). Sessions
@kjenney
kjenney / coffee-ingress.yml
Last active September 2, 2018 18:46
EKS Test Ingress
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: coffee
namespace: ingress-nginx
spec:
tls:
- hosts:
- cafe.example.com
secretName: cafe-secret
@kjenney
kjenney / coffee.yml
Created July 18, 2018 20:28
EKS Test service and deploy
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: coffee
namespace: ingress-nginx
spec:
replicas: 2
selector:
matchLabels:
app: coffee
@slavaaaaaaaaaa
slavaaaaaaaaaa / sleepy vikings - twin peaks
Last active November 18, 2017 06:06
Lyrics of Twin Peaks by Sleepy Vikings on They Will Find You Here
in a dream it was summer
and i buried my head into
the back of your neck
the sun was high and we were
shadowless
drinking cold cokes on the front steps
i kept a telescope, i watched the skies for rain
loaded my pistol, promised "nothing ever has
to change"
@mazgi
mazgi / console.log.md
Last active March 18, 2024 17:18
LDAP Auth for SSSD, SSH, SUDO 
# uname -a
Linux base 4.0.5-gentoo #1 SMP Wed Jul 1 02:23:16 JST 2015 x86_64 Intel(R) Xeon(R) CPU E5-2640 0 @ 2.50GHz GenuineIntel GNU/Linux

Packages

# emerge -pvq openldap openssh sssd sudo
[ebuild R ] net-nds/openldap-2.4.38-r2 USE="berkdb crypt gnutls ipv6 minimal sasl ssl syslog tcpd -cxx -debug -experimental -icu -iodbc -kerberos -odbc -overlays -perl -samba (-selinux) -slp -smbkrb5passwd" ABI_X86="(64) -32 (-x32)"
@Ttech
Ttech / gist:5561777
Created May 11, 2013 23:21
#!/bin/bash
echo "----------------------"
date
temp=$(/opt/vc/bin/vcgencmd measure_temp | awk -F"=" '{print $2}' | awk -F"'" '{print $1}')
echo "temp.value $temp"
for volt in core sdram_c sdram_i sdram_p
do
voltage=$(/opt/vc/bin/vcgencmd measure_volts $volt | awk -F"=" '{print $2}' | tr -d "V")
echo "volt$volt.value $voltage"
done
@endolith
endolith / Has weird right-to-left characters.txt
Last active June 8, 2026 13:42
Unicode kaomoji smileys emoticons emoji
ּ_בּ
בּ_בּ
טּ_טּ
כּ‗כּ
לּ_לּ
מּ_מּ
סּ_סּ
תּ_תּ
٩(×̯×)۶
٩(̾●̮̮̃̾•̃̾)۶