rostag / bigpolicy_eu

Here is a draft of opensource crowdfunding platform for social activists, who do not want to be involved into obsolete corrupted parties, but are bright and willing for change:

http://bigpolicy.eu

MIT License

5 stars 3 forks source link

Respect security requirements and keep it up to date #49

Closed rostag closed 1 year ago

rostag commented 8 years ago

Check project against security requirements and do it on regular basis:

Front-End Security

Angular 2 Security Guidelines

Back-End Security

Node.js Security Checklist Node.js Security Tips Node JS Securiy Official ExpressJS Production Best Practices: Security

Database Security:

MongoDB Security Manual MongoDB 3.2 Security Checklist Mongodb - Security Weaknesses in a typical NoSQL database

Check-list:

[ ] Prevent unauthorized access to API. See this doc: https://auth0.com/blog/understanding-angular-2-change-detection/

Auth0 JWT Updates (Jan 29 2018):

https://github.com/auth0-blog/nodejs-jwt-authentication-sample https://medium.com/@blacksonic86/angular-2-authentication-revisited-611bf7373bf9 https://auth0.com/blog/real-world-angular-series-part-1/ angular2-jwt migration: https://github.com/auth0/angular2-jwt/issues/449#issuecomment-353022577

Prokop commented 8 years ago

@vlodkoz could be interesting and learning case for understanding IT systems and security threats

regards