In this liveProject, you’ll add secure session management to the API for granting employee leave. You’ll implement an authenticated leave retrieval call, a user logout flow, and a password update flow for users whose credentials are forgotten or compromised. These are essential building blocks for creating a secure API.
This liveProject was implemented by Natan Streppel.
This project is designed for learning purposes and is not a complete, production-ready application or solution.
The liveProject is for Java programmers familiar with the basics of REST APIs. To begin this project you will need to be familiar with:
- Basics of Java 11 (classes, interfaces)
- Basics of Spring MVC (POST of GET requests)
- Basics of JDBC or Spring Data (insert or retrieve data from a database)
- Java IDEs such as Eclipse or IntelliJ IDEA
- Testing APIs via Postman
- Docker and Docker Compose
- Basic debugging
- Code reviews
- Code refactoring
- Unit testing
- Security testing
you will learn
In this series of liveProjects, you’ll learn how to add essential security features to a REST API.
- Understanding an API specified in Open API Specification 3.0 using Swagger
- Setting up an environment to implement the API specification provided using Java Spring
- Implementing session management
- Testing the functionality of the reference API implementation using Postman