Adventures Integrating Auth0 - JwT in a Distributed App (React, and Python/Flask)
Introduction I was posed the question in an interview recently, "how do you secure your endpoints on an API?" To be honest, I never really thought of this as something I needed to know. Up until this point, I've been relying on APIs built by others, and never really dug into how the process worked. I did understand the overall concept of token based authentication, but I didn't know how to implement, or even how to create a decorator for authentication purposes. So, I told the interviewer, I would use some form of token based authentication, and hoped that would suffice. Of course, it didn't. So, in the interest of expanding my knowledge base, I decided not to be caught with my pants down in another interview where this topic may be raised again, and began a sample integration of Auth0. As I began to develop the solution, as I generally do, using a distributed application architecture (where the API is hosted on a separate server fr...