Node.js Security Table of Contents

Table of Content



  • The Importance of Security in Web Applications
  • Express Is Not Secure by Default
  • Set Up the Demo Project

Cross-Site Request Forgery

  • Use Cross-Site Request Forgery
  • Protecting a Site Using CSRF Tokens
  • Protecting a Site Using Headers
  • Same-Site Policies on Cookies

SQL Injection and Cross-Site Scripting

  • SQL Injection in Action
  • Preventing SQL Injection with Template Literals
  • Cross-Site Scripting in Action
  • Preventing Cross-Site Scripting

Passwords and Passwordless

  • Password User Experience
  • Securely Storing and Verifying Passwords
  • Password Reset Flows
  • Passwordless Authentication

Two-Factor Authentication

  • Why Is Two-Factor Authentication Important?
  • SMS-Based Two-Factor Authentication
  • Google Authenticator


  • Facebook Login
  • Google Identity

Authorization, Deployment and Managing Secret Keys

  • Authorization in General
  • Authorization in REST APIs
  • Authorization in GraphQL
  • Deployment and Managing Secret Keys

Apply for certification

 For Support