ebook

Learn how to secure your Angular app properly

Authentication and authorization for single page apps doesn't need to a by a mystery anymore. Learn how to properly lock down your Angular app with this practical, step-by-step guide

Authentication for Angular apps is hard

Building a robust application can be hard enough. Properly locking it down can be even harder. Any way you crunch it, getting authentication and authorization right is crucial for non-trivial apps.


Auth in a single page application looks a lot different than it does in a traditional round-trip app. Having a separate client and server means you need to manage sessions on the front end while protecting data resources at the API in a stateless manner.



Let's Build a Security-First App Together

Learn how to build an app with the MEAN stack and make authentication, authorization, and security a priority

SpaceDust app

Chapters

An Insecure Start


Find out why "protecting" an Angular application is actually a misnomer

Build a User Registration Form


Build a user registration form and keep new user records in a Mongo database

Store Passwords the Right Way


Store passwords properly by salting and hashing them with bcrypt

The Case for Cookies and Sessions


Move data to MongoDB and implement cookie and session authentication to protect it. Learn the advantages and disadvantages of session-based authentication for single page apps

The Case for JSON Web Tokens


Refactor the app to use JSON Web Tokens for authentication. Learn the advantages and disadvantages of JSON Web Tokens and where they fall short

Angular's Auth Tool Belt: Route Guards


Learn how to add client-side route protection by preventing unauthorized users from accessing certain routes

Angular's Auth Tool Belt: HTTP Interceptors


Simplify the process of attaching JSON Web Tokens to HTTP requests. Respond to unauthorized requests and reroute users back to the login screen

Add Authorization


Add a user role to grant privileges and allow or dissallow requests based on that role

Harden the Application


Mitigate some of the most common attacks such as CSRF and XSS. Implement an assortment of protections to keep the front end and backend safe

Check Out a Screencast

Angular's Auth Tool Belt: Route Guards

227

Pages

4+ Hours

Screencast Lessons

2

Sample Applications

What the Angular Community is Saying

Ryan has been an avid contributor in the Angular community for many years now. I'm so happy that he's taken the time to consolidate his years of experience in building security into Angular applications into this complete guide. Thanks for making this happen!

Brad Green

Brad Green

Angular Core Team Manager, Google

Ryan is my go-to for anything related to authentication and authorization. He has been super informative as I’ve been building out the auth related aspects of Ultimate Angular. I highly recommend this book and course for anyone looking to lock down their Angular apps.

Todd Motto

Todd Motto

Owner, Ultimate Angular

Authentication is not something to be taken lightly. Your app and your users rely on you to stay safe. Relying on Ryan to take complex authentication/authorization topics and deliver as real live code is a no-brainer. Ryan has the expertise from his years in the auth field and the rare teaching quality to be your reliable source for securing your Angular apps.

Chris Sevilleja

Chris Sevilleja

Scotch.io

This is by far the most comprehensive books on web application security that I have ever read. As a Google Developer Expert and Angular contributor, I know quite a bit on this topic, but Ryan blew me away the breadth and depth of amazing information within this book. In particular, I love the way he frames server-side vs client-side security concerns and lays out an overall mental model for web application security. This book is a must have for all web developers.

Jeff Whelpley

Jeff Whelpley

CTO, Get Human

I have had the pleasure of working, speaking, and running workshops with Ryan all in the context of authentication. Ryan has extremely thorough and expert knowledge of web application authentication and authorization. Having the opportunity to learn from Ryan has changed my perspectives on these topics. Everyone who builds apps for the web should take advantage of any chance to learn from his expertise. This book showcases his approachable and fun teaching style, as well as his in-depth knowledge of authentication and Angular. Highly recommended!

Kim Maida

Kim Maida

Content Lead, Auth0

Comprehensive and practical examples you can easily integrate into your existing applications. If you're wondering if your authentication system is secure, you need this book.

David East

David East

Engineer, Google

With privacy and security becoming more valuable by each passing minute, authentication has to be taken seriously and from what I read in this book, Ryan has done nothing short of depicting this. The concise manner in which key fragments of important information were detailed kept me eagerly turning every page for more. Newbie and veteran alike - this book is a must read for anyone who wants to implement that quintessential authentication solution on their Angular apps.

Christian Nwamba

Christian Nwamba

JavaScript Teacher

Ryan is not only an expert software engineer but a great teacher because at a fundamental level, he deeply cares about his students and digs deep to explain concepts in clear, concise forms. I am constantly learning new things from Ryan and I frequently recommend his material to programmers looking to sharpen their skillset.

Lukas Ruebbelke

Lukas Ruebbelke

Owner, VenturPlex

Authentication and authorization are parts of almost any project that are so easy to do badly. When your auth story is off, your business and users are at risk. Ryan comes from deep in the trenches of a leading company in this space and brings this depth of knowledge to the Angular scene.

Geoff Goodman

Geoff Goodman

Engineer, Auth0

Creator, Plunker

Ultimate Package

The whole course plus a ton of extra goodies to make your app super secure

Ultimate Package

70% Black Friday Discount

$299 $90
  • Securing Angular Applications eBook (227 pages)
  • SpaceDust Angular App Source Code
  • SpaceDust Node.js API Source Code
  • Over 4 Hours of Screencasts covering all book topics
  • Auth0 Integration Screencasts
  • 1 Year of Full Access to Angularcasts.io
  • Complimentary 1 Hour Consultation and Code Review

Pro Package

Solidify your learning with a comprehensive screencast series

70% Black Friday Discount

$119 $36
  • Securing Angular Applications eBook (227 pages)
  • SpaceDust Angular App Source Code
  • SpaceDust Node.js API Source Code
  • Over 4 Hours of Screencasts covering all book topics
Pro Package

Essential Package

The book and complete source code to get started securing your app fast

Essetial Package

70% Black Friday Discount

$49 $15
  • Securing Angular Applications eBook (227 pages)
  • SpaceDust Angular App Source Code
  • SpaceDust Node.js API Source Code

Grab a Sample Chapter

Drop in your email and I'll send you a chapter from the book!

ebook preview

About the Author

author

Ryan Chenkie


Nice to see you here! I’m Ryan Chenkie and I really like JavaScript, Angular, and topics around authentication and application security. I’m a Google Developer Expert (Web Tech and Identity), Angular and Node consultant, and I also run Angularcasts.io.

I spent over two and a half years at Auth0 where I learned a ton about authentication and identity. I'm looking forward to teaching you everything I learned!