In jandix/sealr: Authenction strategies for plumber
Security
When developing a plumber API, some considerations regarding security must be made.
Many things are already covered in the excellent Security section of the plumber docs, so we mostly link to the respective subsections and add specifics related to authentication/authorization.
HTTPS
Using HTTPS instead of the insecure HTTP is crucial when working with authentication. The data exchanged between your plumber API and the (frontend) application is highly sensitive. If you don't use https, those data will be sent across the network unencrypted and attackers could easily steal access tokens not only for your plumber API but also tokens exchanged as part of the OAuth dance used for authenticating using Google.
Read more about why using HTTPS is critical in the plumber docs. There you also learn more about how you can enable HTTPS for your plumber API.
All our examples assume that you use HTTPS.
Cookies and CSRF
Local storage and XSS
jandix/sealr documentation built on Oct. 3, 2021, 1:16 p.m.
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Security
When developing a plumber API, some considerations regarding security must be made.
Many things are already covered in the excellent Security section of the plumber docs, so we mostly link to the respective subsections and add specifics related to authentication/authorization.
HTTPS
Using HTTPS instead of the insecure HTTP is crucial when working with authentication. The data exchanged between your plumber API and the (frontend) application is highly sensitive. If you don't use https, those data will be sent across the network unencrypted and attackers could easily steal access tokens not only for your plumber API but also tokens exchanged as part of the OAuth dance used for authenticating using Google.
Read more about why using HTTPS is critical in the plumber docs. There you also learn more about how you can enable HTTPS for your plumber API.
All our examples assume that you use HTTPS.
Cookies and CSRF
Local storage and XSS
R Package Documentation
Browse R Packages
We want your feedback!
Note that we can't provide technical support on individual packages. You should contact the package authors for that.
Embedding an R snippet on your website
Add the following code to your website.
For more information on customizing the embed code, read Embedding Snippets.