learning stuff

This article will compare REST with the lesser known  GraphQL  style APIs. What is a REST API? REST (Representational State Transfer) is a client-server architecture style centred around resources and the state transitions can go through. A resource is named and located via a URI (Uniform Resource Identifier) . Usually, the HTTP transport protocol is used which give access to the standard HTTP methods/verbs allowing CRUD (create, read, update, delete) operations to be performed on the resources. The accepted CRUD operation to HTTP verb mappings can be found here .   For instance: curl -X GET http://api.com/users/1/photos/1 -H 'Content-Type: application/json' In the above example, the HTTP verb GET is used to indicate a read operation, the Content-Type:  application/JSON header indicates the desired representation. There are many more REST architectural constraints which would make an API truly RESTful but this is the general minimal you'll...

This is a large and somewhat confusing topic in software engineering. It doesn't help that we often abbreviate both terms to "auth", so first an explanation in plain English: Authentication : Are you who you say you are. Authorization : What you are allowed to do. It is useful to have the above one-liners in mind when thinking about these terms. Authentication is the act of confirming a claim to be true, authentic, real, genuine.  E.g. A person at airport claims to be Kye Yeung with a passport. The security guard authenticates this claim. Authorization is the act of giving permission to access resources. E.g. My nephew asks if he can play video games for an hour, I can authorize/give him permission to do so or not. This article will discuss a few popular internet security technologies but is by no means exhaustive. Basic HTTP Authentication Basic HTTP authentication , often abbreviated to "basic auth", is a protocol that requires client requests t...