This talk has been (or will be) presented at:
Web & mobile session management using akka-http
Almost all web & mobile applications need some kind of session support: after logging in, state should be maintained which allows to identify the user on the server during subsequent requests in a secure way, so that the data cannot be tampered with.
akka-http is a great toolkit for building reactive mobile/web backends, using an elegant DSL;
akka-http-session builds on top of that to provide secure session management.
We'll discuss how session storage can be implemented, what are the security challenges (with an emphasis on cookies) and what kind of solutions
akka-http-session provides. We'll also do a quick introduction to
JWT (Json Web Tokens), one of the supported formats for encoding session data.
Finally, no presentation can be complete without a live demo showing how using
akka-http-session looks like in practice.