SujinLee

Cookies

  • Cookies
    • The server can use cookies to manage data about the user in the browser.
  • Cookie behavior
    • When you visit a browser, your browser sends a Request to the server.
    • The server will respond to the browser.
    • The response contains all data and page information the user was looking for
    • There may also be cookies that you wish to store in your browser
    • From now on, the user saves a cookie in the browser and whenever the user visits the browser, the browser also sends the cookie along with the request.
  • Cookie Features
    • Domain specific: Cookies given by YouTube are sent only to YouTube
    • Expiration Data: Cookies are valid according to the period set by the server
    • Cookies can store various information as well as authentication information (ex, website language setting)
    • Automatically sent

Stateless

  • Stateless : All requests to the server are handled independently of previous requests.
  • No connection between requests
  • No memory
  • When the process of the request is finished, the server forgets about the user.

Session

  • HTTP has a stateless request / response operation, so we have to tell who we are every time we make a request.

  • One way to handle this is Session

  • Session operation
    • If the user name + password is sent to the server and the password is correct, the server creates the corresponding user record in the session DB.
    • The session has a unique ID. The session ID is saved and returned to the browser via a cookie.
    • So, when you navigate to another page on the same website, the browser will send a cookie with the session ID to the server.
    • The server checks the session ID attached to the cookie in the request and checks the ID in the session DB
    • From there, it knows that the ID is for a specific User, and then the server knows the user.
    • That is, all important information is on the server side.
    • User has only Session ID
    • Cookie is a medium for passing Session ID
    • Cookie is for browser
    • In native apps, use tokens instead of cookies
  • Session Features
    • All session IDs of currently logged in users should be stored in the DB
    • As the number of users increases, the DB should also grow -> Redis (a fast and cheap DB to fulfill the purpose)

Token

  • String type
  • Send Token to server
  • The server finds the user matching the corresponding token in the session DB.

JWT

User authentication without DB

  • Token format
  • If user authentication is processed with JWT, there is no need to have a session DB

  • Sign the information instead of storing it in the DB and pass it back to the USer

  • Afterwards, when the user makes a request to the server, the corresponding ‘Signed Info’ or ‘token’ is sent to the server as a request.

  • When requesting a page, the server verifies that the token is valid

  • No DB management
  • Impossible to encrypt (Data with high security should not be managed with JWT)

Authentification

Nomad Coder - Session? Token? Cookies?

SujinLee

IP(Internet + Protocol) Address

  • Internet means inter + network as the name suggests
  • Several small networks are connected to form a large network
  • When computers are physically connected using an ethernet cable, it becomes a small network.
  • This is called LAN (Local Area Network)
  • LAN + LAN ==> Internet
  • Protocols on control, connection or communication and data transfer between computers on the Internet
  • an address of a computer

Gateway

  • LAN connects to the external network through a computer acting as an entrance –> that computer is a gateway
  • Gateway: A network point that serves as an entrance to another network.

DNS

  • DNS emerged in order for devices to recognize each other in computer networks and because it is impossible to memorize IP addresses one by one
  • DNS: Converts human-readable domain names into numeric identification numbers to find the address of a specific computer

    subnet

  • Abbreviation for subnetwork
    • A network that belongs to an organization but can be recognized as a separate network
  • If you look at the subnet, it is composed of 255 and 0.

  • By designating the network part as 255 and the host part as 0, you can know where the IP address is from the network address and from where the host address is.

    • For example, if subnet is 255.255.0.0 and IP address is 1.2.3.4, up to 1.2 are network addresses and 3.4 are host addresses. Again, for example, if the subnet is 255.255.255.0 and the IP address is 1.2.3.4, then 1.2.3 is the network address and the last 4 is the host address.

    • So, what exactly do the network part and the host part define?
      • The network part means the area where data can be transmitted without going through a router when data is transmitted for communication.
      • The host part refers to each PC.
    • It will be easier to understand if you look at an example. Let’s say you have 3 hosts.

    • Assume that the IP of host a is 210.170.1.1, the IP of host b is 210.170.1.2, and the IP of host c is 210.170.2.1.

    • If the subnet mask of these hosts is 255.255.255.0, the network address part is up to the third part. Therefore, up to 210.170.1., the same a and b can be directly connected to the same network.

    • If the subnet mask is 255.255.0.0, a, b, and c all become the same network and direct connection is possible.
SujinLee

What is Serverless?

  • Serverless
    • Serverless does not literally mean a backend without a server.

    • Serverless is Backend without server MGMT (management)

    • Serverless does not mean uploading the backend to the server
    • In serverless, the backend is divided into small function groups and uploaded to a server that you do not manage directly.
    • For example, AWS lambda
      • If it’s not Serverless, the server is running 24/7.
      • Always ready to respond to requests
      • In the case of Serverless, the function you uploaded is sleeping. However, as soon as the request comes in, AWS will wake the function, perform the requested operation, and again the function will go to sleep.
    • The serverless revolution is exactly as above.
    • In other words, you don’t have to stay awake for 24 hours.
    • In serverless, you only pay for the function you perform

AWS Fargate

  • AWS Fargate.
    • One example of serverless compute is AWS Fargate.
    • AWS Fargate is a serverless compute platform that you can run either ECS or EKS on top of.
    • Previously, you learned that ECS and EKS run on clusters of EC2 instances. And in that case, you are using EC2 as the compute platform for your containers, and you also have tight control over those instances.
    • With AWS Fargate as the compute platform, you run your containers on a managed serverless compute platform. The scaling and fault-tolerance is built in and you don’t need to worry about the underlying operating system or the environment. Instead, you just define your container, how you want your container to be run and then it scales on-demand.

AWS Lambda

def handler_name(event, context): 
    ...
    return some_value

def lamda_handler(event, context):
  print(event)
  return event['left'] + event['right']
  • trigger
    • AWS Lambda functions work with existing AWS services.
    • ex) If you add a lambda function to the AWS S3, you can set the lambda function to be executed whenever a new file is uploaded to S3.