Sails JS security [DRAFT]

Feel free to share...Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone

This is a checklist I am creating for myself to secure different areas of a SailsJS application I am developing these days.

For API security: https://github.com/lucj/sails-oauth2-api

For user authentication and thirdparty login: PassportJS

CSRF:

This was really important as sails by default allows CRUD operations with both GET and POST so to avoid CSRF I added the following path to the routs.js

I will keep adding more stuff so please feel free to comment if you think I missing something.

Feel free to share...Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone