As our applications grow in complexity, application security needs to change to keep pace. Using real-world examples we will explore new implementations for user authorization and authentication. We’ll go beyond the basics of determining if a user is logged in, and discuss using JSON Web Tokens (JWT) for authentication. By examining security vulnerabilities lurking in most web applications we can demonstrate strategies to implement new security patterns using today's hottest JavaScript frameworks (Angular, React, Vue). You’ll find unique ways to differentiate users by roles or security groups, changing the user experience. We’ll discuss ways to control a user’s access down to a single data point by moving our authorization model to the component level.

Key areas to be covered:

- JSON Web Token (JWT) best practices
- Route and Component level authorization
- Role based user access
- Vulnerabilities in modern web apps