0 views collected around this technical thread.
The article examines a single sign‑on loop‑login problem caused by Secure‑flagged cookies being set over HTTP, explains how missing tokens trigger endless redirects, and recommends enforcing HTTPS or using a non‑Secure auxiliary token to break the redirect cycle.
This article explains the concepts, formats, common problems, and testing applications of cookies, sessions, and tokens, helping readers grasp how these mechanisms work together to manage authentication and state in web applications.
This guide explains how to implement QQ login using the official OAuth2.0 flow, covering developer registration, creating a website application, obtaining the authorization code, access token, and OpenID, and finally calling the get_user_info API to retrieve user details.
This article explains how to build a QR code login feature for web applications by coordinating mobile and web servers, generating UUIDs, storing temporary data in Redis, and polling for authentication, providing a practical step‑by‑step guide with diagrams.
This article explains the technical principles behind QR code login, detailing the client‑server interaction, UUID generation, Redis storage, long‑polling, and token handling, and illustrates the implementation with real‑world examples from Taobao and WeChat, including code snippets and flow diagrams.
This article reviews the historical development, current practices, and future direction of web authentication, covering traditional password login, third‑party protocols like OpenID and OAuth2.0, two‑factor authentication methods, and the emerging password‑less WebAuthn standard.