r2c is a startup working to profoundly improve software security and reliability to safeguard human progress. We are a team of AppSec engineers and program analysis experts. Having analyzed thousands of open source projects and spoken with hundreds of Python developers, we identified common security pitfalls that are specific to Python web apps. We partnered with authors of major web frameworks to identify common “gotchas” and create a set of best practices for building robust Python web apps. The tutorial will include: * Brief overview of common security problems (OWASP Top 10) * Common gotchas for Flask and Django * Tools for robust Python backend development * Q&A
During this presentation I want to to solve one and single problem. "I want to log in with Facebook". Since 2018 I've attended to multiple presentations which should have prepared me to accomplish this task. I knew the payload structure of JWT, I knew theory of OAuth, I got all the blocks, but they didn't match well. I've tried to stick them together with a StackOverflow Glue™, but along the way I've understood that I didn't get the real-life concept. The plan for the talk is to go through the path of: - facebook authentication - JWT generation in Django Rest Framework - Django as API setup - <inhales> React setup with Axios to handle session refreshing In the end I'll demo a working facebook authentication example with a code shared on git.
Clara McCreery is a software engineer at r2c, the company that maintains Semgrep, an open-source syntax-aware code search tool. At r2c, her primary work has been as a full-stack developer on the semgrep.live (http://semgrep.live/) web app. Clara recently received her M.S. in Computer Science from Stanford, where she specialized in machine learning. In her free time, Clara is a classical violinist, a not-so-classical steel pan player, and played trombone exactly once in the Stanford Marching band.
Python developer focused on community. Member, common speaker and co-organiser of Pykonik. Coordinator of Python Challenge competitions at PyConPL since 2015. Coding in Python for 10 years with a focus on web development. Currently working for Houst. In the spare time a fantasy lover and organiser of Fornost convention. His common answer for question: "what do you like in programming" is "people".