Failure : My Teacher ( Auth )

Posted on by Deep.Kulshreshtha

How my failure, combined with my efforts to overcome helped me !

Prologue

We often hear “failures are stepping stones to success“. Proving the same, here are some of my experiences. In the next few blogs, I will write about how certain failures helped me …

Understand technology better.

Therefore, become a better techie.

Use the learnings to clear the next-level challenges.

And helped me land multiple jobs..

Intro

As software engineers, we aren’t always required to create something from scratch. Often, we take the baton from the previous team and take it forward.

While a good model, this keeps us from learning all granular details. At times the details might be unimportant, but more often are important.

Authorization

I have worked on multiple applications. Each working with some kind of Authorization/ Authentication mechanism. However, I had never done the implementation itself.

.

The Obstacle

As part of a voluntary engagement, I created a project. The project had multiple API implementations. These had to be secured via an Authoziation system. ( again – I had never done this before ).

While I completed the project pretty easily. Authorization implementation became tricky for me.

.

The Struggle

Our mutual best friend – Google, helped me out. It gave me a list of tutorials, projects, videos with such implementation. For the first time, I figured out details like:

1. Claims

2. Authority

3. Parts of an Auth token ( I had seen these before, but had never paid much attention. This time, I had to ! )

4. Mechanism of token invalidation.

 

Also things like … .

Whether Auth tokens should be verified in-memory or in a DB.

Which one will be a performance bottleneck and why ?

Whether an in-memory verification, opens doors for hackers ?

Malicious users will be able to trigger the APIs, even after the user has logged out.

How much of the risk is acceptable ?
What is special about the OAuth system using the 2 token system – Main and refresh.
What issues exist in the 2 token system ?

Once I implemented the project. I triggered my neurons to create the “understanding pathway”. Before this, the understanding was hazy ( despite my claims of it being otherwise )

TO BE CLEAR

The failure alone did NOT educate me. Failure combined with my efforts to overcome it helped me !

.

The Way

10 days later, I had a job interview. Guess what the interviewer asked ! He asked me – how Auth system works in a Spring-based security module..

Was I ready or was I ready ?

I explained all about Claims, Authorities, token timeout, best practices, and more. So much so, that he gave up the line of questioning. 😀😀😃😃

I cleared the interview. But was glad about something else – I had completed a small step in my tech learning journey. A happy moment for me.

.

While I am sure, the happiness will be short-lived. That is, I will fail at something else very soon ! But here I am enjoying the fleeting moment of happiness. Enjoying my journey from failure to a step of success !.

A small failure + some effort = becoming better

Better self -> Lead to -> Better results

I am happy I failed and worked on it until I succeeded..

My thanks to …

1. The first contact.

He had enough expectations of me to give me a challenging project.

2. The interviewer.

Who again had enough expectations to challenge me.

3. To the almightly.

Who gave me enough courage to fail, and enough brains to keep trying.

.

More blogs about my failures to success stories coming up !