Authentication with Ktor
| |

Launching a Guide to Conquer Authentication with Ktor

ByTomas Zezula

Welcome to the first post on the subject of authentication with Ktor. As developers, we appreciate the importance of security, but integrating it smoothly within our backend services can sometimes seem like a daunting task. However, when working with Kotlin and Ktor, the task becomes much more approachable due to concise syntax and flexibility. This series aims to delve into the diverse authentication mechanisms. We will find our way through Basic Auth, Form Auth, to more complex ones like JWT and OAuth. Whether you’re new to Ktor or looking to broaden your horizons, this series will offer practical, hands-on experiences to help you effectively bring security to your backend applications.

Table of Contents

TLDR;

Go ahead, clone the repository and follow the instructions. The project will grow as this tutorial goes on. For now, it’ll give you everything you need to follow along this journey.

What is Ktor?

Ktor is a Kotlin framework developed by JetBrains. It’s suitable for building server-side applications, particularly RESTful APIs and web applications. The framework supports asynchronous programming and non-blocking I/O out of the box. This can lead to improved scalability and performance.

Ktor is highly modular architecture and easy to learn. Meaning, you are in control of the dependencies you use in your project and you have a great amount of flexibility either when configuring the tool or when building your APIs.

Your Reward for Following This Series

In this tutorial we will build a simple REST API using Ktor’s powerful routing DSL. Throughout this series, we will look into various authenticaton mechanisms to ensure the API can be safely accessed. We will also consider other best security practices, such as implementing CORS, prevention of CSRF attacks, or rate limiting.

At the end of the tutorial, you’ll have a clear understanding how to build resilient APIs with Ktor in a safe manner. You will be able to make informed design choices that are transferrable to many other projects.

Stay tuned for the upcoming articles in this series!

Similar Posts

Branch pruning
|

Keeping Your Git Garden Pruned: Safely Removing Orphaned Local Branches

ByTomas Zezula

Are you drowning in a sea of ghost branches? Have you ever scrolled through your local Git repository only to be overwhelmed by a convoluted tangle of orphaned branches? You’re not alone. Unused, stale, or obsolete branches can quickly amass in our workspace, creating a breeding ground for confusion and chaos. As developers, maintaining a clean and organized local repository is essential for efficient and error-free work. This blog post offers easy-to-follow steps on how to safely prune those redundant local Git branches that have lost their ties to the remote upstream. It’s time to trim away the excess, and clear the path for cleaner code and smoother collaboration.

Featured image
| |

Streamlining Console Output Verification with Kotest

ByTomas Zezula

Console logging is often perceived as a bad practice, but in specific contexts, it’s quite suitable. Consider a scenario of a workshop where printing output directly to the console enhances transparency and simplifies the project setup. Using a comprehensive logger could lead to unnecessary clutter. However, there’s a downside to directly printing to the console—it makes it challenging to verify the result. Well, at least so I thought until I accidentally stumbled upon this awesome article by Thijs Kaper. Although Spring Boot provides out-of-the-box support for output verification, it’s also possible, and sometimes preferable, to implement it independently. In this blog post, I’ll demonstrate how to create a custom spec in Kotest that you can leverage in your tests. This spec automatically captures console output and provides the result for verification.

Stripe Series Summary
|

Your Cheat Sheet to Mastering Payment Automation with Stripe

ByTomas Zezula

More than two months ago, I embarked on a journey to create a hands-on series about payment automation using Stripe. Writing the series has been an enjoyable and rewarding experience, and now the time has come to wrap it up. I hope you’ll find this final post useful. It summarizes all the essential points and provides links to the original articles, which are filled with detailed explanations and code examples. Consider it a cheat sheet that you can use as a point of reference at your convenience. Thank you for following along, and for all your insightful comments.

Ktor on Gradle
| |

Conquer Authentication with Ktor: Part 1 – Getting Started

ByTomas Zezula

This post is part of a series. In today’s post, we’ll create a project from scratch, defining API endpoints to build upon. I’ll demonstrate how to use Ktor to develop a web server, which dependencies to install, and how to structure the project for easy maintenance. There’s a lot to cover, so let’s get started!

Stripe webhooks
| |

Checking Payment Status in Stripe with Webhooks

ByTomas Zezula

Getting timely updates about payments is crucial for maintaining smooth operational flows. Especially for businesses that rely heavily on e-commerce or offer subscription-based services. Stripe provides a robust solution for this through the use of webhooks, allowing for real-time notifications on various payment events. This blog post aims to shed light on how to automate and instantly reflect payment status changes. By understanding and implementing webhooks, developers and business owners can ensure their systems are more responsive in handling financial transactions online.