ServerlessDays Auckland 2018

Standard

ServerlessDays is the evolution of JeffConf – a successful event series that started in July 2017 in London and continued in Milan and Hamburg. It is a one day, community-focused, single track event centered on real-world Serverless based solutions. It is about fostering a community and helping all of us learn from each other as we embrace a new way of building applications.

ServerlessDays Auckland will be the first of its kind in the southern hemisphere and builds on the groundswell of serverless communities and meetups including Serverless Auckland by providing an event focused on the sharing of real-world experiences in an accessible environment.

More about the conference, schedule, associated organization and speakers information can be found here:

This was one of my best conferences so far and there is a reason behind this. I got the invitation when there were only 10 days left before the conference and obviously I need a visa to attend this event. As per the standard visa process, this takes 15 days max and that was my concern and I have shared with Andreas who is one of the organizers of this conference. I think he was quite confidently told me that, “Hey, Mehul we will make it. Don’t worry“. He has contacted the embassy and tell them a situation and they requested me to apply for the visa from here, and in next 2 days, I got the eVisa in my mailbox. This is one of the fastest processes I have ever seen. Big thanks to New Zealand embassy and Andreas Mueller.  That’s why I said that this is one of my best conferences because more than me the team have done more extra efforts to get me there. Thank you team #ServerlessDaysAKL 😀

The team has organized a speaker dinner before the conference. This is the best part I like because this is a chance for us to get together as a group for any last minute questions and updates. Obviously, we had some crazy topics over dinner and more fun.

Wow! Speaker Swag Pack 😍

Security is a big concern so I have given a talk about one next major shift in cloud computing is commonly known as “Serverless” or “Functions-as-a-Service” (FaaS).

But my idea is that at least participants go from here knowing two basic things;

  • What is serverless?
  • Why is serverless?

“Why manage something, if someone will manage it for us”

Serverless is the next step in the journey from physical hosting to software in the cloud. The most common definition is that it allows you to set up a piece of code to be executed as a reaction to an event. Here the term “serverless” doesn’t mean that the servers are no longer included. It simply means that developers no longer have to think “that much” about the servers anymore.

First, I gave a bit of background that Authentication and Authorization are two different processes.

This is the time when I’ve discovered Auth0, an Authentication as a Service. Using their JavaScript SDK you can able to offer social logins using Github, Facebook and much more from the web interface. At the time of writing it’s free for up to 7000 registered users and they offer a nice web interface to manage all users who signed up / logged in. More you can explore from here;

And later talked about JWT and why JWT is using these days a lot. To explain how JWT work, I’ve begun with an abstract definition.

A JSON Web Token (JWT) is a JSON object that is defined in RFC 7519 as a safe way to represent a set of information between two parties. The token is composed of a header, a payload, and a signature.

To show how and why JWT are actually used, we will use a simple 3 entity example (see the below diagram). The entities in this example are the user, the application server, and the authentication server. The authentication server will provide the JWT to the user. With the JWT, the user can then safely communicate with the application.

                                                     image Source: Medium

In this example, the user first signs into the authentication server using the authentication server’s login system (e.g. username and password, Facebook login, Google login, etc). The authentication server then creates the JWT and sends it to the user. When the user makes API calls to the application, the user passes the JWT along with the API call. In this setup, the application server would be configured to verify that the incoming JWT are created by the authentication server (the verification process will be explained in more detail later). So, when the user makes API calls with the attached JWT, the application can use the JWT to verify that the API call is coming from an authenticated user.

Some glimpses of #ServerlessDaysAKL 😎

             Kudos to all team members who organizing such an amazing conference.

Hope you enjoyed my blog! 🙂

 

Also published on Medium.

Leave a Reply

Your email address will not be published. Required fields are marked *