10.12.2018
Posted by Preston So
As we witnessed in the previous installment of Experience Express, selecting a robust mechanism for authenticating incoming requests is a key component of any decoupled Drupal decision-making process. After all, you cannot always necessarily predict the input sanitization features in place on consumers like JavaScript applications and native mobile applications. In the previous installment, we covered OAuth 2.0 Bearer Token authentication. Though JSON Web Tokens (…
18.10.2018
Posted by Preston So
Over the last few years, I have had the privilege of sharing insights and tutorials on decoupled Drupal, which was originally unknown territory with shifting sands but today is a widely adopted approach, including by some of Acquia's most influential customers. Nonetheless, the relative unavailability of developer-focused resources that are both authoritative and current has hindered architects' and developers' ability to evaluate and explore decoupled Drupal for…
11.10.2018
Posted by Preston So
Perhaps the most critical component of any decoupled Drupal architecture is a robust authentication mechanism that protects data transmitted between a Drupal site and API consumers like JavaScript applications and native mobile applications. While Drupal core makes available HTTP Basic Authentication and cookie-based authentication, both easy to use, neither of these approaches is sufficiently secure when it comes to best practices. Fortunately, the Drupal contributed…
04.10.2018
Posted by Preston So
Though there was no DrupalCon Europe this year, the European Drupal community stepped up and organized their own conference, Drupal Europe, in Darmstadt, Germany last month. An incredibly successful gathering held in the Darmstadtium venue, a beautiful convention center in the center of this college town, Drupal Europe demonstrated the unique power that grassroots initiatives can have in our open-source community. Drupal Europe came at a particularly important time in…