Brian Noyes is CTO and Co-founder at Solliance (www.solliance.net), an expert technology solutions development company. Brian is a Microsoft Regional Director, Microsoft MVP, and Pluralsight author. Brian specializes in Web, Desktop, and Mobile full-stack architecture and Microsoft Azure services. He is a frequent top rated speaker at developer conferences worldwide, including DevReach, Techorama, VSLive!, DEVIntersection and others. Brian has authored several books including Developer’s Guide to Microsoft Prism 4, Data Binding with Windows Forms 2.0, and Smart Client Deployment with ClickOnce. Brian has a series of technical courses available at Pluralsight covering a wide range of Modern Web, Desktop, and Web Services technologies. Brian got started programming as a hobby while flying F-14 Tomcats in the U.S. Navy, later turning his passion for software into his current career.
Session: Securing Angular Apps
One topic often pushed to the side when talking about Angular apps is security. The short answer is ”you can’t secure the client side”. However, the reality is you still need to secure your application as a whole. In this session you will learn about what you can and can’t do with security in Angular, and how you can protect the application as a whole with a combination of securing the files that compose your application, providing a good user experience for login and authorization in your client side app, and securing the Web API calls that your Angular app depends on to access the sensitive parts of your application – the data. You’ll also learn about other aspects of security that the client side has to participate in, including CSRF/XSRF, XSS, and CORS. You’ll learn all this primarily in the context of using ASP.NET for your back end, and you’ll see how to leverage Angular constructs such as guards, service components and HttpClient interceptors to get your auth token added to your back end calls.