Why we need sessions

The classic Hypertext Transfer Protocol (HTTP) is a stateless tool. This means every request that is sent from a single client is interpreted by the Web server independently and is not related to any other request. There is no inbuilt mechanism for the server to remember a specific user from different multiple requests, which also makes it impossible for the server to know if each request originated from the same user.

HTTP Sessions

Session tracking enables you to track a user’s progress over multiple servlets or HTML pages, which, by nature, are stateless. A session is defined as a series of related…

Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live — John Woods

Writing clean code is not easy. It must be readable and maintainable. Writing clean code is not a process that we can achieve very quickly. It’s a continuous process, practically a daily effort. So let’s start…

1. Proper Naming

Naming is on of the most important aspect of coding. But somehow most of developers underestimate the importance of proper naming in the code. Developers spend most of their time reading code instead of writing. …

Memoization is speed optimization technique in programing, where a given function, you return a cached version of the output if the same inputs are used.

How re-render works in React ?

When the Virtual DOM gets updated, React compares it to to a previous snapshot of the Virtual DOM and then only updates what has changed in the real DOM. If nothing changed, the real DOM won’t be updated at all.

When does React re-render components?

  1. When a state changes.
  2. When a receiving prop changes.
  3. When its parent component re-render by default child will re-render.

Let’s do some coding…

Step-by-step guide to secure Rest API build with NestJs using Keycloak.

I am assuming you already have a JS frontend app or at least a HTTP client that perform the authentication against Keycloak and is in possession of a JWT and can pass in the header to your NestJS backend.

If you want to get an idea on how to secure ReactJS front-end using Keycloak and send the authenticated JWT from front-end to back-end, you can checkout my previous article Secure Front end (React.js) and Back end (Node.js/Express Rest API) with Keycloak


Keycloak is an open source Identity and Access…

Step-by-Step guide to secure application build with React front end and Node back end (Express Rest API) using Keycloak.


  1. User trying to login to the front-end application (React.js).
  2. User will be redirected to the Keycloak server for authentication.
  3. If authentication successful, Authenticated user will be redirected to the application. Meantime user will get a JWT (JSON Web Token).
  4. Unauthenticated user will be redirected to back to the keycloak login page.
  5. With the valid JWT, front-end can access back-end rest api (Node.js/Express.js) by sending the JWT along with the service request.
  6. Back-end will communicate with the Keycloak server to validate the…

Chamith Madusanka

Senior Full-Stack Engineer | Java | Spring boot | ReactJs | NodeJs | NestJs | Microservices | https://www.linkedin.com/in/chamith24/

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store