advanced · 4 weeks · Intensive cohort
Auth, Sessions & Secure Storage
¥72,000 (informational)
Walk through password hashing, refresh rotation, and CSRF mitigations. Labs use regional privacy expectations as discussion prompts, not legal advice.
What is included
- bcrypt/argon2 comparison lab
- Session store with Redis
- JWT access + refresh rotation
- OAuth 2.0 PKCE walkthrough
- CSRF token middleware
- Security headers checklist
- Threat modeling worksheet
Outcomes
- Ship auth flow with tests
- Document token lifetimes
- Present threat model in capstone review
Kenji Morita
Lead instructor — security-minded backend reviews.
FAQ
Reviews
“Refresh token rotation lab was tough but the mentor Loom walkthrough helped. Still reviewing CSRF notes before interviews.”
“We adopted the security headers checklist for our staging cluster.”