Tópicos em JavaScript

Prévia do material em texto

<p>Tópicos gerais em JavaScript</p><p>0. Parâmetros req e res dos métodos HTTP</p><p>https://programandosolucoes.dev.br/2021/04/06/req-e-res-express/#:~:text=E%20o%20req%20e%20res,para%20quem%20fez%20a%20solicita%C3%A7%C3%A3o.</p><p>0. O que são as APIs</p><p>https://www.youtube.com/watch?v=vGuqKIRWosk</p><p>https://www.youtube.com/watch?v=3LHSyha0xN0</p><p>0. Middlewares, etapas intermediárias da API que ficam entre o usuário e a interface final</p><p>https://www.youtube.com/watch?v=3LHSyha0xN0</p><p>https://www.youtube.com/watch?v=CIAAMOGiVXc</p><p>0. Introdução ao NodeJS</p><p>https://www.youtube.com/watch?v=GKR6uSvEj8w</p><p>https://www.youtube.com/watch?v=vYekSMBCCiM</p><p>https://www.devmedia.com.br/guia/node-js/40312#:~:text=js%20%C3%A9%20uma%20tecnologia%20usada,JavaScript%20fornecido%20pelo%20pr%C3%B3prio%20Node.</p><p>0. O que são os pacotes em JS</p><p>https://cleverbeagle.com/blog/articles/what-are-javascript-packages-and-dependencies</p><p>0. Diferença entre um servidor tradicional e o servidor com NodeJS</p><p>https://www.opus-software.com.br/node-js/</p><p>0. Servidor tradicional mult-tread vs servidor nodeJS single tread não bloqueante</p><p>https://www.youtube.com/watch?v=vYekSMBCCiM</p><p>0. Principais rotas HTTP</p><p>https://www.treinaweb.com.br/blog/criando-rotas-com-express-js</p><p>https://www.treinaweb.com.br/blog/o-que-e-http-request-get-post-response-200-404</p><p>0. Principais status do protocolo HTTP</p><p>https://httpstatusdogs.com/</p><p>0. Porque não deletar dados usando GET ?</p><p>https://stackoverflow.com/questions/28566935/delete-operation-in-get-rest-service#:~:text=As%20per%20the%20REST%20design,delete%20operation%20in%20GET%20call.</p><p>0. Utilizando o pacote overide para utilizar o PUT e DELETE nos forms html5 sobrescrevendo o POST por PUT ou DELETE</p><p>https://dev.to/moz5691/method-override-for-put-and-delete-in-html-3fp2#:~:text=Browsers%20do%20support%20PUT%20and,supported%20by%20'HTML%20form'.</p><p>0. Porque o PUT e o DELETE não está implementado no HTML ?</p><p>https://softwareengineering.stackexchange.com/questions/114156/why-are-there-no-put-and-delete-methods-on-html-forms</p><p>0. Introdução ao Nodemon</p><p>https://www.youtube.com/watch?v=LscE7X8RcVs</p><p>0. Utilizando o comando npx do node para executar uma lib e em seguida excluí-la, útil para quando desejamos executar uma lib apenas uma vez</p><p>https://blog.rocketseat.com.br/conhecendo-o-npx-executor-de-pacote-do-npm/</p><p>0. Introdução às templates engines e HTML dinâmico</p><p>https://www.treinaweb.com.br/blog/o-que-e-template-engine</p><p>https://medium.com/@gabifernandes_74906/template-engine-como-deixar-seu-html-din%C3%A2mico-com-nunjucks-d914806e1b07</p><p>0. Entendendo algumas configurações do nunjucks</p><p>https://www.youtube.com/watch?v=-2a_oJvK06E&t=192s</p><p>0. Estrutura de pastas padrão para aplicações nodeJS</p><p>https://vizir.com.br/2016/06/como-estruturar-uma-aplicacao-node-js/#:~:text=Aplica%C3%A7%C3%B5es%20Node.,deixa%20programadores%20pouco%20experientes%20perdidos.</p><p>https://medium.com/@stroklabs/como-organizar-e-estruturar-projetos-com-node-js-4845be004899</p><p>https://www.youtube.com/watch?v=lVV2ecw2QKs</p><p>https://walde.co/2016/10/24/estrutura-de-diretorios-e-arquivos-em-projetos-node-js/</p><p>0. Método require() e Module.exports em nodeJS</p><p>https://medium.com/@jonathanjuliani/nodejs-require-exports-module-exports-entenda-de-vez-9297dcd5654f</p><p>0. Função do autoescape :false no nunjucks faz com que um html dentro de "" seja reconhecido como html em vez de apenas uma string com informações de html</p><p>https://mozilla.github.io/nunjucks/api.html#autoescaping</p><p>0. Require de arquivos js fora do diretório local</p><p>https://stackoverflow.com/questions/42163049/node-js-require-from-parent-folder</p><p>0. Principais métodos HTTP utilizados</p><p>https://medium.com/@renejr03/m%C3%A9todos-http-quais-s%C3%A3o-e-qual-a-funcionalidade-deles-491b1cc5d5b4</p><p>https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html#sec9.5</p><p>0. O que são as query strings</p><p>https://www.youtube.com/watch?v=wzG6ELTfGC0</p><p>0. Porque utilizar o método router() do express</p><p>https://stackoverflow.com/questions/28305120/differences-between-express-router-and-app-get#:~:text=get()%20%2C%20are%20sufficient%20for,create%20modular%20mountable%20route%20handlers.</p><p>0. Introdução ao browser-sync, pacote node que permite o navegador atualizar a página após alguma mudança nos arquivos estáticos ou dinâmicos do servidor</p><p>https://imasters.com.br/desenvolvimento/economize-tempo-ao-testar-suas-paginas-web-com-o-browser-sync</p><p>0. Lógica dos arquivos estáticos e dinâmicos no express</p><p>https://www.youtube.com/watch?v=p_3ok1TuP8c</p><p>https://expressjs.com/en/starter/static-files.html</p><p>https://stackoverflow.com/questions/28918845/what-exactly-does-serving-static-files-mean</p><p>https://www.stackpath.com/edge-academy/what-is-static-content/#:~:text=Definition,to%20transmit%20over%20the%20Internet.</p><p>0. Diferença entre acessar os arquivos através de ./, ../ e sem nada.</p><p>https://stackoverflow-com.translate.goog/questions/71353431/cant-load-css-into-express-view-using-a-router?_x_tr_sl=en&_x_tr_tl=pt&_x_tr_hl=pt-BR&_x_tr_pto=sc</p><p>https://www.codegrepper.com/code-examples/html/html+root+path</p><p>https://stackoverflow.com/questions/5713295/specify-a-root-path-of-your-html-directory-for-script-links</p><p>0. Explicação da dinâmica entre cliente e server</p><p>https://developer.mozilla.org/en-US/docs/Learn/Forms/Sending_and_retrieving_form_data</p><p>0. Principais diferenças entre GET e POST</p><p>https://www.guru99.com/difference-get-post-http.htmlq</p><p>0. Singnificado de URLEncoded e server.use(express.urlEncoded({extended:true}))</p><p>https://pt.stackoverflow.com/questions/402275/o-que-significa-na-pr%C3%A1tica-o-urlencoded-do-expressjs</p><p>0. Módulo fs(file system) do nodeJS</p><p>https://nodejs.reativa.dev/0046-node-module-fs/index</p><p>0. Alterativa ao uso do fs.writeFile(), createWriteStream</p><p>https://www.makeuseof.com/node-write-files-learn/</p><p>0. Diferenças entre require(), readFile e readFileSync na leitura de arquivos no Nodejs</p><p>https://stackabuse.com/reading-and-writing-json-files-with-node-js/</p><p>0. Diferença entre req.query e req.params quando estamos filtrando ou entrando em subseções</p><p>https://cursos.alura.com.br/forum/topico-req-params-vs-req-query-159212</p><p>https://coursework.vschool.io/express-params-and-query/</p><p>0. Comando –save no nodeJS quando estamos utilizando npm</p><p>https://www.geeksforgeeks.org/what-is-the-meaning-of-save-for-npm-install/#:~:text=%E2%80%93save%20or%20%2DS%3A%20When,will%20not%20give%20desired%20results.</p><p>0. Algumas diferenças entre a biblioteca querystring e qs, utilizadas no parâmetro extended:true || false do express.urlencoded({}), essa opção urlencoded vem do body-parser que é um decodificador do body de requisições post para transformar em arrays/objetos. O Express hoje em dia já tem essa biblioteca junto as suas dependências.</p><p>https://velog.io/@omago123/qs-library-vs-querystring-library</p><p>0. Documentações do method override</p><p>htps://github.com/expressjs/method-override</p><p>https://www.npmjs.com/package/method-override</p><p>https://levelup.gitconnected.com/using-the-method-override-express-middleware-3853a115a5ca</p><p>0. Gringo explicando as possbilidades de utilizar o method override</p><p>https://www.youtube.com/watch?v=wlx5uOH2t5s</p><p>0. Explicando o ambiente de execução do NodeJS</p><p>PARTE 1: https://imasters.com.br/front-end/node-js-v8-single-thread-e-io-nao-bloqueante</p><p>PARTE 2: https://imasters.com.br/front-end/node-js-o-que-e-esse-event-loop-afinal</p><p>0. Todos os status HTTP</p><p>https://umbraco.com/knowledge-base/http-status-codes/</p><p>0. O que significa Origem quando falamos de request e reponse em protocolo http</p><p>https://developer.mozilla.org/en-US/docs/Glossary/Origin</p><p>0. Entendendo o que são cookies e como podem ser usados para rastreamento, controle de sessão e autenticação de usuário.</p><p>https://www.valentinog.com/blog/cookies/</p><p>https://medium.com/codex/sessions-tokens-and-cookies-2fcae32bb7a3</p><p>https://medium.com/bits-n-pieces/how-do-cookies-work-e0937158e852</p><p>https://www.cookieyes.com/blog/session-cookies/</p><p>https://computer.howstuffworks.com/cookie5.htm</p><p>0. Controle de sessão por cookies</p><p>https://help.hcltechsw.com/commerce/9.1.0/admin/concepts/csesmsession_mgmt_cookies.html#:~:text=The%20cookie%20allows%20the%20server,has%20performance%20benefits%20over%20alternatives.</p><p>0. localStorage para armazenar dados que são persistidos mesmo após a janela do navegador ser fechada, principalmente para salvar cookies com informações sobre a interação com o site e preferências</p><p>https://blog.logrocket.com/localstorage-javascript-complete-guide/#:~:text=localStorage%20in%20JavaScript.-,What%20is%20localStorage%20in%20JavaScript%3F,the%20browser%20window%20is%20closed.</p><p>0. Controle de sessão com cookies vs JWT, duas abordagens diferentes para gerenciar a sessão do usuário.</p><p>https://medium.com/@prashantramnyc/difference-between-session-cookies-vs-jwt-json-web-tokens-for-session-management-4be67d2f066e</p><p>https://sherryhsu.medium.com/session-vs-token-based-authentication-11a6c5ac45e4</p><p>0. Cookies vs sessionStorage vs localStorage</p><p>https://stackoverflow.com/questions/19867599/what-is-the-difference-between-localstorage-sessionstorage-session-and-cookies</p><p>https://krishankantsinghal.medium.com/local-storage-vs-session-storage-vs-cookie-22655ff75a8</p><p>0. Um pouco sobre JWT de suas vulnerabilidades</p><p>https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/</p><p>https://www.youtube.com/watch?v=sHyoMWnnLGU</p><p>https://www.youtube.com/watch?v=KFNGgc34UXE</p><p>0. Usando json web tokens em um projeto</p><p>https://www.youtube.com/watch?v=YuL5jSXsf3E</p><p>0. Um pouco o objeto global process do nodeJS</p><p>https://www.freecodecamp.org/news/node-process-object-explained/</p><p>0. Entendendo o CORS (política de compartilhamento de recursos de origem cruzada)</p><p>[PARTE1]https://medium.com/@alexandremjacques/entendendo-o-cors-parte-8331d0a777e1</p><p>[PARTE2]https://medium.com/@alexandremjacques/entendendo-o-cors-parte-2-e4172d6da206</p><p>https://javascript.info/fetch-crossorigin#:~:text=To%20send%20credentials%20in%20fetch,with%20request%20to%20that%20site.</p><p>https://www.youtube.com/watch?v=VZI1I3c6a2g</p><p>0. Aula sobre CORS [50 min]</p><p>https://www.youtube.com/watch?v=t5FBwq-kudw</p><p>0. Access-Control-Allow-Headers, como utilizar</p><p>https://www.holisticseo.digital/technical-seo/http-header/cors/access-control-allow-headers/</p><p>0. Access-Control-Allow-Methods, como utilizar</p><p>https://www.holisticseo.digital/technical-seo/http-header/cors/access-control-allow-methods/</p><p>0. Lidando com diferentes tipos de dados quando enviamos para o backend em um post fetch (ex: JSON, htmlFormData, querystrings, Blob, etc)</p><p>https://jakearchibald.com/2021/encoding-data-for-post-requests/</p><p>0. Entendendo o funcionamento do cache e seus parâmetros</p><p>https://developer.mozilla.org/en-US/docs/Web/HTTP/Caching#fresh_and_stale_based_on_age</p><p>https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control</p><p>https://www.freecodecamp.org/news/an-in-depth-introduction-to-http-caching-cache-control-vary/</p><p>0. Diferença entre from disk cache and from memory cache</p><p>https://ourtechroom.com/tech/chrome-memory-cache-vs-disk-cache/</p><p>0. Explicando etag</p><p>https://developer.mozilla.org/pt-BR/docs/Web/HTTP/Headers/ETag</p><p>https://stackoverflow.com/questions/24542959/how-does-a-etag-work-in-expressjs</p><p>0. ExpressJS and Http lib, entendendo as diferenças</p><p>https://medium.com/gitconnected/what-is-the-difference-between-the-node-http-library-express-and-nestjs-df6a11ca0e48</p><p>https://evanhahn.com/understanding-express/</p><p>0. Boas prática para APIs REST</p><p>https://www.freecodecamp.org/news/rest-api-best-practices-rest-endpoint-design-examples/</p><p>https://learn.microsoft.com/en-us/azure/architecture/best-practices/api-design</p><p>0. PM2 para gerenciamento de processos para deploy, substitui o nodemon em ambiente de produção</p><p>https://ifelse.io/2015/09/02/running-node.js-apps-in-production/</p><p>https://blog.appsignal.com/2022/03/09/a-complete-guide-to-nodejs-process-management-with-pm2.html</p><p>0. Biblioteca bcrypt para geração de hashs de senha</p><p>https://sebhastian.com/bcrypt-node/#:~:text=The%20bcrypt%20npm%20package%20is,t%20be%20reversed%20once%20done.</p><p>https://blog.logrocket.com/password-hashing-node-js-bcrypt/</p><p>0. Explicação sobre a segurança do bcrypt</p><p>https://medium.com/@valevpn/what-is-bcrypt-and-how-does-it-work-bef43ee8762d</p><p>0. Como funciona o salt no bcrypt</p><p>https://stackoverflow.com/questions/46693430/what-are-salt-rounds-and-how-are-salts-stored-in-bcrypt</p><p>https://www.youtube.com/watch?v=ro1WmoP4CZs</p><p>0. Como o fator de trabalho influencia a geração do hash</p><p>0. Variáveis de ambiente em NodeJS</p><p>https://www.freecodecamp.org/news/heres-how-you-can-actually-use-node-environment-variables-8fdf98f53a0a/#:~:text=You%20just%20create%20a%20new,in%20there%20on%20different%20lines.&text=To%20read%20these%20values%2C%20there,the%20dotenv%20package%20from%20npm.&text=Then%20you%20just%20require%20that,need%20to%20use%20environment%20variables.</p><p>https://medium.com/chingu/an-introduction-to-environment-variables-and-how-to-use-them-f602f66d15fa#:~:text=An%20environment%20variable%20is%20a,at%20a%20point%20in%20time.</p><p>0. Entendendo a propriedade same-site dos cookies</p><p>https://stackoverflow.com/questions/59990864/what-is-the-difference-between-samesite-lax-and-samesite-strict</p><p>https://web.dev/samesite-cookies-explained/</p><p>0. Entendendo proxy e proxy reverso</p><p>https://www.upguard.com/blog/proxy-server#:~:text=A%20proxy%20server%20is%20an,malicious%20activity%20on%20the%20internet.</p><p>https://www.youtube.com/watch?v=j9-Y0KWVJ1k</p><p>https://medium.com/consonance/proxies-an-in-depth-intro-4bb569326a34</p><p>https://www.youtube.com/watch?v=4NB0NDtOwIQ</p><p>0. API Gateway</p><p>https://medium.easyread.co/api-gateway-part-1-7901ba703f9</p><p>https://medium.easyread.co/api-gateway-part-2-7264ee5be187</p><p>https://medium.com/geekculture/system-design-basics-api-gateway-6e3387698f92</p><p>0. API gateway, proxy reverso e balanceador de carga</p><p>https://traefik.io/blog/reverse-proxy-vs-ingress-controller-vs-api-gateway/</p><p>https://medium.com/geekculture/load-balancer-vs-reverse-proxy-vs-api-gateway-e9ec5809180c</p><p>0. BLOBs em javascript</p><p>https://developer.mozilla.org/en-US/docs/Web/API/Blob</p><p>https://javascript.plainenglish.io/javascript-blob-why-is-it-useful-20c372dfca00</p><p>https://javascript.info/blob</p><p>0. Web-sockets</p><p>https://www.wallarm.com/what/a-simple-explanation-of-what-a-websocket-is</p><p>https://sookocheff.com/post/networking/how-do-websockets-work/</p><p>https://hpbn.co/websocket/</p><p>0. Streaming de dados</p><p>https://vercel.com/blog/an-introduction-to-streaming-on-the-web</p><p>https://developer.mozilla.org/en-US/docs/Web/API/Streams_API</p><p>0. Webhooks, websockets, SSE, http streaming e polling</p><p>https://medium.com/platform-engineer/web-api-design-35df8167460</p><p>0. Entendendo como funciona os diferentes tipos de polling</p><p>https://levelup.gitconnected.com/understand-and-implement-long-polling-and-short-polling-in-node-js-94334d2233f3</p><p>0. Long-polling e web-sockets</p><p>https://dev.to/kevburnsjr/websockets-vs-long-polling-3a0o</p><p>https://pt.stackoverflow.com/questions/166690/diferen%C3%A7a-entre-requisi%C3%A7%C3%A3o-resposta-normal-long-polling-websockets-webrtc-e-s</p><p>https://stackoverflow.com/questions/21057882/whats-the-main-difference-between-bidirectional-and-directional-sockets</p><p>0. Tokens/cookies em ataques CSRF</p><p>https://www.invicti.com/blog/web-security/same-site-cookie-attribute-prevent-cross-site-request-forgery/</p><p>https://www.linkedin.com/advice/0/what-best-practices-storing-sending-jwt-tokens</p><p>https://indepth.dev/posts/1382/localstorage-vs-cookies</p><p>https://www.youtube.com/watch?v=BnN3TQOG5-g</p><p>https://www.youtube.com/watch?v=V03_7CphtHE</p><p>0. Principais cabeçalhos utilizados nas respostas http para aumentar a segurança</p><p>https://github.com/helmetjs/helmet#content-security-policy</p><p>[Content-Security-Policy]: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP</p><p>https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy</p><p>[Cross-Origin-Opener-Policy]:</p><p>https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy</p><p>https://web.dev/why-coop-coep/#:~:text=Cross%20Origin%20Opener%20Policy%20(COOP,pop-up%2C%20its%20window.</p><p>[Cross-Origin-Resource-Policy]:</p><p>https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Resource-Policy</p><p>https://resourcepolicy.fyi/</p><p>https://security.stackexchange.com/questions/262404/security-headers-access-control-allow-origin-vs-cross-origin-resource-policy</p><p>https://www.youtube.com/watch?v=Phmt8UrofDY</p><p>[Origin-Agent-Cluster]:</p><p>https://web.dev/origin-agent-cluster/#:~:text=Origin%2DAgent%2DCluster%20is%20a,such%20as%20a%20dedicated%20process.</p><p>[Referrer-Policy]:</p><p>https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referer</p><p>https://en.wikipedia.org/wiki/HTTP_referer</p><p>https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referer</p><p>[Strict-Transport-Security]:</p><p>https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security</p><p>https://hstspreload.org/</p><p>[X-Content-Type-Options]:</p><p>https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options</p><p>https://www.keycdn.com/support/what-is-mime-sniffing#:~:text=Attackers%20can%20use%20MIME%20sniffing,on%20behalf%20of%20the%20user.</p><p>https://www.coalfire.com/the-coalfire-blog/mime-sniffing-in-browsers-and-the-security</p><p>https://www.youtube.com/watch?v=eq6R6dxRuiU</p><p>[X-DNS-Prefetch-Control]:</p><p>https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control</p><p>https://security.stackexchange.com/questions/121796/what-security-implications-does-dns-prefetching-have</p><p>https://blog.compass-security.com/2016/10/bypassing-content-security-policy-with-dns-prefetching/</p><p>[X-Download-Options]:</p><p>https://learn.microsoft.com/en-us/archive/blogs/ie/ie8-security-part-v-comprehensive-protection</p><p>[X-Frame-Options]:</p><p>https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options</p><p>https://cheatsheetseries.owasp.org/cheatsheets/Clickjacking_Defense_Cheat_Sheet.html</p><p>https://www.invicti.com/blog/web-security/same-site-cookie-attribute-prevent-cross-site-request-forgery/</p><p>0. Loop de eventos do node e como ele gerencia múltiplas chamadas sendo thread único</p><p>https://medium.com/agileactors/a-look-inside-the-node-js-runtime-dd13c2452c84</p><p>https://nodejs.org/en/docs/guides/blocking-vs-non-blocking</p><p>https://nodejs.org/en/docs/guides/event-loop-timers-and-nexttick</p><p>https://stackoverflow.com/questions/50213125/why-setimmediate-always-run-before-settimeout-in-a-i-o-callback-nodejs</p><p>https://stackoverflow.com/questions/34855352/how-in-general-does-node-js-handle-10-000-concurrent-requests</p><p>https://medium.com/@kumuthini.program/how-does-nodejs-handle-multiple-requests-97a2b094e762#:~:text=Multiple%20clients%20make%20multiple%20requests,This%20EventLoop%20is%20single%20threaded.</p><p>0. Bibliotecas de logging e registro para nodejs</p><p>https://hackernoon.com/the-10-best-nodejs-logging-libraries</p><p>https://www.highlight.io/blog/nodejs-logging-libraries</p><p>https://reflectoring.io/node-logging-winston/</p><p>https://blog.appsignal.com/2021/09/01/best-practices-for-logging-in-nodejs.html</p><p>0. Padrão singleton no sistema de módulos do nodejs</p><p>https://medium.com/@lazlojuly/are-node-js-modules-singletons-764ae97519af</p><p>0. Objetos Javascript e documentos de bancos NoSQL (BSON e JSON também)</p><p>https://www.mongodb.com/json-and-bson</p><p>https://www.mongodb.com/document-databases</p><p>0. Transações ACID (operações que afetam vários documentos e uma depende do sucesso da outra ) e sua implementação no mongodb</p><p>https://www.mongodb.com/basics/acid-transactions</p><p>https://www.mongodb.com/developer/languages/javascript/node-transactions-3-3-2/</p><p>0. Versionamento semântico nos pacotes nodejs, e os caracteres ~, ^ e *</p><p>https://gunnariauvinen.com/posts/what-do-the-tilde-carrot-and-asterick-mean-in-package-dot-json/</p><p>https://semver.org/</p><p>https://datatracker.ietf.org/doc/html/rfc2119</p><p>0. Authorization header</p><p>https://compile7.org/decompile/authorization-request-headers-explained/</p><p>https://stackoverflow.com/questions/69494662/x-auth-token-vs-x-access-token-vs-authorization-in-jwt</p><p>https://stackoverflow.com/questions/33265812/best-http-authorization-header-type-for-jwt/33281233#33281233</p><p>0. npm install e npm ci</p><p>https://www.youtube.com/watch?v=jHkIXYVpMTo</p><p>https://support.deploybot.com/article/131-why-developers-should-use-npm-ci-instead-of-npm-install-and-its-benefits#:~:text=What%20is%20npm%20ci%20%3F&text=npm%20ci%20is%20a%20command,json%20file.</p><p>0. Refresh tokens vs access tokens, e como influenciam na a experiência do usuário com serviços de terceiros, além de prover uma camada adicional de segurança</p><p>https://stackoverflow.com/questions/38986005/what-is-the-purpose-of-a-refresh-token</p><p>0. OAuth 2.0</p><p>https://darutk.medium.com/diagrams-and-movies-of-all-the-oauth-2-0-flows-194f3c3ade85</p><p>https://www.youtube.com/watch?v=guvhHTyyAUo</p><p>https://www.youtube.com/watch?v=h_1JAh3JPkI</p><p>https://kinde.com/guides/authentication/protocols/oauth-flows-explained/</p><p>https://www.authlete.com/developers/pkce/#2-pkce-authorization-request</p><p>https://www.quora.com/Why-does-OAuth-server-return-a-authorization-code-instead-of-access-token-in-the-first-step#:~:text=OAuth%20server%20returns%20an%20authorization,used%20to%20access%20protected%20resources.</p><p>https://stackoverflow.com/questions/13387698/why-is-there-an-authorization-code-flow-in-oauth2-when-implicit-flow-works-s</p><p>https://stackoverflow.com/questions/25765619/how-exactly-hash-fragment-based-security-works</p><p>https://datatracker.ietf.org/doc/html/rfc7636</p><p>0. A arquitetura non-block event-driven e blocking em diferentes linguagens</p><p>https://www.toptal.com/back-end/server-side-io-performance-node-php-java-go</p><p>https://stackoverflow.com/questions/63224356/is-node-js-considered-multithreading-with-worker-threads</p><p>https://dev.to/ocodista/profundezas-do-nodejs-explorando-io-assincrono-mim</p>