At Wilco, we have always considered the continuous expansion of the Wilco catalog crucial to providing meaningful, sustained value for our users. Here are a few of our newest quests, focusing on authorization and access control:
Guardians of Authenticity
This quest takes Wilco users through the steps of implementing role-based authorization for a web marketplace. Understand how to protect specific pages, handle user roles in JWT, secure APIs for admins, and tailor API responses based on user roles.
JWT Jedi Master
In this quest, we invite our users to dive deep into JSON Web Tokens. Learn how to decode JWTs from user sessions, manage their expiration, handle request redirection on their expiration, and modify user flows based on JWT's authorization status.
Fixing Broken Access Controls
There’s an endpoint being exploited in our simulated web marketplace, and it’s up to our users to fix this problem. In this quest, they will identify the problem, discover the authorization issue leading to the exploitation, and fix broken access controls.