CSRF in Node.js for SPA/Next.js: How csurf Works and Best Practices
A practical guide to CSRF protection in cookie-auth apps, including csurf behavior, token flow, and a modern SPA/Next.js checklist.
Blog
I write occasionally about engineering lessons, experiments, and habits that help me ship better software.
Auth for Web and Mobile: Access + Refresh Token Best Practices
A practical guide to secure token storage, refresh flow, and production hardening for React/Next.js and mobile apps.
How I Approach Learning New Technologies
A practical note on how I learn fast without losing depth.