- What are authentication and authorization?
Authentication is a process in which a system verifies or identifies the incoming requests through credentials (generally a user ID and password). If the system finds that the provided credentials are wrong, then it notifies the user (generally via a message on the GUI screen) and terminates the authorization process.
Authorization always comes after authentication. This is a process that allows the authenticated user who raised the request to access resources or data after verifying that they have access to the specific resources or data
- Is it safe to use authentication at the first level of a request and then allow incoming requests for restricted areas?
This is not always safe. As developers, we should take all necessary steps to make our application more secure. After first a level request, the authentication, the system should also check resource-level permissions.
- How you will prove that authorization always comes after authentication?
In a simple scenario of a web application, it first validates the user by asking for login credentials and then authorizes the user as per role to access specific resource.
- What is Test-Driven Development and why do developers care about it?
Test-Driven Development is a way to make sure that code is tested; it is like testing code by writing code. TDD is also known as Red/Blue/Green concepts. Developers should follow it to make their code/program work without any error.
- Define TDD Katas. How does it help us to improve our TDD approach?
TDD Katas are small scenarios or problems that help to learn to code by practice. You can take the example of Fizz Buzz Kata, where developers should apply coding to learn and practice TDD. If you want to practice TDD Katas, refer to this repository: https://github.com/garora/TDD-Katas.