15-July-2026
This version of my CV shows my technical background for making this Tech Blog and the Web Projects.
I am a Software Developer with passion for AI, Python, Django, FastAPI, Wagtail CMS, C#, .NET, Umbraco CMS, Java, Node.js, JavaScript, TypeScript, React, Vue.js, Angular, Webpack and Vite as well as other programming languages, tools and DevOps
Besides working with IT and Web Development, I have been working in other areas as well
IT Working experience
Higher education
Skills of languages
15-July-2026
A production-ready starter project showcasing secure JWT authentication with Refresh Token Rotation and Refresh Token Reuse Detection using HttpOnly cookies. It includes OpenAPI / Swagger, SQLAlchemy, Alembic, PostgreSQL, and is hosted on Vercel Cloud with Serverless Functions using a GitHub-based CI/CD workflow
The included Vue 3 SPA supports silent authentication, allowing users to stay signed in even after refreshing the browser
The project demonstrates how to build a secure REST API with FastAPI and PostgreSQL using modern JWT authentication, HTTPS, and automated database migrations
CI/CD is implemented with VS Code, GitHub, and Vercel Cloud
The Vue 3 SPA on GitHub15-July-2026
Python FastAPI and Vue Authentication Boilerplate Recommendations and Use Cases
Over time, I have built several FastAPI + Vue authentication projects, each introducing a different authentication strategy. The right choice depends on the security requirements, application type, and desired user experience.
1. HTTP Basic Authentication
Recommended for:
Internal tools, small APIs, admin dashboards, and simple authenticated services.
This is the simplest authentication approach in the series. It is easy to understand and implement, making it suitable for smaller applications where users authenticate directly with a username and password.
Good use cases:
Not recommended for:
2. JWT Authentication (Access Tokens)
Recommended for:
APIs and applications requiring stateless authentication.
This boilerplate introduces JWT-based authentication where users receive an access token after login. The token is then used to access protected API endpoints.
Good use cases:
Advantages:
Limitations:
3. JWT Refresh Token Renewal
Recommended for:
Single Page Applications and applications requiring longer user sessions.
This version introduces refresh tokens, allowing users to stay logged in after the short-lived access token expires.
Good use cases:
Advantages:
Limitations:
4. JWT Refresh Token Rotation
Recommended for:
Production applications requiring stronger session security.
Refresh token rotation improves security by replacing the refresh token every time it is used. Each refresh operation creates a new token pair.
Good use cases:
Advantages:
Limitations:
5. Refresh Token Reuse Detection (Without HTTP-only Cookies)
Recommended for:
Advanced authentication systems where refresh token attacks need to be detected.
This version adds detection of revoked refresh token reuse. If an old refresh token is used after rotation, the system can identify suspicious activity.
Good use cases:
Advantages:
Limitations:
6. Refresh Token Reuse Detection with HTTP-only Cookies
Recommended for:
Production-grade web applications with high security requirements.
This is the most advanced version in the series. It combines refresh token rotation, reuse detection, and HTTP-only cookies to reduce exposure of sensitive tokens in the browser.
Good use cases:
Advantages:
Considerations:
Suggested Default Choice
The final HTTP-only cookie version is the strongest foundation for most new web applications, while the earlier versions remain valuable as lightweight templates depending on project requirements...
Happy coding :-)
14-July-2026
A production-ready starter project showcasing secure JWT authentication with Refresh Token Rotation and Refresh Token Reuse Detection. It includes OpenAPI / Swagger, SQLAlchemy, Alembic, PostgreSQL, and is hosted on Vercel Cloud with Serverless Functions using a GitHub-based CI/CD workflow
The included Vue 3 SPA does not support silent authentication, and the users will also be logged out if refreshing the browser
The project demonstrates how to build a secure REST API with FastAPI and PostgreSQL using modern JWT authentication, HTTPS, and automated database migrations
CI/CD is implemented with VS Code, GitHub, and Vercel Cloud
The Vue SPA at GitHub14-July-2026
A production-ready starter project showcasing secure JWT authentication with Refresh Token Rotation. It includes OpenAPI / Swagger, SQLAlchemy, Alembic, PostgreSQL, and is hosted on Vercel Cloud with Serverless Functions using a GitHub-based CI/CD workflow
The included Vue 3 SPA does not support silent authentication, and the users will also be logged out if refreshing the browser
The project demonstrates how to build a secure REST API with FastAPI and PostgreSQL using modern JWT authentication, HTTPS, and automated database migrations
CI/CD is implemented with VS Code, GitHub, and Vercel Cloud
The Vue SPA at GitHub