Securing Modern Web Apps: Password Hashing, RBAC, OAuth 2.0, and OpenID Connect Explained
Securing Modern Web Apps: Password Hashing, RBAC, OAuth 2.0, and OpenID Connect Explained TL;DR: Authentication and authorization are distinct problems, and solving them well requires different tools

