2026 - present [[featured]] [[in progress]]

auth-playground

Hands-on portfolio piece working through modern authentication mechanisms — sessions, JWT, OAuth, passkeys — paired with documented breakdowns of typical implementation pitfalls and engineering trade-offs. Svelte 5 frontend, Go backend.

GoSvelte 5TypeScriptTailwind CSS

# Context

Working through modern authentication patterns with an explicit focus on what goes wrong at the implementation layer. Each pattern — session cookies, JWTs, OAuth flows, passkeys — gets a working implementation and a documented threat model covering the typical pitfalls. Goal: build genuine understanding of auth attack surfaces, not just "how to use the library."

# Key Impact

  • · Per-pattern threat model and pitfall write-ups
  • · Working implementation of each pattern in Svelte + Go
  • · In active development
© 2026 nachtigall.dev
built with svelte 5 · sveltekit · tailwind v4 · self-hosted
imprint · privacy