Echo JS 0.11.0

One thing to consider as a second pass, would be to wrap this in a pool or queue that returns promises.  capture the worker, a resolve/reject and the on handlers use the captured handlers or throw.

This way you can do expensive processors as a limited pool of workers.  I've done similar to this with separate child_processes before.

While I appreciate Axios.. generally I'll just create a few simple wrappers around fetch for my API calls.

One piece not covered is bitwise shift, which is useful for setting flags in a clear way, for example.

    const LIST_FRACTION = 1 << 0; // (001)
    const LIST_UNIQUE = 1 << 1;   // (010)
    const LIST_SORTED = 1 << 2;   // (100)

Beyond that, you don't need to check against the flag, since a match will be non-zero (truthy)

    if (flag & LIST_UNIQUE) {}

I use Lighthouse built into chrome, but also use the WAVE and AXE extensions as well... they each have advantages/disadvantages over each other, with maybe 80% overlap.

Interesting... starred and need to remember to check this out later.

Submitted an issue suggesting a switch to github releases instead of dropbox.

Although deprecated, websql[1] is still very widely available.

[1] https://caniuse.com/#feat=sql-storage

Things you should put in your claims...

* token id
* real name
* account id
* email address
* user's roles/groups

example, here's a claims section from a devauth application I wrote.

    {
      jti: "GENERATED_UUID_FOR_THIS_TOKEN"
      iss: "https://AUTHENTICATION_SERVER/"
      aud: "https://APP_SERVER/", 
      iat: 1564526297, // Issued, seconds since unix epoch UTC
      exp: 1564569497 // Expires, seconds from unix epoch UTC
      sub: "USER_ID", 
      eml: "EMAIL_ADDRESS", 
      fnm: "FIRST", 
      lnm: "LAST",
      aff: ["AFFILIATION",...]
      rol: ["ADMIN",...]
      
    }

OMFG!!! Do *NOT* put passwords or any secrets in your claims... the JWT itself is *NOT* encrypted/secure, the payload is only base64 encoded, the signature only confirms authority.

    JSON.parse(atob(YOUR_TOKEN.split('.')[1]))

This is a *REALLY* bad example.

I'm not sure this offers much over any given test framework with mocha+chai+puppeteer (or jasmine2+puppeteer).

Have to agree with TFA... I really think hooks are a nice feature, and really necessary for more functional components... but they don't handle the problem of deep prop drilling or bubbling in general that Redux handles across an application, or portions of an app.