Authentication¶
Intro to Auth (288)¶
- What tools are we using?
- Passport
- 480+ strategies (ways to log in an app)
- using FB, twitter, google, local etc.
- Passport Local
- login using username and password
- Passport Local Mongoose
- Walk through auth flow
- HTTP is a stateless protocol. When you send a HTTP request, the request is a one-time thing
and it doesn't contain your history or previous request that you've made
- We want the server know that user123 is still login
- Session allows us to have state in our HTTP requests
- Discuss sessions
Auth CodeAlong Part 1 (289)¶
- Set up folder structure
- [CLI] mkdir AuthDemo;npm init; touch app.js
- [CLI] mkdir views
- [CLI] mkdir models
- Install needed packages
- [CLI] npm install express ejs mongoose body-parser
- [CLI] npm install passport passport-local passport-local-mongoose express-session --save
- Add root route and template
- [CLI] touch views/home.ejs
- Add secret route and template
- [CLI] touch views/secret.ejs
Auth CodeAlong Part 2 (290)¶
- Create User model
[CLI] touch models/user.js
- Configure passport
Auth CodeAlong Part 3 (291)¶
- Add Register routes
- Add Register form
[CLI] touch views/register.ejs
Auth CodeAlong Part 4 (292)¶
- Add Login routes
- use Middleware (passport.authentication):
- it sits between the beginning of the route and the handler (callback) at the end
- it runs immediately
- Add Login form
[CLI] touch views/login.ejs
Auth CodeAlong Part 5 (293)¶
- Add Logout Route
- Add isLoggedIn middleware
- all middleware takes 3 parameters: req, res, next