Search icon CANCEL
Subscription
0
Cart icon
Cart
Close icon
You have no products in your basket yet
Save more on your purchases!
Savings automatically calculated. No voucher code required
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletters
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering Node.js Web Development

You're reading from  Mastering Node.js Web Development

Product type Book
Published in Jun 2024
Publisher Packt
ISBN-13 9781804615072
Pages 778 pages
Edition 1st Edition
Languages
Author (1):
Adam Freeman Adam Freeman
Profile icon Adam Freeman
Toc

Table of Contents (26) Chapters close

1. Putting Node.js in Context
2. Getting Ready 3. Working with the Node.js Tools 4. JavaScript and TypeScript Primer 5. Understanding Node.js Concurrency 6. Handling HTTP Requests 7. Using Node.js Streams 8. Using Bundles and Content Security 9. Unit Testing and Debugging 10. Node.js in Detail
11. Creating the Example Project 12. Using HTML Templates 13. Handling Form Data 14. Using Databases 15. Using Sessions 16. Creating RESTful Web Services 17. Authenticating and Authorizing Requests 18. SportsStore
19. SportsStore: A Real Application 20. SportsStore: Navigation and Cart 21. SportsStore: Orders and Validation 22. SportsStore: Authentication 23. SportsStore: Administration 24. SportsStore: Deployment 25. Other Books You May Enjoy
26. Index

Summary

In this chapter, I demonstrated how users and requests can be authenticated, and how authentication data can be used to authorize access to application features:

  • Users present their credentials, whether using an HTML form or a JSON payload.
  • When credentials are validated, the client is sent a temporary token that can be used to authenticate subsequent requests.
  • The temporary authentication token can be a cookie (and a session cookie is often used) or a bearer token.
  • Authorization is usually performed through roles, which prevents you having to hardcode user permissions into the application. The relationship between users and roles is stored in a database, so it can be altered without releasing a new version of the application.
  • There are good open-source packages available for user and request authentication, but authorization is typically done using custom code.

In Part 3, I use the features described in Parts 1 and 2 of this book...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €14.99/month. Cancel anytime