Authentication is a complex and exciting topic that involves using many of the concepts we've already studied as well as several new ideas.
An authentication system allows the registration / signup of new users and allows those users to sign in. It has to be able to identify each user and keep their information private and secure.
Being able to develop secure user login systems is in fact a whole career and life path in and of itself, but understanding the broad concepts of Auth is critically import for all developers.
Describing auth flow and understanding key terms are very common interview questions for junior developers, so lets take some time to research and understand auth and the related concepts.
Fork and clone this repository and answer the questions as you research directly in the README. You do not have to pull request and submit this lab, but you will want to have it on hand for reference in the future.
- Authentication
- Authorization
- Explain how authentication and authorization are related but distinct concepts.
- Sessions vs Token based auth
- json web token (also know as a jwt)
- Encoding, encryption and hashing along with the uses for and differences between the three
- oAuth (pronounced oh-Auth)
- bcrypt
- jsonwebtoken
- passport
- also describe what a strategy is in the context of this npm package
- All content is licensed under a CC-BY-NC-SA 4.0 license.
- All software code is licensed under GNU GPLv3. For commercial use or alternative licensing, please contact [email protected].