Password Authentication
Learn about Hashing, Encryption, Encoding, and Obfuscation, how to implement usernames and passwords, and how to encrypt passwords.
StartKey Concepts
Review core concepts you need to learn to master this subject
Cryptography
Symmetric and Asymmetric Encryption
Hashing
Encoding
Obfuscation
Passport’s Local Strategy
Serializing & Deserializing Users with Passport
Logging In with passport-local
Cryptography
Cryptography
Cryptography is the process of encrypting and decrypting data in order to keep that data safe when storing or transmitting it.
Encryption is a way of hiding data by converting it to an encoded format.
Decryption is a way of revealing encrypted data by decoding it from its encoded format.
- 1Passport.js is a flexible authentication middleware for Node.js that can be added to any Express-based application. With Passport.js we can implement authentication using the concept of *strategies…
- 2One of the great things about using Passport.js is that a lot of the heavy lifting is taken care of by the module. In order to use it, we need to configure it and implement cookies and sessions for…
- 3With Passport configured, we can now set up the passport-local strategy for authenticating with a username and password. First, we can configure the local strategy by creating a new instance of it…
- 4If authentication succeeds, a session will be established and maintained via a cookie set in the user’s browser. However, if a user logs in and refreshes the page, the user data won’t persist acros…
- 5In this exercise, we’ll take a look at the endpoints to log in a user. In order to log in a user we first need a POST request that takes in user credentials. We can add passport middleware in orde…
- 6Let’s learn how to register a user without a database. In a real production environment, you should use a database, but we’ve simplified this example to focus on the creation of new users. Inste…
- 7Let’s use the createUser() helper function in our routes. We’ll add the logic to create users in a POST request to “/register”. Since we’re working with promises, we can create an asynchronous rou…
- 8Now, let’s take a look at how to log users out. Passport.js exposes a logout function within the request object: req.logout. The function can be called from any route handler in order to terminate …
What you'll create
Portfolio projects that showcase your new skills
How you'll master it
Stress-test your knowledge with quizzes that help commit syntax to memory