Securing your admin section

Now, it's time to secure the admin section so that only authorized users can log in.

An important thing to note here is that we will need to secure both the client-side admin section and also our server-side APIs, because it is relatively easy to bypass client-side validations.

We will start with securing our server-side code. ExpressJS comes with its own session management and encryption modules.

We will enable cookieParser in our app by adding the following line to our angcms/app.js file:

app.use(express.cookieParser('secret'));

Using bcrypt to encrypt passwords

To encrypt confidential data such as passwords, we will use a popular utility called bcrypt to hash the password before it is stored in the database.

Let's download ...

Get AngularJS Web Application Development Blueprints now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.