August 2014
Intermediate to advanced
300 pages
6h 9m
English
Now, it's time to secure the admin section so that only authorized users can log in.
An important thing to note here is that we will need to secure both the client-side admin section and also our server-side APIs, because it is relatively easy to bypass client-side validations.
We will start with securing our server-side code. ExpressJS comes with its own session management and encryption modules.
We will enable cookieParser in our app by adding the following line to our angcms/app.js file:
app.use(express.cookieParser('secret'));To encrypt confidential data such as passwords, we will use a popular utility called bcrypt to hash the password before it is stored in the database.
Let's download ...