Securing your admin section

Now, it's time to secure the admin section so that only authorized users can log in.

An important thing to note here is that we will need to secure both the client-side admin section and also our server-side APIs, because it is relatively easy to bypass client-side validations.

We will start with securing our server-side code. ExpressJS comes with its own session management and encryption modules.

We will enable cookieParser in our app by adding the following line to our angcms/app.js file:

app.use(express.cookieParser('secret'));

Using bcrypt to encrypt passwords

To encrypt confidential data such as passwords, we will use a popular utility called bcrypt to hash the password before it is stored in the database.

Let's download ...

Get AngularJS Web Application Development Blueprints now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.