15 Authenticating and Authorizing Requests

Most projects need to restrict access to features; otherwise, anyone who knows an application’s URL can execute any operation. This is currently how the example application is set up: anyone who can request http://localhost:5000 will be able to store and delete data, regardless of who they are.

Authorization, often referred to as AuthZ, is the process of restricting access so that operations can only be performed by some users – known, naturally enough, as authorized users. Authentication, often referred to as AuthN, is the process of a user identifying themselves so that the application can determine whether the user is authorized for the operations they request. This chapter explains how Node.js applications ...

Get Mastering Node.js Web Development now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Mastering Node.js Web Development by Adam Freeman

15

Authenticating and Authorizing Requests

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly