August 2025
Intermediate to advanced
372 pages
8h 31m
English
Content preview from Node.js Projects
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 10. App Authentication
This chapter covers the following:
-
Designing login authentication logic
-
Using the Passport.js library to authenticate users and manage session or token-based strategies
-
Using JSON web tokens to authenticate across APIs
In this chapter, you’ll build authentication logic for a Node application. No matter the type of core application you decide to build, user authentication remains a vital component in securing your application data. With the expansion of the accessibility and availability of the internet, so too have applications become more vulnerable to attacks.
Applications have come a long way from verifying your identity via an email address and plain-text password. Most have implemented basic encryption or a hashing function to save only jumbled text versions of your passwords. Others have taken security to a new level with multifactor authentication (MFA), ensuring that a user may only log in with their password if they also verify their account with an additional code sent to their phone or email.
Each year, the tech community faces new user security and authentication problems, with many companies investing in dedicated teams to solve them. Luckily, most businesses have a mutual interest in protecting their clients’ account data, resulting in industry standards for creating new accounts and processing incoming requests. These best practices are extended beyond the standard web page to mobile clients and Application Programming Interfaces ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.