Authentication is one of the big parts of every application. Security is always something that is changing and evolving.
We’ll build a quick API using Node and Express and we’ll be using POSTman to test it.
The main workflow of this is that we will:
- Have unprotected and protected routes
- A user will authenticate by passing in a name and a password and get back a token
- The user will store this token on their client-side and send it for every request
- We will validate this token, and if all is good, pass back information in JSON format