How to implement a basic authentication system ? | Sololearn: Learn to code for FREE!
New course! Every coder should learn Generative AI!
Try a free lesson
+ 4

How to implement a basic authentication system ?

Consider the user has registered and the details are stored in database with salted password , now the user fills the form for log in , server checks if the new salted password compares to one in database for the username . Is this how it is done or is there more to it? I have read a lot about it like using jwt token and http cookie for passing details and security and session maintaining but no clear idea on how should i include them or if i should even care about it . Also consider the site doesn't have any payments or any sensitive data . It just allows more features access to those who are logged in (but might add payment in future)

javascriptnode.jsauthentication
9th Aug 2021, 11:17 AM
Abhay
Abhay - avatar
4 Answers
+ 8
Yes, and no. You described the registration and checking process correctly. After that you sent a token to the user so that they stay login during the session. The token is in the form of cookie. You then need to query database on contents for this authenticated user, and display contents accordingly. Http cookie is mean for the token to be stored. If your setting is that the token is reuseable, the user doesn't need to login again the next time they visit your site. If the user clear their cookies, token is lost and he'll need to login again. JWT is a tool for handling the token. It doesn't encrypt the password so you have to use encrypter yourself. You may choose to salt or not. Usually, for Node.js, we use passport.js, which you can consider as JWT with encryptions. A one-stop solution. Here is a tutorial about passport.js : https://youtu.be/F-sFp_AvHc8
9th Aug 2021, 11:42 AM
Gordon
Gordon - avatar
+ 4
Gordon ty ,that was very informative . I try to stay away from the libraries and understand how things work from scratch but i might look into passport .js , thks for the link.
9th Aug 2021, 12:19 PM
Abhay
Abhay - avatar
+ 4
Welcome. Good idea to learn the basic first. For JWT, Kyle has a tutorial : https://youtu.be/mbsmsi7l3r4 For even without JWT, he has another tutorial: https://youtu.be/Ud5xKCYQTjM In this video, he's encrypting and salting with brcrypt. No token. Just login everytime. After building the authentication, add middleware to routes to filter the contents, here is how to do it with middleware and modules : https://youtu.be/jI4K7L-LI58
9th Aug 2021, 4:10 PM
Gordon
Gordon - avatar
+ 1
Gordon thanks a lot!
13th Aug 2021, 11:32 AM
Abhay
Abhay - avatar

Often have questions like this?

Learn more efficiently, for free:

See all courses
Hot today
Android studio Tutorial
0 Votes
Why output is 0 for from_chars
2 Votes
Cyber security
0 Votes
i have error on line 29 please help
0 Votes
Personal chat
1 Votes
Bash
0 Votes
Why exception is not handled
1 Votes
Help
0 Votes
Error...
1 Votes
Link
5 Votes