Adding authentication
In the previous chapter, we added the capability of creating new users to our application. This, by itself, is a cool feature, but it's not worth much if we can't use it for authentication. That's what we'll do here.
We'll start by creating the logic that checks whether a username and password combination is correct, and then we'll implement an endpoint to do that.
After this, we'll transition into the authorization topic by returning a token from the login endpoint, and later using that token to check if a user is authenticated.
Let's go step by step, starting with the business logic and persistency layer.
Creating the login business logic
It's already a practice of ours to, when writing new functionality, start with the business logic. We believe this is intuitive, as you think "business" and user first, and only then proceed into the technical details. That's what we'll do here...