Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering Node.js Web Development

You're reading from   Mastering Node.js Web Development Go on a comprehensive journey from the fundamentals to advanced web development with Node.js

Arrow left icon
Product type Paperback
Published in Jun 2024
Publisher Packt
ISBN-13 9781804615072
Length 778 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Adam Freeman Adam Freeman
Author Profile Icon Adam Freeman
Adam Freeman
Arrow right icon
View More author details
Toc

Table of Contents (26) Chapters Close

1. Putting Node.js in Context FREE CHAPTER
2. Getting Ready 3. Working with the Node.js Tools 4. JavaScript and TypeScript Primer 5. Understanding Node.js Concurrency 6. Handling HTTP Requests 7. Using Node.js Streams 8. Using Bundles and Content Security 9. Unit Testing and Debugging 10. Node.js in Detail
11. Creating the Example Project 12. Using HTML Templates 13. Handling Form Data 14. Using Databases 15. Using Sessions 16. Creating RESTful Web Services 17. Authenticating and Authorizing Requests 18. SportsStore
19. SportsStore: A Real Application 20. SportsStore: Navigation and Cart 21. SportsStore: Orders and Validation 22. SportsStore: Authentication 23. SportsStore: Administration 24. SportsStore: Deployment 25. Other Books You May Enjoy
26. Index

Authenticating requests

The application can validate credentials, but that isn’t much use because there is currently no association between credentials sent to the /signin URL and any subsequent HTTP requests made by the browser.

This is the purpose of the temporary token that can be presented to the application to prove that the user has been through the credential validation process. Cookies are the most common way to solve this problem, either by creating a separate cookie or by associating authentication data with an existing session cookie, which is the approach I am going to take in this chapter because it is the simplest approach and takes advantage of session features, such as automatic inactivity expiration. Listing 15.10 uses a session to record successful authentication, and it defines middleware that detects the new session data and adds a user property to the request object:

Listing 15.10: Completing authentication in the index.ts file in the src/server...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime