You're reading from Mastering Node.js Web Development Go on a comprehensive journey from the fundamentals to advanced web development with Node.js

Product type Paperback

Published in Jun 2024

Publisher Packt

ISBN-13 9781804615072

Length 778 pages

Edition 1st Edition

Languages

Tools

Node.js

Concepts

Server Side Web Development

Author (1):

Adam Freeman

View More author details

Table of Contents (26) Chapters

1. Putting Node.js in Context FREE CHAPTER

2. Getting Ready

3. Working with the Node.js Tools

4. JavaScript and TypeScript Primer

5. Understanding Node.js Concurrency

6. Handling HTTP Requests

7. Using Node.js Streams

8. Using Bundles and Content Security

9. Unit Testing and Debugging

10. Node.js in Detail

11. Creating the Example Project

12. Using HTML Templates

13. Handling Form Data

14. Using Databases

15. Using Sessions

16. Creating RESTful Web Services

17. Authenticating and Authorizing Requests

18. SportsStore

19. SportsStore: A Real Application

20. SportsStore: Navigation and Cart

21. SportsStore: Orders and Validation

22. SportsStore: Authentication

23. SportsStore: Administration

24. SportsStore: Deployment

25. Other Books You May Enjoy

26. Index

Authenticating requests

The application can validate credentials, but that isn’t much use because there is currently no association between credentials sent to the /signin URL and any subsequent HTTP requests made by the browser.

This is the purpose of the temporary token that can be presented to the application to prove that the user has been through the credential validation process. Cookies are the most common way to solve this problem, either by creating a separate cookie or by associating authentication data with an existing session cookie, which is the approach I am going to take in this chapter because it is the simplest approach and takes advantage of session features, such as automatic inactivity expiration. Listing 15.10 uses a session to record successful authentication, and it defines middleware that detects the new session data and adds a user property to the request object:

Listing 15.10: Completing authentication in the index.ts file in the src/server...