User Signup & Login
- How Authentication Works In React Apps
- Implementing User Authentication
- Adding Authentication Persistence & Auto-Logout
Authentication is needed if content should be protected
i.e., if content should not be accessible by everyone
How Does Authentication Work?
Client and server can’t just exchange a “Yes”
Any client could simply send a request to our backend that “tells” the backend that we previously were granted access
Server-side Sessions
- Store unique identifier on server, send same identifier to client
- Client sends identifier along with requests to protected resources
- Server can then check if the identifier is valid (= previously issued by server to client)
Authentication Tokens
- Create (but not store) “permission” token on server & send it to the client
- Client attaches token to future requests for protected resources
- Server can then verify the attached token