-
New user registration
-
- Login and session tokens
- The
Authorization
header - Protected endpoints
- Logout
This week we are going to learn about one of the most common tasks for any multi user application - Authentication
. User authentication consists of new user registration, login, logout and identifying the currently logged in user in our API.
You may have noticed a common trend when visiting websites that require you to sign up:
- Registration - creating a new user
- Login - sending your credentials to enter the website.
- Accessing protected resources - getting access to a special place in the website that only you can access (ex: shopping card, profile page)
- Logout - Stop using the website.
We will learn how to implement user registration and securely store user passwords. We will also learn how to implement a login endpoint and check if the provided username / password combination is correct. Lastly, we will implement a special endpoint that can be only accessible to a user who previously logged in.
Lastly, it is time to learn how to automate the testing of our API's. This can be done in Postman using automated testsuites but we are going to do it using code, similar to unit testing learned in JavaScript. Have a look here on how to do that using the supertest library.
Are you finished with going through the materials? High five! If you feel ready to get practical, click here.