[L] Access control

Presenting how the session is used with Express and how it can be used to implement a feature of flash messages.

Showing how authentication can be done using HTML forms and checking user and passwords which are hashed using a bcrypt algorithm. The details on a loggedin user is stored in the session

Practice & learn more

To learn more you can work with the exercise below.

• src/express/session.
• src/express/authentication.

Work through the exercises to get a live and running example together with an understanding on how to implement sessions, flash messages and authetication.

Figure. This is how the example looks like.

Resources

Resources that are used, or are relevant, for the areas that the lecture covers.

• Wikipedia Authentication
• Express
  • npm package express-session
• npm package bcrypt
• Wikipedia on Bcrypt algorithm