Authenticating users
One of the most common tasks of a web application is handling registration and logging in. By logging in, users can tell the web server that they really are who they say they are.
We already created a sign-up system when we implemented CRUD for the user model. Now, let's implement a login system using the existing user model.
The idea for login is simple: the user can fill in their username and password. The application then verifies that the username and password are valid. After that, the application can generate a cookie with the user's information and return the cookie to the web browser. Every time there's a request from the browser, the cookie is sent back from the browser to the server, and we validate the content of the cookie.
To make sure we don't have to implement the cookie for every request, we can create a request guard that validates the cookie automatically if we use the request guard in a route handling function.
...
