Implementing the authentication system
Authentication is the process of identifying who the user on a platform is. In our application, we need to identify users when they access the admin dashboard.
Before implementing the system, we should look closely at how it will work.
Authentication system overview
We are going to authenticate the users with a token-based authentication system. That means the API will expect the user to send their authentication token with the request to access protected resources.
Let’s take a look at the following diagram and the subsequent steps:
Figure 7.1 – Authentication system overview
The preceding diagram is explained as follows:
- The user submits the login form with the credentials by creating a request to the
/auth/loginendpoint. - If the user exists and the credentials are valid, a response with the user data returns. In addition to the response data, we are also attaching an
httpOnlycookie...
