6

Building Authentication with

passport.js

Authentication is a vital part of any application. Authentication is a way to secure the

applications we build. Every application needs some kind of mechanism for authentication.

It helps us to identify the users making requests to the application server.

In this chapter, we will discuss the following topics:

Creating a login and a register page

Installing and configuring passport.js

Learning more about the passport.js strategy, that is, the JSON Web Token

(JWT) strategy

Learn more about passport.js Local Strategy

Creating necessary endpoints in the application server to handle register and

login requests

We can build the user authentication by ourselves. However, it adds a lot of configuration

and lot of headaches. passport.js is a package that allows us to configure authentication

efficiently, taking a very small amount of time. If you want to learn and develop all by

yourself, I encourage you to do so. That will give you more insights into how everything
works. However, for this book, we will use this awesome tool called passport.js, which

is very easy to integrate and learn.

Up until this chapter, we have created a dynamic web application that displays all the

movies that we have added via the Movie Add form and the API on the home page. We
have a way of adding these movies to the database via the frontend as well. Now, since this

will be a public web application, we cannot allow everyone to add movies by themselves

without logging in. Only a user who logs in will have access and be able to add movies.
Also, in order to rate a movie, a user should log in first and then rate the movie.