6
Building Authentication with
passport.js
Authentication is a vital part of any application. Authentication is a way to secure the
applications we build. Every application needs some kind of mechanism for authentication.
It helps us to identify the users making requests to the application server.
In this chapter, we will discuss the following topics:
Creating a login and a register page
Installing and configuring passport.js
Learning more about the passport.js strategy, that is, the JSON Web Token
(JWT) strategy
Learn more about passport.js Local Strategy
Creating necessary endpoints in the application server to handle register and
login requests
We can build the user authentication by ourselves. However, it adds a lot of configuration
and lot of headaches. passport.js is a package that allows us to configure authentication
efficiently, taking a very small amount of time. If you want to learn and develop all by
yourself, I encourage you to do so. That will give you more insights into how everything
works. However, for this book, we will use this awesome tool called passport.js, which
is very easy to integrate and learn.
Up until this chapter, we have created a dynamic web application that displays all the
movies that we have added via the Movie Add form and the API on the home page. We
have a way of adding these movies to the database via the frontend as well. Now, since this
will be a public web application, we cannot allow everyone to add movies by themselves
without logging in. Only a user who logs in will have access and be able to add movies.
Also, in order to rate a movie, a user should log in first and then rate the movie.