19:["$","div",null,{"className":"bg-theme dark:bg-gray-1400 h-dvh w-dvw flex flex-col","children":[["$","a",null,{"href":"#main-content","className":"absolute left-4 top-0 focus-visible:top-4 bg-blue-700 text-white rounded-4 text-xs p-4 z-50 transform -translate-y-full focus-visible:translate-y-0 otransition","children":"Skip to main content"}],"$L36","$L37",["$","div",null,{"role":"main","id":"main-content","className":"relative overflow-y-auto items-center flex flex-col","tabIndex":-1,"children":[["$","div",null,{"className":"max-w-[62.5rem] w-full pt-24 lg:pt-48 px-20 md:px-24","children":["$","$L38",null,{"rootHref":"/learn/course-paths?courseSlug=introduction-to-authentication-and-authorization&unitSlug=navigating-authentication-and-authorization-secure-basics-with-nodejs-and-react","pathBreadcrumb":{"key":"14","title":"Full-Stack Engineering with JavaScript","href":"/learn/paths/full-stack-engineering-with-javascript"},"courseBreadcrumb":{"key":"70","title":"Introduction to Authentication and Authorization","href":"/learn/courses/introduction-to-authentication-and-authorization","options":[{"key":"59","href":"/learn/courses/getting-into-javascript-fundamentals","imageUrl":"https://d3dq4v2xxejk8c.cloudfront.net/uploads/9749808f-20c7-4e55-bc2b-68ad24af6104_optimized.jpg","numLessons":9,"numPractices":45,"active":false,"label":"Getting Into JavaScript Fundamentals","completedAt":"$undefined","completionRatio":"$undefined"},{"key":"60","href":"/learn/courses/web-development-with-html-css-and-javascript","imageUrl":"https://d3dq4v2xxejk8c.cloudfront.net/uploads/be3eacac-10ea-4eba-9e53-291ca7cbdfcf_optimized.jpg","numLessons":7,"numPractices":35,"active":false,"label":"Web Development with HTML, CSS, and JavaScript","completedAt":"$undefined","completionRatio":"$undefined"},{"key":"61","href":"/learn/courses/client-side-web-development-with-reactjs","imageUrl":"https://d3dq4v2xxejk8c.cloudfront.net/uploads/0761e27f-717e-4ccd-babb-31d2bd90e55f_optimized.jpg","numLessons":7,"numPractices":35,"active":false,"label":"Client-side Web Development with React.js","completedAt":"$undefined","completionRatio":"$undefined"},{"key":"69","href":"/learn/courses/server-side-web-development-with-nodejs-and-expressjs","imageUrl":"https://d3dq4v2xxejk8c.cloudfront.net/uploads/182b5d5f-dfb0-4880-945c-33f534b69e77_optimized.jpg","numLessons":6,"numPractices":28,"active":false,"label":"Server-side Web Development with Node.js and Express.js","completedAt":"$undefined","completionRatio":"$undefined"},{"key":"71","href":"/learn/courses/introduction-to-mongodb","imageUrl":"https://d3dq4v2xxejk8c.cloudfront.net/uploads/f57e9faf-526d-4632-87bc-f19d0455c2f9_optimized.jpg","numLessons":5,"numPractices":25,"active":false,"label":"Introduction to MongoDB","completedAt":"$undefined","completionRatio":"$undefined"},{"key":"70","href":"/learn/courses/introduction-to-authentication-and-authorization","imageUrl":"https://d3dq4v2xxejk8c.cloudfront.net/uploads/d3f6f7f4-ed54-4c11-9613-0a4357b52271_optimized.jpg","numLessons":5,"numPractices":24,"active":true,"label":"Introduction to Authentication and Authorization","completedAt":"$undefined","completionRatio":"$undefined"}]},"lessonBreadcrumb":{"key":"850","title":"Navigating Authentication and Authorization: Secure Basics with Node.js and React","options":[{"key":"850","href":"/learn/courses/introduction-to-authentication-and-authorization/lessons/navigating-authentication-and-authorization-secure-basics-with-nodejs-and-react","active":true,"label":"Navigating Authentication and Authorization: Secure Basics with Node.js and React","completedAt":"$undefined"},{"key":"851","href":"/learn/courses/introduction-to-authentication-and-authorization/lessons/introduction-to-user-authentication-with-nodejs-and-expressjs","active":false,"label":"Introduction to User Authentication with Node.js and Express.js","completedAt":"$undefined"},{"key":"852","href":"/learn/courses/introduction-to-authentication-and-authorization/lessons/securing-the-universe-of-user-data-unveiling-password-security-hashing-encryption-and-bcrypt-implementation","active":false,"label":"Securing the Universe of User Data: Unveiling Password Security, Hashing, Encryption, and bcrypt Implementation","completedAt":"$undefined"},{"key":"853","href":"/learn/courses/introduction-to-authentication-and-authorization/lessons/exploring-the-galaxy-of-authorization-setting-up-rbac-managing-user-roles-and-creating-authorization-middleware","active":false,"label":"Exploring the Galaxy of Authorization: Setting Up RBAC, Managing User Roles, and Creating Authorization Middleware","completedAt":"$undefined"},{"key":"854","href":"/learn/courses/introduction-to-authentication-and-authorization/lessons/manual-tokenization-creating-storing-and-using-authentication-tokens-in-javascript-and-react","active":false,"label":"Manual Tokenization: Creating, Storing, and Using Authentication Tokens in JavaScript and React","completedAt":"$undefined"}]}}]}],["$","div",null,{"className":"max-w-[62.5rem] w-full pt-24 pb-60 px-20 md:px-24 space-y-32 md:space-y-48","children":[["$","div",null,{"className":"mx-auto h-[12rem] w-[21.25rem] md:h-[25.5rem] md:w-[45rem] lg:h-[33.5rem] lg:w-[59.5rem] shrink-0","children":["$","$L39",null,{"src":"https://k3-production-bucket.s3.amazonaws.com/uploads/d0db742e-ff08-4dd7-92b0-891ee460b4f3_combined_video.mp4","thumbnailUrl":"https://k3-production-bucket.s3.amazonaws.com/uploads/bd97e7dd-be1f-4952-8317-41d471a23dcc_slide-1.png","mimeType":"video/mp4","speed":1,"forcePause":false}]}],[["$","div","4036",{"className":"space-y-32","children":[["$","div",null,{"className":"text-h-md text-theme-strong","children":"Overview and Goals"}],["$","div",null,{"className":"space-y-24 text-lg text-theme","children":[["$","p","p-0",{"children":["Welcome, seeker of code wisdom! In today's lesson, we will unveil the secrets of ",["$","strong","strong-0",{"children":"authentication"}]," and ",["$","strong","strong-1",{"children":"authorization"}],". We will elucidate these security protocols, construct a basic authentication system with ",["$","code","code-0",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"Node"}],", and guide you in creating an engaging login page using ",["$","code","code-1",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"React"}],"."]}]]}]]}],["$","div","4037",{"className":"space-y-32","children":[["$","div",null,{"className":"text-h-md text-theme-strong","children":"Basics of Authentication and Authorization"}],["$","div",null,{"className":"space-y-24 text-lg text-theme","children":[["$","p","p-0",{"children":"Join us as we unravel the intricacies of authentication and authorization. Consider them as sentinels of a fortress—authentication verifies the user's identity, it's akin to a sentry poised with the question: \"Who goes there?\" Conversely, authorization, acting much like a gatekeeper, determines: \"What can you do here?\" These security precautions cast their protective aura over every virtual transaction, ranging from accessing a library to operating a banking application."}]]}]]}],["$","div","4038",{"className":"space-y-32","children":[["$","div",null,{"className":"text-h-md text-theme-strong","children":"Importance of Authentication and Authorization"}],["$","div",null,{"className":"space-y-24 text-lg text-theme","children":[["$","p","p-0",{"children":"To ensure the safety of the data realm, authentication and authorization combine their strengths to form an impregnable fortress. Imagine a banking system where anyone could waltz right in and claim they are the king! It's these qualitative security layers that prevent such chaos. The system, acting much like a bank sentry, authenticates users by verifying their identity, then authorizes services according to the user's account type, ensuring only rightful access to resources."}]]}]]}],["$","div","4039",{"className":"space-y-32","children":[["$","div",null,{"className":"text-h-md text-theme-strong","children":"Creating Basic Authentication in a Node Server"}],["$","div",null,{"className":"space-y-24 text-lg text-theme","children":[["$","p","p-0",{"children":["The magic of ",["$","code","code-0",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"Node.js"}],", a humble server-side scripting JavaScript runtime, awaits us! By harnessing the power of JavaScript, we will conjure up a basic authentication system. Our hard-coded user data will manifest, similar to a parchment holding a simple spell!"]}],"\n",["$","div","pre-0",{"className":"my-24","children":["$","$L3a",null,{"language":"javascript","onClickPlay":"$undefined","display":"block","children":"// Import libraries and prepare for incantations\nconst express = require(\"express\");\nconst app = express();\napp.use(express.json());\n\n// Hardcoded user in our enchanted script\nconst user = {id: \"1\", username: \"admin\", password: \"admin\"};\n\n// The spell, the sentry, and the gatekeeper\napp.post(\"/login\", (req, res) => {\n const {username, password} = req.body;\n \n // A simple incantation of authentication\n if (username === user.username && password === user.password) {\n res.status(200).send(\"Login successful\");\n } else {\n // Oops! The spell failed\n res.status(401).send(\"Invalid username or password\");\n }\n});\n\n// Invoke the server\napp.listen(3000, () => console.log(\"Server is humming...\"));"}]}],"\n",["$","p","p-1",{"children":"In the code spell above, our server eagerly awaits a POST bearing secret passcodes—a login and password. Upon successful authentication, the server responds with \"Login successful\". Congratulations, we have built a foundation!"}]]}]]}],["$","div","4040",{"className":"space-y-32","children":[["$","div",null,{"className":"text-h-md text-theme-strong","children":"Creating the User Login Page in React"}],["$","div",null,{"className":"space-y-24 text-lg text-theme","children":[["$","p","p-0",{"children":["Let’s fashion a straightforward login form in ",["$","code","code-0",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"React"}]," as the main client-side component that connects us to the authentication gateways of the backend."]}],"\n",["$","div","pre-0",{"className":"my-24","children":["$","$L3a",null,{"language":"javascript","onClickPlay":"$undefined","display":"block","children":"function LoginForm() {\n const [details, setDetails] = useState({email:\"\", password:\"\"}); // The humble beginnings of form data\n\n // Behold the birth of the login form\n return (\n \n );\n}"}]}],"\n",["$","p","p-1",{"children":"For a better user experience, we should include user-friendly prompts and informative validation error messages in both forms. But for now, let's keep things simple as this is an introductory lesson."}]]}]]}],["$","div","4041",{"className":"space-y-32","children":[["$","div",null,{"className":"text-h-md text-theme-strong","children":"Sending POST Requests to Login Route"}],["$","div",null,{"className":"space-y-24 text-lg text-theme","children":[["$","p","p-0",{"children":"After crafting our login form, we need to handle form submissions. We want to send a POST request with our form data to the server when a user clicks the submit button. But how do we make this happen?"}],"\n",["$","p","p-1",{"children":["We're going to make our ",["$","code","code-0",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"submitHandler"}]," function more complex, by initiating a POST request to our previously defined login endpoint at the server. To help us with this, we'll use Fetch API — a built-in JavaScript library for making HTTP requests."]}],"\n",["$","p","p-2",{"children":["Here's the updated ",["$","code","code-0",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"LoginForm"}]," with the fetch logic included:"]}],"\n",["$","div","pre-0",{"className":"my-24","children":["$","$L3a",null,{"language":"javascript","onClickPlay":"$undefined","display":"block","children":"function LoginForm() {\n const [details, setDetails] = useState({username:\"\", password:\"\"});\n\n const submitHandler = e => {\n e.preventDefault(); // Prevent page refresh\n\n fetch('http://localhost:3000/login', {\n method: 'POST',\n headers: {\n 'Content-Type': 'application/json'\n },\n body: JSON.stringify(details),\n })\n .then(response => response.text())\n .then(data => alert(data))\n .catch((error) => {\n console.error('Error:', error);\n });\n }\n\n // Rest of the LoginForm component...\n}"}]}],"\n",["$","p","p-3",{"children":["In the ",["$","code","code-0",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"submitHandler"}]," function, we're using the ",["$","code","code-1",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"fetch()"}]," function to send a POST request to the login endpoint. We've set the ",["$","code","code-2",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"method"}]," to ",["$","code","code-3",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"'POST'"}]," to indicate the type of HTTP request, and included ",["$","code","code-4",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"headers"}]," to define the format of the request body."]}],"\n",["$","p","p-4",{"children":["The request body (",["$","code","code-0",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"body"}],") is where we include our form data (",["$","code","code-1",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"details"}],"), which is stringified before sending. This way, we can smoothly send our email and password data to the server for authentication!"]}],"\n",["$","p","p-5",{"children":["The ",["$","code","code-0",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"fetch"}]," function returns a ",["$","code","code-1",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"Promise"}]," that resolves to the ",["$","code","code-2",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"Response"}]," to that request. To handle the response and convert it to text, we call ",["$","code","code-3",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"response.text()"}],"."]}],"\n",["$","p","p-6",{"children":"With this, you have successfully linked your login form with your backend server! The data entered in the form will now be sent to the server for authentication when the form is submitted. It's just like handing your ticket to the museum staff to get access to the fabulous exhibits inside!"}]]}]]}],["$","div","4042",{"className":"space-y-32","children":[["$","div",null,{"className":"text-h-md text-theme-strong","children":"Lesson Summary and Practice"}],["$","div",null,{"className":"space-y-24 text-lg text-theme","children":[["$","p","p-0",{"children":["Bravo! You've embarked on the authentication and authorization journey, erected a basic authentication system in ",["$","code","code-0",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"Node.js"}],", and traversed time to shape a login form in ",["$","code","code-1",{"className":"px-4 py-2 rounded-4 bg-theme-strong dark:bg-theme-medium text-code-lg","style":{"fontVariantLigatures":"none"},"children":"React"}],"! These fundamental elements, my valiant learners, serve as the foundation of the grand palace of knowledge awaiting your exploration. Ahead lie practice exercises to manifest your theoretical knowledge into hands-on mastery. Seize this opportunity to delve deeper into these concepts, tie them to concrete tasks, and watch the fundamental aspects bloom into powerful tools of application security. Forward, to the further heights and deeper valleys of the coding realm! Happy coding!"]}]]}]]}]],["$","div",null,{"className":"flex gap-16 justify-between md:justify-start","children":[null,[["$","div",null,{"className":"hidden lg:block","children":["$","$L10",null,{"href":"/learn/courses/introduction-to-authentication-and-authorization/lessons/introduction-to-user-authentication-with-nodejs-and-expressjs","variant":"tertiary","size":"sm","TrailingIcon":"$3b","maxWidth":"47rem","children":"Next Lesson: Introduction to User Authentication with Node.js and Express.js"}]}],["$","div",null,{"className":"hidden md:block lg:hidden","children":["$","$L10",null,{"href":"/learn/courses/introduction-to-authentication-and-authorization/lessons/introduction-to-user-authentication-with-nodejs-and-expressjs","variant":"tertiary","size":"sm","TrailingIcon":"$3b","maxWidth":"33rem","children":"Next Lesson: Introduction to User Authentication with Node.js and Express.js"}]}],["$","div",null,{"className":"md:hidden","children":["$","$L10",null,{"href":"/learn/courses/introduction-to-authentication-and-authorization/lessons/introduction-to-user-authentication-with-nodejs-and-expressjs","variant":"tertiary","size":"sm","TrailingIcon":"$3b","children":"Next"}]}]]]}]]}],["$","div",null,{"className":"flex flex-col bg-gray-200 dark:bg-gray-1400 w-full px-20 md:px-24 pt-24 pb-48 items-center","children":["$","div",null,{"className":"max-w-screen-xl w-full flex flex-col lg:flex-row py-20 px-24 items-center justify-between gap-48 lg:gap-60 xl:gap-96","children":[["$","$L3c",null,{"alt":"Sign up","src":"/learn/img/signup-module.png","className":"h-auto w-[335px] md:w-[440px] lg:w-[480px] xl:w-[570px]","width":570,"height":336}],["$","div",null,{"className":"flex flex-col gap-32 ml-24 items-center lg:items-start","children":[["$","div",null,{"className":"text-h-md md:text-h-xl text-theme-strong text-center lg:text-start","children":"Join the 1M+ learners on CodeSignal"}],["$","div",null,{"className":"text-lg font-normal md:text-2xl text-theme text-center lg:text-start md:max-w-[536px] lg:max-w-none","children":"Be a part of our community of 1M+ users who develop and demonstrate their skills on CodeSignal"}],["$","$L35",null,{"size":"lg","pageType":"lessonPreview","uiRegion":"joinModule","children":"Start learning today!"}]]}]]}]}],"$L3d"]}]]}]