Skip to main content
Bytes & Beyond

Authentication

Authentication flows, login request handling, JWT tokens, password security, and production patterns

Authentication

Welcome to the Authentication learning hub. This section covers authentication flows, login request handling, security considerations, and production patterns essential for building secure applications.

Articles

Core Concepts

  1. Login Request Lifecycle

    • Complete walkthrough from client submission to authenticated session
    • Client-side preparation and validation
    • Server-side credential verification
    • Session creation and token generation

  2. JWT Tokens

    • JWT structure: header, payload, signature
    • Why Base64URL encoding
    • Authentication flow
    • Security best practices

  3. JWT in Node.js

    • jsonwebtoken library usage
    • Express middleware for protected routes
    • Token refresh pattern
    • Implementing logout with blacklist

  4. Password Security & Hashing

    • Why plaintext storage is catastrophic
    • Hashing algorithms: bcrypt, Argon2, PBKDF2
    • Salt and pepper concepts
    • Secure password storage strategies