Authentication and Authorization using Node.js

  • Job DurationedX
  • Job Duration4 weeks long, 4-5 hours a week
  • Job DurationFree Online Course (Audit)

Project detail


Are you a developer who just learned how to build a basic web application using Node.js and Express? Great! However, most apps don’t operate in a vacuum. Apps need to allow users to log in, enable different access for users based on permissions, and make secure requests to other apps. If you want to make your application production-ready, implementing authentication and authorization is absolutely necessary.

This course will teach you how to leverage npm libraries to implement authentication and authorization into your app. You will learn how to securely encrypt and store passwords, implement web sessions, and authenticate with social media accounts like LinkedIn and Twitter. You will become familiar with new and sometimes intimidating terms such as OAuth, JWT, and CSRF.

This course is taught by a Node.js expert who has built secure, production-level apps that have served over 50 million users worldwide.

If you have taken Introduction to Node.js on edX then this course will be a great follow up to advance your knowledge as a Node.js engineer.


Module 0 : Introduction

  • Learn the difference between authentication and authorization
  • Get an overview of the main authentication and authorization techniques

Module 1 : Authorization with Express

  • Implement authorization using Express middleware
  • Creating an Access Control List(ACL) database using MongoDB

Module 2 : Web Sessions and JSON Web Tokens

  • Implement web sessions with express-session and MongoDB
  • Implement password hashing with Bcrypt

Module 3 : Authentication with Node-oauth

  • Use OAuth 2 to authenticate a user with the GitHub API
  • Implement a 3-legged OAuth 2 flow to authenticate a user

Module 4 : Authentication with Passport.js

  • Authenticate a user through their LinkedIn profile with Passport.js
  • Authenticate a user through their Twitter profile with Passport.js

Languages required