Hey dev.to community!
Update: User authentication Part 2
In user authentication part 1, I mentioned about starting with Token based authentication and securing product model. I have further extended this authentication feature with these added functionality:
- Both Product and Category models are protected: Only authenticated user can create POST/PUT/DELETE request. Anonymous user can only view the product and category, they cannot make any modification.
- Built user profile: This route allowed user to view their profile and update their profile details.
- Added change password functionality: Logged in user can change their password and on successful change of password their old token gets deleted and a new token is generated.
- Added logout functionality: Logged in user can now logout, that means their token will be deleted. So the token they received on login is no longer valid.
- Testing: Tested deleting or updating product or category only when logged in. Tested that authenticated user can view their profile, change password and logout.
See you’ll next time.. bye 👋
Complete code available here.
Top comments (0)