Hey guys, in this video we will implement session-based authentication in Node.js using Express, a minimalist framework for web servers, and express-session, an Express middleware for server-side sessions. We will develop the login, logout, and register functionality, as well as discuss security and scaling. To get the most out of this video, I recommend that you start with Authentication on the Web https://youtu.be/2PPSXonhIck which lays the theoretical groundwork for this episode.
We begin with a detailed walkthrough of express-session and its configuration options. Once we set up the sessions, we will wire them up to server routes, which will entail input validation, user lookup, and error handling. We will also protect the routes with guards, or middleware, to check for authenticated users. Finally, we will demo the app, and observe the session lifecycle to nail down the mechanics of session management. We will then conclude with final thoughts about enhancing security and deploying to production.
Redis session store https://github.com/tj/connect-redis