Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll

React Authentication

Well done!

You have completed React Authentication!

Sign up for Treehouse Back to Library

What Is Authentication?

4:02 with Laura Coronel

Authentication provides password protection to hide content from unauthorized users. It lets you serve content specifically to a user, as well as customize their settings and experience.

Resources

Related Discussions

Have questions about this video? Start a discussion with the community and Treehouse staff.

Sign up

    Related Discussions

    Have questions about this video? Start a discussion with the community and Treehouse staff.

    Sign up

    [MUSIC] 0:00
    Hi, everyone. 0:09
    I'm Laura, a JavaScript instructor here at Treehouse. 0:09
    In this course, we'll learn how to implement authentication and 0:13
    authorization in a React App. 0:17
    Most apps these days would not be complete without authentication. 0:19
    It's what allows users to have an identity on your website or app. 0:23
    Authentication provides password protection to hide content from 0:28
    unauthorized users. 0:32
    It lets you serve content specific to a user, 0:33
    as well as customize their settings and experience. 0:37
    When learning about authentication it's important to know the difference between 0:41
    authentication and authorization. 0:45
    The two concepts work together to ensure that only authorized users 0:47
    are allowed access to sensitive information. 0:52
    Authentication is the process of verifying the identity of a user. 0:55
    Which is typically done by requiring the user to provide some form of 0:59
    identification, in our case a username and password. 1:04
    Authorization on the other hand is the process of granting or 1:08
    denying access to content. 1:12
    Which we'll implement using React Router. 1:14
    There are many ways to authenticate a user on the Web. 1:17
    Some of the most common methods to set up authentication in your app 1:21
    are basic authentication. 1:25
    Where the username and password are encoded in base64 and 1:27
    sent over to the server. 1:32
    This is the easiest to implement and we'll be using it in this course. 1:34
    Token-based authentication where in response to a login request, 1:38
    the server generates a token and sends it back to the client. 1:43
    The client must then send this token whenever making a request. 1:47
    This was originally created as part of OAuth 2.0 but can also be used on its own. 1:51
    OAuth 2.0 is similar to token-based authentication where a token is 1:59
    used to verify your identity. 2:04
    However, instead of the API Server generating the token 2:06
    a third party does it instead. 2:10
    Don't worry if you don't understand the alternative techniques. 2:13
    Just know that there are other authentication techniques out there and 2:16
    we'll be focusing on basic authentication. 2:20
    The basic authentication scheme is part of the overall 2:23
    authentication framework provided by HTTP. 2:27
    When a client wants to authenticate a user with a server, for 2:31
    example, logging in a user, 2:35
    he can do so 2:37
    by including an authorization request header with the user's credentials. 2:37
    Basic authentication transmits the credentials as user ID password pairs. 2:43
    Which are encoded using an encoding scheme called base64. 2:49
    Base64 is a way of encoding data so that it can be transmitted over the internet or 2:54
    other channels that only support ASCII characters. 3:00
    It's important to understand that basic authentication is a less secure method of 3:03
    authentication because the user's credentials are transmitted in plain text. 3:09
    Since the username and password are encoded not encrypted. 3:13
    Anyone who intercepted the communication can easily decode it and 3:18
    retrieve the username and password. 3:22
    It should only be used over a secure encrypted connection, such as HTTPS. 3:25
    HTTPS encrypts all data being transmitted between the client and server. 3:31
    If you'd like to learn more about HTTPS be sure to check the teacher's notes. 3:38
    In this course, I'm focused on helping you build a foundation of authentication. 3:43
    Which is why we'll be using basic authentication. 3:47
    It's the simplest authentication to implement, 3:51
    and you can use the knowledge you gained in this course to branch out and 3:54
    try other more secure methods that you might find on the job. 3:58

    You need to sign up for Treehouse in order to download course files.

    Sign up

      You need to sign up for Treehouse in order to set up Workspace

      Sign up