Day 26 Exit Ticket - Authentication

# Day 26 Exit Ticket - Authentication ### Daily Objectives * Explain the motivation for token-based authentication. * Describe the various parts of a JSON web token. * Implement JWT authentication in a full stack application using the jsonwebtoken library. * Explain the motivation for encrypting passwords. * Use the bcrypt library to encrypt passwords before you store them in your database. ### Key Topics * JSON web tokens * Using localStorage on the frontend to store token * Passing the token as an authorization header with HTTP requests * Creating tokens using `jsonwebtoken` * Verifying tokens using `jsonwebtoken` * Identifying the three parts of a JWT * Password encryption * Using `bcrypt` to hash passwords * Using `bcrypt` to compare plain passwords to hashed passwords * Environment variables * For securely storing the secret needed for `jsonwebtoken` ### Pre-reading * [Getting Started with JSON Web Tokens](https://auth0.com/learn/json-web-tokens/) ### Lessons <hr> #### 01 - JSON Web Tokens #### Objectives * Explain the motivation for token-based authentication. * Describe the various parts of a JSON web token. * Implement JWT authentication in a full stack application using the jsonwebtoken library. #### Assets | | Assets | Time | | ------------- |:---------------------: | -----:| | **KEYNOTE** | [JWT](https://docs.google.com/presentation/d/19BCz0klICG7ztLeepExQxunWzD4B33PNA3iFLoQkCqM/edit?usp=sharing) | | | **LECTURE** | [Sample Lecture](https://youtu.be/08LCVCp_XNc) | 25 mins | | **DEMO** | [Sample Demo](https://youtu.be/-wycu-eLTtg) | 60 mins | <hr> #### 02 - bcrypt #### Objectives * Explain the motivation for encrypting passwords * Use the bcrypt library to encrypt passwords before you store them in your database #### Assets | | Assets | Time | | ------------- |:---------------------: | -----:| | **KEYNOTE** | [bcrypt](https://docs.google.com/presentation/d/1NWx0ASqOWVVqtmk8citCEPlBxzvzkcXe5S_anHYKc5o/edit?usp=sharing) | | | **LECTURE** | [Sample Lecture](https://youtu.be/ewZXAfAyyfQ) | 10 mins | | **DEMO** | [Sample Demo (same as above)](https://youtu.be/-wycu-eLTtg) | 60 mins | | **LMS PAIR WORKSHOP** | [Pair Exercise: JWT Authentication and Password Hashing](https://learn.fullstackacademy.com/workshop/5fe2759804396f0004a82f41/landing)| 1.5 hrs | | **WORKSHOP START** | N/A | | | **WORKSHOP SOLUTION CODE** | [Solution](https://github.com/FullstackAcademy/PairExercise.JWTAuthWithPasswordHashing.Solution) | | | **WORKSHOP SOLUTION VIDEO** | None | | <hr> ### Exit Ticket | Exit Ticket Template | Solution | | -------------------- |:-------: | | [Form Link](https://docs.google.com/forms/d/1oWbbL99SFkYAyrQxjDNX8kdLoS2x4QvutLxxTR0-gHo/edit)| - | ### Additional Resources None ### Notes None