Lesson about sessions and implementing session-based auth.
Lesson outline
The following items define the scope of the lesson. The lesson outline is flexible; you can improve, expand, and omit items whilst writing lesson content (make sure the pull request description mentions that).
High level overview of sessions and session-based auth.
Touch on the use of cookies in session-based auth but don't dive into details (separate lesson).
Give simple example of manual implementation of session-based auth in a same-site context using express-session.
Also demonstrate using a DB session store e.g. (pg-connect-simple) for persistence.
High level overview of password storage security and password hashing with argon2id.
Acceptance criteria
If the requirements here are not met, the work effort is not complete.
[ ] Lesson conforms to the outline above (unless outline has been modified).
Lesson: Sessions
Lesson overview
Lesson about sessions and implementing session-based auth.
Lesson outline
The following items define the scope of the lesson. The lesson outline is flexible; you can improve, expand, and omit items whilst writing lesson content (make sure the pull request description mentions that).
express-session
.Acceptance criteria
If the requirements here are not met, the work effort is not complete.
Additional information
Get the lesson template
Download the lesson template using the following command (replace
lesson_name
with the actual lesson name):