Back-end: Signup / Login API Routes

[sina-jamshidi]

• Create a Register route (POST)
  • this will create a new user, return 201
  • validation on the back-end - password should be atleast 6 characters, required fields (email, name)
  • simple password validation (>6 chars)
• Create a Login route (POST)
  • verify username and password
  • return 4xx if things are incorrect
• User model, don't want to save password directly on the database (hash/salt before we save them)
• Add an auth middleware / decorator - we can easily create authenticated routes and get the user object
• Try to use a decent authentication strategy something like using HTTP only cookies or localstorage