icodebyamanda
commented
3 years ago Andrea: If we create the login page, and we only want some components to be seen by the registered people only, those components won’t be visible for people not registered? Or do I need to change them into another place in the FE file?
G: when you receive a successful token after a login, you could also notify the App component (with a callback prop) that the user is logged in
This info can be stored in the state of the App, and you can use that information to show/hide links to private pages.
N: You don't have to. You can use tokens to restrict access to routes so if a user doesn't have a token, they can't access that route
the "login" page and the "register" page are NOT the same thing, nor they point to the same endpoints in the backend. Register page (and endpoint) is for inserting a new user into the database (including encrypted password). Login page (and endpoint) is for authenticating the user, meaning, check that the password is correct and generate a token.
most of you are working with projects that already have a "users" table. In some projects, it's called users. in other projects the table for the same purpose can have a different name (for example, "instructors"). Probably one of your first tasks will be the add a password field (column) into that table.
When you manage to complete the "registration" process and the login process (in which you STORE THE TOKEN in the frontend), the "last steps" are to send the token along with any request that needs authorization. This way you can know who the user is (in the backend) and therefore filter the results that you return by that user, or any other logic that you need to perform user-dependent.