WebFund 2013W: Authenticated Sessions: Difference between revisions

Revision as of 17:39, 8 March 2013

In this tutorial you'll be looking at how authenticated sessions can be done in Node. Note that this example sends passwords in the clear to the server. If you wanted to prevent this, you would need to add SSL support to your application.

The sample express application is demo-auth-hash. It behaves similarly to the sessions tutorial from two weeks ago. The only difference here, though, is the server doesn't store plaintext passwords, and it stores them in MongoDB.

You should get the application running and you should attempt to answer the following questions about this code. Expect to see modified versions of these questions soon...

@@ Line 1: / Line 1: @@
 In this tutorial you'll be looking at how authenticated sessions can be done in Node.  Note that this example '''sends passwords in the clear to the server'''.  If you wanted to prevent this, you would need to add SSL support to your application.
-The sample express application is [http://homeostasis.scs.carleton.ca/~soma/webfund-2013w/demo-auth-hash.zip].  It behaves similarly to the [[WebFund_2013W:_Sessions|sessions tutorial]] from two weeks ago.  The only difference here, though, is the server doesn't store plaintext passwords, and it stores them in MongoDB.
+The sample express application is [http://homeostasis.scs.carleton.ca/~soma/webfund-2013w/demo-auth-hash.zip demo-auth-hash].  It behaves similarly to the [[WebFund_2013W:_Sessions|sessions tutorial]] from two weeks ago.  The only difference here, though, is the server doesn't store plaintext passwords, and it stores them in MongoDB.
 You should get the application running and you should attempt to answer the following questions about this code.  Expect to see modified versions of these questions soon...