Chapter 15.
Authentication
In this section of the book we’re going to look at how to authenticate requests to our API, so that we know exactly which user a particular request is coming from.
We will:
Lay out the possible approaches to API authentication and talk through their relative pros and cons.
Implement a stateful token-based authentication pattern, which allows clients to exchange their user credentials for a time-limited authentication token identifying who they are.