§9.7.

Exercises

Exercise: Add authentication

Add login and authentication logic to the shopping list or another application you are developing.

Exercise: Refactoring

Ensuring that every operation is only available to authorized users may involve repetitive code. For example, you may need to ensure that every single API endpoint (except for /login) first checks that the user has logged in.

This repetition can result in errors, especially if you accidentally forget to add the authentication check on one of your critical endpoints.

How could you reduce repetition and reduce the chance of forgetting to secure part of your application? Can you design a module, function, middleware or layer to simplify your authentication logic?