credentials ◍ The credentials are checked against a database. ◍ If the credentials are valid, a session is created for the user on the server. The session can be stored in files, a cache store like Redis, a database, etc WHAT HAPPENS NEXT?
Cookie ◍ Cookies are sent in HTTP headers with both requests and responses ◍ Cookies can be retrieved from the headers via req.headers.cookie. ◍ Validate a user against the decoded token from the cookie on the server and grant access if the token is valid else redirect to login.
form with a text box ◍ Server validates if the email exists in the db. ◍ If it doesn’t, create a new account, a token and send an email to the user. ◍ In the users box, there’s a verify link with a token.
the link, token is verified, and then the user is logged in. ◍ User submits an email, clicks login. It sends a POST request to the server. ◍ A token is generated, and then a security code is sent together with a link to the users inbox. ◍ User clicks on the verify link. The token is verified on the server and sets a cookie on server and client.