What Is the Difference Between Authorization and Authentication?

As a NodeJS developer, there is a good chance you will create a login page. Along with the login page, you will probably have to determine what permissions each user has. To complete these tasks, you use authentication and authorization. These core concepts are fundamental to keeping web applications functional and secure.

In this tutorial we'll:

• Explore how to authenticate users in Node
• Explore the concept of authorization in Node
• Learn the difference between authentication and authorization

By the end of this Node.js tutorial, you will have a clear understanding of how user authentication and user authorization work together to keep Node.js applications secure.

This tutorial is part 1 of 7 tutorials that walk through using Express.js to handle user authorization and authentication. In the process you'll learn about creating and validating forms, and both session and JSON Web Tokens (JWT) authentication. This set of tutorials includes:

• What Is the Difference Between Authorization and Authentication? (this tutorial)
• What Are Form Validation and Sanitization?
• Process a User Login Form with ExpressJS
• How to Validate and Sanitize an ExpressJS Form
• What Is the Difference Between Sessions and JSON Web Tokens (JWT) Authentication?
• Set Up ExpressJS Session Authentication for Node Applications
• Authenticate Users With Node ExpressJS and Passport.js