Recall & Review
beginner
What is authentication in web applications?
Authentication is the process of verifying who a user is, usually by checking their username and password.
Click to reveal answer
beginner
What does authorization mean in the context of web apps?
Authorization is the process of checking what a user is allowed to do after they have been authenticated.
Click to reveal answer
beginner
How does authentication differ from authorization?
Authentication confirms your identity; authorization decides what you can access or do.
Click to reveal answer
intermediate
In Express, which middleware is commonly used for authentication?
Passport.js is a popular middleware used in Express to handle authentication.
Click to reveal answer
intermediate
Why is it important to separate authentication and authorization in Express apps?
Separating them helps keep code clear and secure: first confirm identity, then check permissions.
Click to reveal answer
What does authentication verify?
✗ Incorrect
Authentication is about verifying who the user is.
What is the main purpose of authorization?
✗ Incorrect
Authorization checks what the user is allowed to do.
Which comes first in a secure Express app?
✗ Incorrect
Authentication must happen before authorization.
Which Express middleware is often used for authentication?
✗ Incorrect
Passport.js helps handle authentication in Express.
If a user is authenticated but not authorized, what happens?
✗ Incorrect
Authorization controls access after authentication.
Explain in your own words how authentication and authorization differ in an Express app.
Think about who you are vs what you can do.
You got /4 concepts.
Describe why separating authentication and authorization improves security in Express applications.
Consider the steps to safely allow users to use your app.
You got /4 concepts.