Authentication

Client-side authentication uses a JSON web token generated on the server and then passed in each API call from the client.

The client auth methods are located within the AuthProvider defined in /client/src/app/auth.js

The AuthProvider handles signing in, signing out and checking user permissions.

The authentication process is:

  1. User signs in

  2. Server authenticates the user and generates a token

  3. Token is returned to the client and AuthProvider stores the token

  4. When making an API call, authToken is automatically passed to the server

  5. Token is verified on the server

Permissions passed from the server can also be used to create private routes on the client-side using the <PrivateRoute> component.