The notes that a user has entered should be private to this user. To implement this behavior, we need a way to authenticate a user and ensure that only the authenticated users can see their list of notes.
There are several methods available to authenticate a user. They all can be used with vibe.d:
Basic authentication: The browser shows a pop-up window asking for a username and password. Both are transmitted in plaintext to the server.
Digest authentication: The browser shows a pop-up window asking for a username and password. Only a digest of the password is transmitted to the server, not the password itself.
Form-based authentication: The application itself embeds a form asking for a username and password. Both are transmitted in plaintext to the server.
It should be clear that a password must not be transmitted in plaintext over the wire. The use of TLS/SSL is mandatory in this case. How to configure vibe.d in order to use TLS/SSL is described in the Form-based authentication...