Now that our Notes application can save its data in a database, we can think about the next phase of making this a real application, namely authenticating our users. In this chapter, we'll discuss the following three aspects of this phase:
Creating a microservice to store user profile/authentication data.
User authentication with a locally stored password.
Using OAuth2 to support authentication via third-party services. Specifically, we'll use Twitter as a third-party authentication service.
Note
It seems so natural to log in to a website to use its services. We do it every day, and we even trust banking and investment organizations to secure our financial information through login procedures on a website. HTTP is a stateless protocol, and a web application cannot tell much about one HTTP request versus another. Because HTTP is stateless, HTTP requests do not natively know whether the user driving the web browser is logged in, the user...