In this chapter, we're going to explore different methods of securing an application through authentication and authorization. We'll talk about some of the basics of each concept, and then show how hapi simplifies the process of adding both to an application in an easy-to-manage, configurable way.
Fortunately, hapi is a security-focused framework, and as mentioned throughout this book, aims to ensure that developers don't accidentally use the wrong defaults when it comes to implementing things such as security. Therefore, right from the framework's inception, it has had core support for both authentication and authorization, rather than leaving it up to a third-party module. Application security is core to almost every application nowadays; it's not enough for it to be an afterthought in an application or a framework.
When first working with a new technology or framework, security was usually the first stumbling block I...