Book Image

Designing Web APIs with Strapi

By : Khalid Elshafie, Mozafar Haider
4 (1)
Book Image

Designing Web APIs with Strapi

4 (1)
By: Khalid Elshafie, Mozafar Haider

Overview of this book

Strapi is a Node.js-based, flexible, open-source headless CMS with an integrated admin panel that anyone can use and helps save API development time. APIs built with Strapi can be consumed using REST or GraphQL from any client. With this book, you'll take a hands-on approach to exploring the capabilities of the Strapi platform and creating a custom API from scratch. This book will help JavaScript developers to put their knowledge to work by guiding them through building powerful backend APIs. You'll see how to effortlessly create content structures that can be customized according to your needs, and gain insights into how to write, edit, and manage your content seamlessly with Strapi. As you progress through the chapters, you'll discover a wide range of Strapi features, as well as understand how to add complex features to the API such as user authentication, data sorting, and pagination. You'll not only learn how to find and use existing plugins from the open-source community but also build your own plugins with custom functionality with the Strapi plugin API and add them to the admin panel. Finally, you'll learn how to deploy the API to Heroku and AWS. By the end of this book, you'll be able to build powerful, scalable, and secure APIs using Strapi.
Table of Contents (17 chapters)
1
Section 1: Understanding Strapi
6
Section 2: Diving Deeper into Strapi
11
Section 3: Running Strapi in Production

Chapter 7: Authentication and Authorization in Strapi

In this chapter, we will explore the topic of authentication and authorization in Strapi. We will start the chapter by explaining the difference between admin users and API users. Then, we will see how to work with login and sign-up functionality. Afterward, we will explain how to protect and secure certain API routes from unauthorized access.

The topics we will cover in this chapter are as follows:

  • The difference between admin users and API users
  • Login and sign-up in Strapi
  • Securing API routes
  • Roles and permissions
  • Working with Strapi policies
  • Overview of OAuth providers

By the end of this chapter, you will be able to implement authentication in the API, as well as adding a layer of authorization to prevent unauthorized users from accessing certain areas of the API.