Here, I go over how to add authentication to a web app using sessions. We'll use a simple custom middleware to apply to our routes that we wish to protect, and add logout at the end as well.

Continuing our series on Authentication, Token Authentication is the most well known and commonly used authentication method for API clients. And it's (seriously!) never been easier. You'll need to have read over the Username and Password tutorial already, as this tutorial builds off that.

Username and Password Authentication is very similar to HTTP Auth, except in this case we manually authenticate the user ourselves--we don't use any built in middleware to take care of it for us.

This tutorial shows to authenticate users with an email/username and password via HTTP Basic Authentication, while using the BasicAuthenticatable protocol provided by Vapor. We'll also discuss how to omit passing back a specific property to one one of our models, such as a password.

Lastly, we'll go over how to decode a JWT to get the data from the payload that you may need.

In the third installment, we'll add some custom middleware to protect our routes

In part 2 of the JWT series, we'll go over how to verify and sign tokens, so we can be sure they weren't tampered with prior to use.

This is the first of a 4 part series no JSON Web Tokens. In this article, we'll go over how to create them.

Basic Authentication is often the first step of auth for many API clients. Lear how to implement it with this tutorial.