I'm trying to learn about authentication and authorization, but all I can find are scattered pieces of information, not a comprehensive tutorial. How did you all learn about this complex topic?
3 Answers
Auth is definitely a tricky subject, and I don't think you'll find a single tutorial that covers everything. Here's how I approached it:
1. First, get a solid grasp of the basic username and password authentication flow.
2. Learn about password hashing, including salt and hash, and why these are necessary.
3. Try implementing a username and password sign-in system from scratch to really understand how HTTP requests work and how to securely handle password data.
4. Dive into OAuth, as it’s crucial for social sign-ins, although it's a complex protocol. This article [Why is OAuth Still Hard](https://www.nango.dev/blog/why-is-oauth-still-hard) provides great insights into that.
5. Pick an open-source auth framework to learn from based on your programming language.
6. Lastly, don't try to build your own auth system from the ground up; it's a serious challenge to create a secure and robust flow! Hope this helps you out!
Same here, it's tough finding the all-in-one guide! You're not alone in this struggle. Authentication is layered and nuanced, so just piecing together what you can is helpful until something comprehensive pops up!
I feel you! It’s like looking for a complete guide on French cooking rather than just individual recipes. You won't find a full tutorial for something as complicated as auth. It’s all about specific problems and solutions. If you have a particular question, that’s where you’ll find more helpful guidance. Without a specific issue, you’ll mostly come across general theories and concepts, which can be frustrating!
Exactly! It's super complex, but tackling it in small parts makes it a bit less overwhelming.