📄️ The User Model
Before we can log anyone in, we need a User entity.
📄️ Registration & Password Hashing
Now that we have a User model, we need a way to create users. However, we cannot just save the password exactly as the user typed it. If our database were ever hacked, everyone's passwords would be stolen.
📄️ Login & JWT Implementation
We can create users, but they can't "log in" yet. In a REST API, "logging in" doesn't mean creating a session on the server (stateful). Instead, it means exchanging valid credentials for a Token (stateless).
📄️ Protecting Routes (Auth Middleware)
We can issue tokens, but right now our API ignores them. Anyone can still send a POST request to create a post without logging in.