πŸ“˜ What is Authentication?

Authentication is the process of verifying the identity of a user or system. It ensures that someone trying to access a system is actually who they claim to be.

🎯 Why It Matters

πŸ› οΈ Common Types of Authentication

Type Description Example
Password-based User provides a secret password Email or social media login
OTP (One-Time Pin) Temporary code sent via SMS/email Logging into a bank app
Biometric Based on physical characteristics Face ID or fingerprint scanner
Token-based Uses a generated token after login JWT in web APIs
OAuth Third-party authentication provider β€œLogin with Google” or GitHub

πŸ”„ Authentication vs Authorization

Feature Authentication Authorization
Purpose Confirms identity Grants permissions
Happens When? First step After authentication
Example Logging into a system Accessing an admin-only feature

πŸ§ͺ Token-Based Authentication (JWT Flow)

  1. User logs in with credentials.
  2. Server verifies and returns a signed JWT token.
  3. Client stores token (usually in localStorage or cookies).
  4. Client sends token with every request (usually via headers).