Lesson 19 (Authentication)

Lesson 19: Authentication

In the prep work for this lesson, the students learned

1. What authentication is.
2. What sessions and cookies are and how sessions and cookies are used to verify a user's identity.
3. The importance of encryption.
4. Why developers use one-way encryption to protect users' passwords.
5. How to use write a basic authentication flow in Spring.

Announcements

1. Students are almost done with the class! One class left!
2. Check with your course manager for any additional announcements.

For Part-Time Students:

1. Assignment #4 is due soon!

For Full-Time Students:

• Welcome to Day 32!
• Assignment 4 due by end of today
• Day 34 is dedicated time to work on Authentication and REST

Large Group Time (Instructor)

Lesson 19 Topics That Require Careful Attention

1. Review hashing and one-way encryption. Remind students that passwords are not stored, but the encrypted password is stored.
2. Discuss popular hashing algorithms and how to implement them
3. Cover salting as a practice - what is it and why it helps
4. Lots of information is delivered in the tutorial on adding authentication to coding-events, including some new Spring packages and advanced topics that we only introduce briefly. It is important to emphasize for students that it's ok to treat this topic as an introduction. We are not asking them to be security experts at this point, but this is all valuable information for professional applications and getting exposed to it early on is very useful for their careers
5. Emphasize the importance of the process, not necessarily knowing the exact syntax to get it done.

Small Group Time: Lesson 19 Studio (TA Notes)

1. The studio is focused on adding authentication to techjobs.
2. The book goes over adding authentication to coding-events. While the studio is meant to be an exercise in applying the same things to techjobs, caution against simply copy/pasting!