In previous chapters, we mocked up users so that we could test various functions, but obviously this isn't how we want our application to work going forward. We want only authorized users to be able to add and edit their lists and share them with others. Our application is currently not very secure.

Authentication is a basic functionality of almost every web application. We have a great option for managing users signing up, logging in, and accessing privileged routes. We will install Passport authentication middleware for Node.js, configure it for local authentication, and set up session management. We will secure our dashboard route so that only authenticated users see their own dashboard.

In this ...