Welcome to the end-to-end authentication course. As usual, let's take a look at the overview of the course and what we'll be building.

This course will focus more on the backend logic, so I have prepared a starter project which we'll build on. The starter project contains the necessary base markup as well as some basic setup. You can grab the starter project from GitHub.

Before we can perform any kind of authentication in AdonisJS, we need to first install and configure the auth module. In this lesson, we'll be doing just that.

With all the setup out of the way, let's add our first functionality, which is user registration.

One way of making sure your application is been used by actual users is to ensure users verify their email addresses. You can decide to restrict access to only certain features pending upon email verification or restrict total access until email verification. In this lesson, we are going to implement email verification.

In the last lesson, we saw how to send email verification links to users upon creating an account. Now, let's add the implementation for users to actually verifying their email addresses.

There are times for whatsoever reasons users don't get sent the verification emails or maybe the one they were sent got expired. In this lesson, we allow users the ability to request verification emails to be resent.

Let's move on to allow users to log in to their account. As I mentioned a couple of lessons ago, we can decide to restrict access to only certain features pending upon email verification or restrict total access until email verification. In this lesson, we'll be covering the first scenario.

What you'll learn

• Log in using the attempt method
• Display authenticated user data in a view
• Check whether a user is logged in or not in a view

Now, let's cover the other scenario where we'll restrict logging in to only users that have verified their email addresses.

What you'll learn

• Log in using the login method
• Manually verify hashed password
• Two ways to handle checking whether user's email address has been verified

Making users log in every single time they visit our application might not be the best in terms of user experience. What if users could indicate they want to be remembered for subsequent visits at the point of logging in? In this lesson, we'll cover how to do just that.

What you'll learn

• How to remember users for subsequent visits
• How the remember me functionality works
• Implementing remember me with both the attempt and login methods

It's not uncommon for users to forget their passwords and in this section, we'll be looking at how to implement the functionality for users to reset their passwords in case they do. In this lesson, we'll be covering requesting a password reset.

In the last lesson, we looked at how to request a password reset. In this lesson, we'll be looking at how to actually reset the password.

We have a user dashboard that should be accessible to only authenticated users, but as it stands, anyone can kinda access it. In this lesson, we'll be adding a way to enforce that the dashboard is indeed accessible to only authenticated users.

What you'll learn

• Restrict routes access using a middleware

Similar to making some routes accessible to only authenticated users, we can also flip it by making certain routes accessible to only unauthenticated users.

What you'll learn

• How to create a custom middleware

When redirected to login, it will be a great UX for users to be redirected to their intended URL upon login. In this lesson, we'll looking at how to implement this using the session.

In the last lesson, we looked at how to implement redirecting to the intended URL using the session. In this lesson, we look at how to implement the same functionality using a query string.

To complete our end-to-end authentication system, let's add the ability for users to be able to logout from their accounts.

What you'll learn

• How to log users out of their accounts