Learn about Authentication, Authorization, and OAuth2 with Node Express and Angular through creating multiple types of Auth servers and clients. Learn how to allow users to authenticate with Facebook, Google, Twitter, and any other third-party Auth Provider, using OpenID and OAuth. Our main focus will be on using the latest JSON Web Token.

JWT

• What is JSON Web Token?
• When should you use JSON Web Tokens?
• What is the JSON Web Token structure?
• How do JSON Web Tokens work via Bearer shema?

Introduction to JSON Web Tokens on https://jwt.io/introduction/

Rump-up the client app

• Rapid development with Yeoman https://github.com/stukh/generator-angular-webpack-es6#readme for AngularJS + Webpack with ES6 and SASS.
• Using bootstrap theme via https://bootswatch.com/ with [https://www.npmjs.com/package/bootswatch] (bootswatch npm package)
• Fast component structure and styles using http://bootsnipp.com/
• Using Angular 1.5 Component Router functionality
• Using 3th party directive router-active for active route state

Register Front-End Controllers and Services

• Validation using custom validation in $validators with <validate-equal> directive.
• Error notification using ngMassages
• Notification using ngToast

REST API with JWT

• Rump up and configure REST API via Node.js and express, MongoDB and [mongoose] (http://mongoosejs.com/index.html)
• Crypt user password before save in DB with bcryptjs
• Create payload for JWT token using jsonwebtoken
• Using restangular for http transactions
• Store token for isAuthenticated state using localStorage

REST API with JWT pt.2

• Using component life cycle $doCheck instead of $scope.$watch to observe changes in a service
• Add view animation using ngAnimate
• Add interceptor request Auhtorization header using Restangular's [addFullRequestInterceptor](https://github .com/mgonto/restangular#setfullrequestinterceptor)
• Authorize resource
• Verify token using jwt.verify()

Login flow

• Verify user manually and with passportjs using local strategies

Google Auth provider

• Manually authenticated using google-console via google flow with oath2
• Get user profile using Google+ Platform
• Using request-promise for HTTP transactions
• Refactor code using express's middlewares
• Creating iframe document to get access token from google api. Using [postMessage](https://developer.mozilla .org/en-US/docs/Web/API/Window/postMessage)

Angular Auth with Satelizer

• Using satellizer for Facebook authentication and replace existing Google auth flow
• Facebook auth flow using official docs
• Use momentjs to create exp field for jwt token
• Using qs for parsing query params