- Create an application that requires users to authenticate with usernames and passwords.
- Retrieve data from cookies to allow users to access data from previous sessions.
- Authorize users to access different sets of resources based on their attributes.
- Establish database rules through SQLAlchemy to encrypt passwords and protect users' private information.
- Identity and Access Management (IAM): a subfield of software engineering that focuses on users, their attributes, their login information, and the resources that they are allowed to access.
- Authentication: proving one's identity to an application in order to access protected information; logging in.
- Authorization: allowing or disallowing access to resources based on a user's attributes.
- Session: the time between a user logging in and logging out of a web application.
- Cookie: data from a web application that is stored by the browser. The application can retrieve this data during subsequent sessions.
In this module, you covered many of the basic concepts in identity and access management:
- Using cookies and sessions to remember users.
- Authentication using Flask's
sessionobject. - Differentiating authentication and authorization.
- Authorizing users to access resources based on their session attributes.
- Adding passwords to authentication.
- Encrypting passwords with
Bcryptfor added security. - ...and doing it all in the same time in our "Putting it All Together" Lab!
IAM is a field generally populated by specialists who spend every working hour on authentication, authorization, encryption, and more. It is also a field where pre-made products, like those by ForgeRock or Azure Active Directory. Your new set of knowledge will help you to understand what's going on behind the scenes in either.
That being said, IAM is also a rapidly evolving field, with new major players joining the scene every few months. If you enjoyed this module and feel like digging into some tough problems, you can continue researching the field and building IAM solutions of your own.