User Authentication
-> set cookies on the browser and get User ID with cookies.
cookies
-> are things that we can save on the browser.
-> All the requests sending to browsers are in cookies.(login,go home, join, etc.)
1.Passport
-> create a cookie on broswer and recieve the cookie.
-> everytime it gets cookies, passport will give you user with them.
-> it remebers which user has which cookie.
2.passport-local Mongoose
-> adds user fuctionality to our user model.
-> change, verify, create and encrypt password.
-> it's a module.
3.passport-local
-> means local authentication, which means User and password..(?)
strategy here means ways of log-in.
serialize: what information are we going to give to the cookie.
serialization: which fields are gonna be included in the cookie.
! dont put sensitive information there !
deserialize: how do you find which user is he?
(conver info cookie has to user info)
------> all in the code below, thanks to passport-local-mongoose
passport.serializeUser(User.serializeUser());
//only pass id to cookie
passport.deserializeUser(User.deserializeUser());