One of LoopBack’s core features is the ability to lock down access to your APIs and define exactly who can do what with your data. LoopBack provides multiple tools to make this easy, but it’s helpful to see a real (although simple) application demonstrating the complete process of securing your APIs.
In this post I’ll demonstrate how to:
* Add support for users to your application.
* Add user registration and login/logout.
* Create rules for your API that follow common patterns, for example, only a logged in user can create content and only the owner of content can modify it.