In this lesson, we'll query all of our organization's access tokens and filter out any tokens that are expired. Then, we'll list the organization's tokens showing it's name, abilities, when it was created, and when it was last used.

In this lesson, we'll take a step back to understand the differences between the tokens we're using, which are Opaque Access Tokens (OAT), and JSON Web Tokens (JWT). We'll discuss security, scalability, and what makes up each token.

In this lesson, we'll add a route to the settings portion of our application allowing the user to create an opaque access token (OAT), with the desired permissions, for the active organization.

In this lesson, we'll get opaque access tokens configured within our AdonisJS application on top of the already configured session/web authentication. This will include configuring the guard and setting up the db access token provider.

In this lesson, we'll restrict our routes to their applicable authentication guard. Ensuring our web routes can properly authorize using their role-based authorization and our API can properly authorize using our access token abilities.

In this lesson, we'll finish up our preparation work by creating a data transfer object (DTO) for our access tokens. Then, we'll define what our token abilities will be within our application's API.

In this lesson, we'll finish our authentication rate limiting flow by clearing out any rate limits counting against the user when they reset their password.

In this lesson, we'll add AdonisJS' Rate Limiter to our web login action to restrict the number of times a user can attempt to login to our application with invalid credentials.

In this lesson, we'll learn how we can use AdonisJS Ally to add social authentication to our applications. We'll use Google for our demonstration, but this same process also applies to GitHub, Facebook, Discord, LinkedIn, Twitter, & more

In this lesson, we'll walk through setting up the complete forgot password flow including, creating a password reset token with time-expiry, sending an email notification with a password reset link, verifying the token, and resetting the users password.

In this lesson, we'll enable the remember me feature on our auth login flow and add the remember me tokens table to our database.

In this lesson, we'll create our onboarding flow for newly registered users. Before users can enter the application, they'll need to have at least one organization set up so everything works smoothly.

In this lesson, we'll add the ability to login to our application. We'll then discuss the differences between errors and errorsBag and how we can display long-lived exception messages as an alternative to our toast manager.

In this lesson, we'll complete our user registration flow by validating our registration form data, creating a new user, logging that user in, and forwarding them to the next page in the flow.

In this lesson, we'll hook up our logout user menu button to a POST route to logout an authenticated user.

Learn how to create and manage user profiles in your application. This tutorial covers adding an edit profile button, setting up routes and controllers, ensuring profile creation during registration, handling existing users without profiles, and verifying

In this lesson, we'll cover how to implement access token authentication, using opaque tokens, in AdonisJS 6. We'll also take a look at what this would look like on the frontend via a Vue 3 app using Pinia

In this lesson, we'll learn how we can login an existing user using just their email and password. We'll discuss how the AuthFinder mixin protects us from timing attacks, and how we can use it to verify the accuracy of a user's password.

In this lesson, we'll learn how we can use AdonisJS' Remember Me Tokens feature to allow a user to specify they'd like their authentication state to be remembered for a long time across sessions.

In this lesson, we'll learn how to logout an authenticated user using a POST request with CSRF protection.