Authentication is implemented using JWT (JSON Web Tokens).
Upon login/register, a secure token is generated and stored on the frontend.
Protected routes require the token for access.
User roles (admin, instructor, student) determine access rights.
Security Considerations:
Passwords hashed using bcrypt
Token expiration handling
Input validation and sanitization
Last updated 8 months ago