Adding Authorization Checks

Currently, anyone can add an article, see the login, logout, register and the article creation page. In a real application, we'd want to ensure that only authenticated users are allowed to log out and create an article, while only unauthenticated users are allowed to register and log in.

In this section, we'll add authorization to our application to achieve this. Note that while we will be using the authentication status to implement authorization, we can choose to use a complex roles and permissions structure too.