Add authentication and authorization to the Employee API — from basic API key protection to JWT-based auth.
| File | Description |
|---|---|
| basic-security.md | API key auth, input validation, rate limiting basics |
| jwt-security.md | JWT authentication — login, token generation, protected routes |
- Understand common API security vulnerabilities
- Implement API key and JWT authentication
- Protect routes with middleware
- Store secrets safely (environment variables, not hardcoded)