# Authentication and authorization

We need to restrict access to sensitive parts of our site so only authorized users (admins) can make changes to sensitive data. We need a login system to authenticate and to authorize users.

Authentication means verifying that the user is who he/she says he/she is. Authorization means determining which parts of the application the user is allowed access.

In a commercial company, only a limited number of people are supposed to access sensitive data such as employee records.

To achieve this, we need a login system to authenticate and authorize users.

Click on the Login link on the menu to show the login form and fill out with an existing data.

<figure><img src="https://3936448450-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FjGPCKHCWMHsDLNzX2hV8%2Fuploads%2FgKjSBuVIVO5kzrdxWrJz%2Fimage35.png?alt=media&#x26;token=85df00f2-0d06-46dd-a70e-f339fb636075" alt=""><figcaption></figcaption></figure>

Of course, when you click the **Login** button, you get an error:

<figure><img src="https://3936448450-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FjGPCKHCWMHsDLNzX2hV8%2Fuploads%2FsnE9eczA3atjtRFHFVYV%2Fimage37.png?alt=media&#x26;token=555cb58d-e278-4cb4-8d88-9ea828b33d2f" alt=""><figcaption></figcaption></figure>

Let us fix that. Let us do the authentication part of the login system.<br>