Authentication is the process of verifying that a user can access a system. This is typically done using a username and a password, although other schemes exist. During the authentication process, information about the user (including their details and permissions) is stored and made available for later use.
An authentication is valid until the user signs out of the system or their session expires. At this point, the user must reauthenticate to access the system.
A user's authorisations can allow or restrict access to pages and/or actions within your application. These can be determined by roles or other credentials assigned to the user.