본문 바로가기

전체 글

(68)
Permission check on user's actions [Express, Node] There are some actions need permisstion or Authentication. Like Deleting, Updating, Getting information, adminning user. etc. How we check permission or authentication? We can make middleware doing permission checking. and put it in Router. const { protect, authroize } = require('../middleware/auth'); router.use(protect); // Here router.use(authroize('admin')); // Here router .route('/') .get(ge..
When we forgot password/ using registered email. [Express, Node] We change password by using the registered email. when we dont know password. Let's take a look at how this process works. //api/routes/auth.js router.post('/forgotpasswrod', forgotPassword); [ 1 ] router.put('/resetpassword/:resettoken', resetPassword); [ 2 ] [ 1 ] forgotPassword() method When we got request POST 'api/v1/forgotpassword', call forgotPassword() method forgotPassword() method do t..
Query mongoose We got query conditions at once. so we should divide process of querying. Find resource(query) -> Select -> Sort -> pagination Below code is advanced query I learned in my udemy course. I need to understand this line by line. so dive in to this code. const advancedResults = (model, populate) => async (req, res, next) => { let query; // Copy req.query const reqQuery = { ...req.query }; // Fields ..
So what do I do with Token? When I use token? Usually when users login. If user logins with collect data and process, Server sends Token. Token is contained in response object. Before send Token, we need to issue token. How we issue JWT? Easy. Use 'jwt.sign() method' jwt.sign(payload, secret, option, [callback]) payload: datas token will contains secret: secret key will be used for hashing algorithm options: token options ..
TOKEN authentication Token is stateless server ! Statefull means server maintains client's state. so whenever client request someting, the server checks state(state is saved in session). statefull save authentication data in memory. Stateless means any state are not saved in server. only check inputs from the client. dont save anythings about authentication in memory. JWT can be send by HTTP header or URL parameter...
What should I do with Errors? express.js What should I do with errors? When we make a server API, there gonna be error everywhere. For these errors, what should I do? Just don't let the server be shut downed. this is all we need. How? Catch errors and Response with that. 1. We can response to error types that are already exist in JS or js frameworks. InternalError : Creaet an instance representing an error that occurs when an internal ..
Error Handling using Promise. I met some code. const asyncHandler = fn => (req, res, next) => Promise .resolve(fn(req, res, next)) .catch(next); My express lecture uses this asyncHandler for all of the controller methods. the reason using this 'asyncHandler' is to make code look neat when we do catching errors. My question 1) I wondered how this catch errors?? 2) why there's two arrow? 3) why it uses promise?? 1) Starting wi..
How does HTTP request looks like 'HTTP Request' GET / HTTP/1.1 Host: erbosoft .com Connection: keep-alive Another-Headers {"aaaUser":{"attributes":{"name":"admin","pwd":"**********"}}} First line: Request Method, URL, Protocol version - The request method - The request target, indicating what is to be operated on. - The protocol name and version, in this case, "HTTP/1.1" From Second line to blank line: Request Header - The HOST..