DEV Community: Bibek Dhami

User Authentication In Nodejs

Bibek Dhami — Thu, 05 Aug 2021 16:34:23 +0000

Login and managing authentication is one of the keys to every application for authentication and security. JsonWebToken allows verifying a user in a secure away.

Steps

Install Package
Register User
Login User and Generate JsonWebToken
Verifying Token

Step 1: Install-Package

npm install bcrypt
npm install jsonwebtoken

bcrypt will be used to hash the password oneway.
JSON Web Token will be used to create tokens and to verify the created token.

Step 2: Register User

module.exports.register = async(req,res)=>{
 let password = req.body.password;
let saltRandom = Math.floor(Math.random()*10)
let salt = bcrypt.genSaltSync(saltRandom)
bcrypt.hash(password,salt,function(err,hash){
if(err){
 res.json({message:"Error while hashing"})
}
let insertObject ={};
insertObject.name = req.body.name;
insertObject.email = req.body.email;
insertObject.salt = salt;
insertObject.password =hash;

knex("tbl_user").insert(insertObject).then((doc)=>{
 res.json({status:"success",message:"success"})
}).catch((err)=>{
 res.json({status:"erorr",message:"error"})
})
})
}

The random salt number is generated using math floor and salt is bcrypted and bcrypt.hash function is used to hash the password. Bcrypt hash the password in one way, hash value can`t be reversed to the original value but can be compared. To prevent from a rainbow table we are using random salt values to make it more difficult for hackers to get the hash value.

Step 4: Login User

Select the password hash and compare it with the password user field while login. And if the has value match general token using JSON web token. Additional Information can be sent in payLoad such as userId.

JsonWeb Token contains 3 parts:

=> Header

it contains an algorithm used to sign in the token and token type.

=>PayLoad

In the payLoad part of the token additional data can be added as needed for further use.

=>Signature

encoded header, encoded payload, encoded secret key given by user and algorithm is used to sign the token.

Using all three structures it generates a base64-URL string separated by dots.
This is what jwt token look like when decoded:

`
module.exports.login= async(req,res)=>{
let email = req.body.email;
let password = req.body.password;
await knex("tbl_user").select('*').where('email',email).then((doc)=>{
bcrypt.compare(password,doc[0].password).then((isMatch)=>{
if(!isMatch){
let err = new Error("Email Id or password does not exist");
err.status =404;
return next(err);
}else
{
let payLoad = {
userId:doc[0].userId,
email:doc[0].email
}
jwt.sign(payLoad,"hashNode",(err,jwtToken) => {
res.json({
status:"200",
token:jwtToken
})
})
}
})
}).catch((err)=>{
res.json({status:"error",message:"error"})
})

}
`

*Step 5: Verifying Token *

Spilt the to seprate Bearere form token. And verify token with JSON web token verify and with the secret key used to create token and if the token match the call the next();
`
let jwt = require('jsonwebtoken')

module.exports.verifyToken = async(req,res,next)=>{
if(req.headers.authorization == undefined){
res.json({status:401,message:"Unauthorized"})
}
const token =req.headers.authorization.split(" ")
jwt.verify(token[1],"hashNode",function(err,result){
if(!result){
let err = new Error("Token misMatch")
err.status =401;
return next(err)
}else{
req.userId = result.userId;
req.email = result.email;
next();

    }
})

}
` Create an API that only users whose token is verified can access. Include above middleware in routes. `
module.exports.viewDetails = async(req,res) => {
let userId = req.userId
await knex('tbl_user').select('*').where('userId',userId).then((doc)=>{
res.json({status:"success",message:doc})
}).catch((err)=>{
res.json({status:"err",message:"err"})

})

}

`
Routes

`
router.post('/registerUser',register)
router.post('/loginUser',login)

router.get('/detail',verifyToken,viewDetails)
`

SourceCode

File Upload With Multer

Bibek Dhami — Thu, 05 Aug 2021 06:41:26 +0000

Multer is a library for handling file upload with form/multipart-formdata.

Step

Installing Package
Multer fileUpload and file type validation
Initialize upload variable
Insert image path in database
Retrieve Uploaded Image

Installing Package

npm install multer
npm install path

require both install packages at top of your code file.

const multer = require('multer')
const path = require('path')

*2. Multer File Upload and file type validation *

let's create a function which will store image.
multer disk storage stores the file in the disk. multer will remove the file extension so that we can add the file extension with file.orginalname.

Date.now() to give a unique name for each file.

file.fieldname is a value that we specify in our form value.

Note: If file.orginalname is not specified multer will assign a random file value for each file without extension.

const storage = multer.diskStorage({
     Destination:"upload/profile",
     Filename(req,fiel,cb)=>{
     cb(null,file.fieldname+"-"+Date.now()+file.originalname)
}
})

Specify the directory in which you want to store your files. No need to manually create your directory manually multer will take care of that for you.

now let's add some file validation so that we can restrict users to only upload the filetype we defined.

const fileFilter =(req,file,callback)=>{
let ext = apth.extname(file.originalname)
if(ext !=='png' && ext !=='jpg' && ext !=='jpeg'){
return callback(new Error('Only png, ext and jpeg fileType are allowed))
}
Callback(null,true)
}

3. Initialize Upload variable

let upload = multer({
storage:storage,
fileFilter:fileFilter
})

For file upload

"module.exports.imageName = upload.single("image")"

4. Insert ImagePath in DataBase

Now let's insert Image Path and Image Name in the Database. We will use the above multer upload function as middleware for our function. Multer provides an API through which we can retrieve the details of the file we have uploaded. Some of them are;
file. filename will give us upload filename, mimetype will give us file extension.

module.exports.profilePic = async(req,res)=>{
    let  insertObject ={};
    console.log(req.file)    
     insertObject.imageName = req.file.filename;
    insertObject.type = req.file.mimetype;
    insertObject.path = req.file.path
    insertObject.personId = req.params.personId;
     console.log("this is inside function",insertObject)
    await knex("tbl_profile").insert(insertObject).then((doc)=>{
        res.json({status:"success",message:"success"});
    }).catch((err)=>{
        console.log("THis is err",err)
        res.json({status:"error",message:"error"})
    })
}

create a router for inserting an image and use the image name function as middleware

router.post("/profile/:personId",imageName,profilePic)

test image upload in postman

5. Reterive Image

As the image has been added now let's retrieve the image by person Id.
For that, we need to first select the image path for a given personId and then join it with a path to retrieve the image.

module.exports.pic = async(req,res)=>{
    const personId = req.params.personId;
    await knex("tbl_profile").select('path').where('personId',personId).then((doc)=>{
  let filePath = doc[0]
  let  imageUrl = filePath.path
  const dirname = path.resolve();
  const fileUrl = path.join(dirname,imageUrl);
        res.sendFile(fileUrl)
    }).catch((err)=>{
        console.log("This is an error",err)
        res.json({status:"error",message:"error reterving messsage"})
    })
}

router.get("/profile/:personId",pic)

*Preview Image Using Postman *

SourceCode

Unit testing in Nodejs Using Mocha

Bibek Dhami — Tue, 03 Aug 2021 17:41:47 +0000

To do unit testing in node we will be using mocha for running test cases and chai for BBD styles test cases.

STEP 1: Install Dependency

npm install mocha
npm install chai
npm install chai-http

STEP 2: Initialize test File

Getting Ready Test File
require chai, chai-http and require file which starts your server

add mocha test in scripts in package.json to run test cases

Step 3: Writing Test

As to be able to run only one test case at a time we can create an object with a unique key and assigning values true and false and we can use those object values to allow the test case to run only when the respective object key value to true by checking with if condition.Note if condition by default check for true no need to specify like this (test case.addObject == true). We can define our test content type with .set to form-url encoded or application/JSON as required. Here Application/JSON will be used
Creating Object with unique key and value. As our code to be tested is an async function we need to set the parameter of it block function to done so that when mocha sees that our it block has a test case

test for add person
As the function we are testing is an async function we need to specify done in our test case

Patch(Update) Person

for Get Person

We can group the test case in a single function to make it more organize and distinguish from other unrelated test cases like this:

add Favourite and get Favourite

Step 4: *Running Test
*
Now run the test case

npm test

SourceCode

Crud In NodeJs

Bibek Dhami — Tue, 03 Aug 2021 17:33:26 +0000

Mysql With Knexjs In Node

Introduction

In this section, we will learn how to set up and perform crud with knex.js in nodejs and I will be using
Postman to test routes.

Project Structure

STEP
1- Getting ready express framework

npm install express
npm install body-parser

Then create an app.js file
As we will be keeping our route in a separate directory import the directory with a file using the app. use(require("./routes/router")). In app.js file will only start the express server.

Now in the router.js file set body-parser-urlencoded({extended: true}) uses express.json() to parse the JSON data which we will be sending through postman.

Define all your routes here and import related functions in respective routes.

2- Installation

npm install knex

 npm install mysql

3-Initialize Knex

npm knex init

4- Creating Migration File

knex migrate: make tbl_person
knex migrate: make tbl_favourite

Define Schema in the migration file. Migration file requires two functions up and down. Up function is run when creating a table in the database whereas the down function is run when rolling back migration.

5-Writing knex Query

Insert Person

For inserting, I will be using the async arrow function. Store all the request body in an object along with the key that matches the field of the respective table and pass the object in knex query. Which knex will map it into raw SQL query under the hood.

Testing insert api with postman

*Patch Person *

For updating store the body data into object and params in a variable. To pass it into knex query as:

Testing Patch API

*Get Person *

For selecting person knex orm query is as:

testing get person API

Add Favourite

knex query for adding favourite

testing add Favourite API

*Left Join *

Left join select the matching data between the left table and right table and all the records from the left table.

testing left join route with the postman

.env Configuration used in project
Make the necessary needed change and to able to use .env file install

npm install dotenv

SourceCode

Bonus

Knex Cheatsheet

KnexQuery to raw query