The latest articles on DEV Community by Sowmo0509 (@sowmo0509). https://dev.to/sowmo0509 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F623793%2F58254b89-4294-4046-b11a-80d1aaf1a74d.jpeg https://dev.to/sowmo0509 en Sowmo0509 Wed, 02 Nov 2022 12:43:53 +0000 https://dev.to/sowmo0509/setting-up-a-cookie-from-nextjs-back-end-16kl https://dev.to/sowmo0509/setting-up-a-cookie-from-nextjs-back-end-16kl <p>Hello there, good people! I was literally stuck for a couple of hours on this issue and as a beginner, I am pretty sure most of us will be facing or already faced these kind of cookie setting troubles in NEXT.JS server-side.</p> <p>To set a cookie, you just need one package, <code>cookie</code>. And remember, <u>serious cookies should be sent from the server</u>. In Express servers, it is pretty easy; just <code>res.cookie()</code> and you are ready to go. But, in NEXT.JS, you can not just use <code>res.cookie()</code> directly as far I am concerned. So, here's a solution instead:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>import cookie from "cookie"; // token = your JWT signed token res.setHeader("Set-Cookie", cookie.serialize("token", token, COOKIE_OPTIONS)); </code></pre> </div> <ol> <li>"token" : the name of the token.</li> <li>token : jwt signed token, STRING, which will be stored inside the token.</li> <li>COOKIE_OPTIONS : this is my current cookie option: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>const COOKIE_OPTIONS = { httpOnly: true, secure: process.env.NODE_END !== "development", sameSite: "strict", maxAge: 3600, path: "/", }; </code></pre> </div> <p>This is how I stored my cookies.</p> <p>To remove this cookie:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>const COOKIE_OPTIONS = { httpOnly: true, secure: process.env.NODE_END !== "development", sameSite: "strict", maxAge: 0, //make sure this is 0 path: "/", }; res.setHeader("Set-Cookie", cookie.serialize("token", "", COOKIE_OPTIONS)); </code></pre> </div> <p>This is how the whole login and logout cookie process works. Thanks! Hope this will help someone like me! </p> webdev nextjs javascript beginners Sowmo0509 Sat, 01 May 2021 08:47:46 +0000 https://dev.to/sowmo0509/firebase-api-key-security-issue-for-custom-sign-up-login-37pb https://dev.to/sowmo0509/firebase-api-key-security-issue-for-custom-sign-up-login-37pb <p>Hello! Hope you're having a good day.</p> <p>I was working on a project where I am making a user input form with HTML, JavaScript but when I inspect using Google Chrome, the front-end codes are showing up. All of my firebase Realtime Database API, Key, everything is there, visible.</p> <p>I was wondering, if I make a login/sign up page using firebase and JavaScript, someone will be able to steal this database API and create their own HTML form, submit information and then they come back to my site and directly login with what they have, right?</p> <p>Is there possibly any way (without React.js .env method) to prevent users from stealing my firebase API codes? </p> firebase javascript html security