DEV Community

John Khay 💯
John Khay 💯

Posted on

Overcoming Backend Challenges: My Journey and Aspirations with HNG Internship

Introduction

Hello, I'm Kingsley, and I'm embarking on an exciting journey with the HNG Internship. As a budding backend developer, I recently encountered a particularly challenging problem that tested my skills and perseverance. In this blog post, I will walk you through the problem I faced, how I tackled it, and why I'm thrilled to be a part of the HNG Internship.

The Problem

The problem emerged while working on a user authentication system for a web application. The application needed to securely register users, handle login requests, and manage sessions. The complexity was compounded by the requirement to integrate social media login options and ensure all data transfers were encrypted.

Step-by-Step Solution

  1. Understanding the Requirements:
    I started by outlining the key requirements:

    • Secure user registration and login.
    • Session management.
    • Social media login integration.
    • Data encryption.
  2. Choosing the Right Tools:
    Based on the requirements, I chose:

    • Node.js and Express.js for the backend framework.
    • Passport.js for authentication and social media login integration.
    • bcrypt for password hashing.
    • JWT (JSON Web Tokens) for session management.
    • HTTPS for secure data transfer.
  3. Setting Up the Project:
    I initialized a new Node.js project and installed the necessary dependencies:

   npm init -y
   npm install express passport bcrypt jsonwebtoken dotenv
Enter fullscreen mode Exit fullscreen mode
  1. Implementing User Registration: I created an endpoint for user registration that hashes the password using bcrypt before storing it in the database:
   const bcrypt = require('bcrypt');
   const saltRounds = 10;

   app.post('/register', async (req, res) => {
       const { username, password } = req.body;
       try {
           const hashedPassword = await bcrypt.hash(password, saltRounds);
           // Store user with hashed password in the database
           res.status(201).send('User registered successfully');
       } catch (error) {
           res.status(500).send('Error registering user');
       }
   });
Enter fullscreen mode Exit fullscreen mode
  1. Implementing Login and JWT Authentication: I set up the login endpoint to validate the user and issue a JWT for session management:
   const jwt = require('jsonwebtoken');
   const secretKey = 'your_secret_key';

   app.post('/login', async (req, res) => {
       const { username, password } = req.body;
       // Retrieve user from the database
       const user = {}; // assume this is the retrieved user
       const match = await bcrypt.compare(password, user.hashedPassword);
       if (match) {
           const token = jwt.sign({ username }, secretKey, { expiresIn: '1h' });
           res.json({ token });
       } else {
           res.status(401).send('Invalid credentials');
       }
   });
Enter fullscreen mode Exit fullscreen mode
  1. Integrating Social Media Login: I used Passport.js to integrate social media login options like Google and Facebook:
   const passport = require('passport');
   const GoogleStrategy = require('passport-google-oauth20').Strategy;

   passport.use(new GoogleStrategy({
       clientID: 'your_client_id',
       clientSecret: 'your_client_secret',
       callbackURL: '/auth/google/callback'
   }, (token, tokenSecret, profile, done) => {
       // Find or create user in the database
       done(null, profile);
   }));

   app.get('/auth/google', passport.authenticate('google', { scope: ['profile'] }));
   app.get('/auth/google/callback', passport.authenticate('google', { failureRedirect: '/' }), (req, res) => {
       res.redirect('/');
   });
Enter fullscreen mode Exit fullscreen mode
  1. Ensuring Secure Data Transfer: Finally, I set up HTTPS to encrypt data transfer:
   const https = require('https');
   const fs = require('fs');

   const options = {
       key: fs.readFileSync('key.pem'),
       cert: fs.readFileSync('cert.pem')
   };

   https.createServer(options, app).listen(port, () => {
       console.log(`Secure server running at https://localhost:${port}`);
   });
Enter fullscreen mode Exit fullscreen mode

Why HNG Internship?

I am excited to be a part of the HNG Internship because it provides a unique opportunity to learn from industry experts, collaborate with fellow developers, and work on real-world projects. The internship offers a structured program that helps me improve my skills and gain valuable experience in backend development.

Conclusion

Solving this backend challenge was a significant milestone in my development journey. It reinforced the importance of understanding requirements, choosing the right tools, and implementing secure practices. As I continue to learn and grow with the HNG Internship, I look forward to tackling more complex problems and contributing to innovative projects.

Learn more about the HNG Internship and its benefits here and here. If you're interested in hiring talented developers from the program, check out this link.

AWS Security LIVE!

Tune in for AWS Security LIVE!

Join AWS Security LIVE! for expert insights and actionable tips to protect your organization and keep security teams prepared.

Learn More

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

👋 Kindness is contagious

Discover a treasure trove of wisdom within this insightful piece, highly respected in the nurturing DEV Community enviroment. Developers, whether novice or expert, are encouraged to participate and add to our shared knowledge basin.

A simple "thank you" can illuminate someone's day. Express your appreciation in the comments section!

On DEV, sharing ideas smoothens our journey and strengthens our community ties. Learn something useful? Offering a quick thanks to the author is deeply appreciated.

Okay