Authentication and autherization class 1

 we can authorize and authenticate user using both the methods 
cookies
JWT

both things are sent from server to the client to know user more correctly and understand user more correctly 

like we often see in the e-commerce website that whenever add some products in add to cart button 
then after restarting browser we can able to see the added cart items 
internally this things happen because of cookies only


class 2 
we can fetch or send also token from 
body
cookie
header  --> it is most secured way to send the token
its not necessary all 3 have the token 
but from where you wanted to send you can send the token and access that


we can user middleware as for the authentication and authorization  
like isAdmin, isStudent aur auth we can  do definitely so that's where middleware is used till this date in my knowledge 

how we achieve authentication and autherization

we send jwt token of user once user is sign up into the account we (as a server ) get to know that yes this user is that one simply recognization of user we can do with using this 
if token matched they can login or else we can check password
one more thing every time users sends the request to the server 
server everytime forgot to whom server was to talking so cringe !!
but it's true !! by the token only server get to know about the user's information so that's where middle where is user most


what's thought of chatgpt on middleware 

Middleware is used in the backend to handle requests and responses between the client and the server. It's essentially a function or a set of functions that can process incoming requests, handle authentication, logging, error handling, data validation, or modify outgoing responses before they reach the client.

Here are some common use cases for middleware in backend development:

  1. Authentication and Authorization: Middleware can verify if a user is logged in or has the necessary permissions to access certain routes.

  2. Logging: Middleware can log details of the requests, such as the method, URL, status code, and response time, for debugging and monitoring purposes.

  3. Data Validation and Parsing: Middleware can validate incoming data (e.g., JSON, form data) or parse incoming requests like JSON bodies, form data, etc.

  4. Error Handling: Middleware can catch errors from route handlers and return custom error messages or error codes.

  5. Request Transformation: Middleware can modify the request object before it reaches the route handler (e.g., adding custom headers, transforming input data).

  6. Session Handling and Cookies: Middleware can manage user sessions, including reading, writing, and validating session cookies.

In frameworks like Express.js (for Node.js), you can define middleware using the app.use() method, where the middleware function gets access to the request, response, and next function.




as name suggest middleware is kind of middle man 
who is in between request and handler/controller 
middleware says first run this then go to handler
if more than one middleware then by next() function it (controller) goes to next middleware



same same middleware parser && cookie-parser 
it's same like for parsing data in json we user middleware parser same for parsing cookie we use cookie-parser


Simplifies Data Handling: Without express.json(), the request body would come in as a raw stream of data, and you'd have to manually parse it using other methods. This middleware makes it seamless and easy to handle JSON payloads.

Comments

Post a Comment

Popular posts from this blog

Edtech backend class 4

 whenever their is concept related to data we have to manage that like in our project called studynotion we required to show the UI based on the different types of user  different UI for the Instructor and different for the Student. from where we get information about the user that is --> backend. we have to manage the state so for that we uses state management library called -- > REDUX. steps  1. install the particular package (redux toolkit) 2. create the store  3. wrapped into provider  :- wrapp app component into the provider as all the state will be treated as global variable,  we have to pass store into the provider 4. create slices 5. add into reducers what we do in reducers folder :- take all the slices and combine them if token === null then show login and signup button if token !== null then show add to cart like features frontend -> button -> services -> controller Optional parameter in function --> Order matters a lot 
Read more

BD Class 4 Data Association

 Data Association: -  It is the linkage or co-ordination between two data how they are related to each other and how one data affects other how data is linked to one or other form how we can manage that In blog application we can have 3 schema 1. post 2.like 3.comment this 3 schema can have different values in that  1. post --> title,body,like,comment title and body is independent but like and comment  is referencing to their object/Schema  we can have array of likes and comments so that we can get to know that how many likes one particular post contains similarly with comment 2. like -- > post [array] , user [array] 3. comment --> post[array], user[array]
Read more