Input validation is a must while submitting user data to a database. In a recent article, you saw how to use Joi to perform data validations instead of writing custom validation functions or if-else statements, which can be time-consuming.
Most of the input fields require only a few validations (such as mandatory, minimum three and maximum twenty characters, etcetera). But, some input fields require more considerations. One such example is the password field.
Users always try to use the most common passwords or something simple like
user123. As an application developer, you can introduce password complexity rules. …
Almost every application uses a user authentication system, and passwords are the primary means for online authentication. But what is the best way to store a user’s password?
The first and most naive approach is that you take whatever password the user puts in the registration form and store that password as it is in your database. In case of a database breach, all the passwords will be comfortably attainable because they are in a human-readable form.
Number two and a more secure approach is encryption. While this method is far better than plain text, it is not the best…
Input validation is also known as data validation. It is a method to ensure that data submitted by a user matches the system requirements. As a security best practice, you should never trust what a user is sending and always validate all input.
Always verify that user input is both syntactically and semantically valid. Meaning, user data is in a proper format and within an acceptable range. You can use input validation methods (client-side validation & server-side validation) to perform these.
Client-side validation provides a better user experience and acts as an initial check. A request is never sent to…
To understand the concept of express middleware thoroughly, it is essential that you first understand the request-response cycle. The request-response cycle traces how a request flows through the app.
The user types a URL into a browser and hits enter. The browser issues a request to the server. When the express app receives this request, it creates a request object and a response object and sends back a meaningful response, and the request-response cycle terminates.
Express uses middleware(s) to generate these meaningful responses. Middleware is a function, and since it executes between a request and response, it is called a…
The HTTP protocol has a collection of request methods that a client can use to communicate with a server. The main four are:
app has different methods for all HTTP request methods. Let’s see them all in action. Create a new project and initialize the project with
npm init. Create a file named index.js and install express. Your project structure should look like this:
Paste the code below…
In a node application, developers use various packages. Some of these packages are vital for applications to function and are known as application packages. While other packages installed might help speed up the development process and are known as development packages. To separate these two, development packages information is appended under dev-dependencies instead of dependencies.
Note: All packages, applications or development gets stored inside the node_modules folder.
As you saw in the previous article, after making changes to a node app, you have to stop the app by pressing
control + c and re-run the app to see changes. In…
Every time you install a package using npm in your project, the package name, and its version get appended under dependencies into the package.json file. Let’s have a closer look at the dependencies section.
In the example above, you can see that we have a format that is like
package-name: "rule-symbol version-number". You are already familiar with the first part of this format, but what are the other two?
When someone publishes a package or updates an already existing package they provide a version number that follows semantic versioning spec.
Semantic versioning is also known as SemVer. It is a…
As mentioned in an earlier article, route handling in Node.js works fine but is not very maintainable. Express gives your application a proper structure. You can add more routes while keeping the application code clean. Let’s see this in action.
Your project structure should look like this: node_modules folder, index.js file, and package.json file.
Paste the code below into the index.js file and read further to understand what’s happening in these few lines.
The first line is loading the express module…
Using NPM, you can easily install modules/packages. But before you start adding any Node packages to your application, you need to create a file called package.json. If you already know about this file. Feel free to skip the section below.
It is a manifest file with metadata about the project like project name, author(s), dependencies (modules that a project requires i.e. express). To create this file, navigate to your project folder and run the following command:
This article will cover how to serve specific content on various endpoints.
Routing refers to how an application’s endpoints respond to a client’s requests. So, let’s expand the previous example and serve a home page, an about page and a contact page when a user navigates to different endpoints. It can be done by either of the below mentioned two approaches :
Now, navigate to the project folder using terminal and run the file with command:
Open up your browser and go to the following URL’s