how can i implement JWT token in my website? [closed] - node.js

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 10 months ago.
Improve this question
I implemented JWT Token Authentication in React framework, It gets me token but the problem I am getting is I am not able to authenticate it on the pages which need authentication.
I tried "Authorization: Bearer " after that authenticated url,
I tried "Authorization : JWT Token token"

Yo can do something like this :
const response = await axios.get('http://example.com',{ headers: {Authorization: `Bearer ${token}`}});

Related

How can I call the chatgpt api in Google Chrome Extension? [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 days ago.
Improve this question
I want to make a chrome extension that can call chatgpt api.
But I haven't seen openai open the api.
I see that the corresponding chrome extension implements such technology, such as this blog
https://www.extspy.com/blog/List-of-10-Best-Chatgpt-Chrome-Extensions-for-2023
Can anyone tell me how to do it?
Use the fetch API to send a request to the OpenAI API.
You will need to signup for an API key with OpenAI first:
https://openai.com/api/
To send a question to GPT you would make the following Fetch API call.
const response = await fetch('https://api.openai.com/v1/completions', {
method: 'POST',
headers: {
'Content-Type: application/json',
'Authorization: Bearer YOUR_API_KEY'
},
body: {
model: 'text-davinci-003',
prompt: 'How do I make an API call to OpenAI inside a Chrome Extension?',
max_tokens: 2000
}
})
console.log(response.data.choices[0].text)
Ref: https://platform.openai.com/docs/api-reference/completions

Protect routes using authorization header in Node Js [closed]

Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 4 days ago.
Improve this question
Here it is logging undefined
here i used the middleware protect
exports.protect=catchAsync(async(req,res,next)=>{
//get token and check if it exists
let token;
if(
req.headers.authorization &&
req.headers.authorization.startsWith('Bearer')
){
token=req.headers["authorization"];
}
console.log(token);
if(!token){
return next(new AppError('You are not logged in!',401));
}
});
this is my middleware function
i dont know why i can not get req.headers in the log even i have mentioned it in the postman
Postman authorization header
I was expecting the token in the log

How to create custom endpoints on the fly with nodejs [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 1 year ago.
Improve this question
I have a website and when I click on a button I want to generate a custom link for the user, a link that it will be a endpoint to my nodejs server. My question is: how can this be accomplished ? I think I need to make a basic endpoint in my server that will be called when I press that button in my website and then, based on a custom property in the request's body, it will generate another endpoint, a custom endpoint for that user. How can I do this ? Any help or documentation would be appreciated.
Usually, this would be done with a parameter added to a fixed part of the URL. You then define a route for the fixed part of the URL and the code for that route then examines the parameter and acts accordingly. This way, you're dynamically generating parameters, but all the new parameters all go through the same route definition and the same code.
You can either use a dynamic portion of the URL path or a query parameter. Here is an example of each:
// dynamic path segment
// example url /dyn/dieutaoc
app.get("/dyn/:id", (req, res) => {
// use req.params.id to access the dynamic part of this path
});
// dynamic query parameter
// example url /dyn?id=dieutaoc
app.get("/dyn", (req, res) => {
// use req.query.id to access the dynamic part of this path
});

How is req.isAuthenticated() in Passport JS implemented? [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
In passportJS Documentation, I think passport isAuthenticated function not documented well.
How is req.isAuthenticated() in PassportJS implemented?
For any request you can check if a user is authenticated or not using this method.
app.get('/some_path',checkAuthentication,function(req,res){
//do something only if user is authenticated
});
function checkAuthentication(req,res,next){
if(req.isAuthenticated()){
//req.isAuthenticated() will return true if user is logged in
next();
} else{
res.redirect("/login");
}
}

Best practice for validating API input in Node.js? [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 6 years ago.
Improve this question
I am developing a mobile app, with the backend in Node.js. Users will interact with the platform almost exclusively through the mobile app. As part of the backend, I am exposing multiple APIs to be utilized by the mobile app -- for example: an API to create an account, send a message, post a picture, etc.
What is best practice to validate the API input?
My thought is to create a module for each API, whose purpose is to extract, sanitize, and validate the relevant attributes from the http-request. For example, the "create an account" API will have an associated AccountCreationRequest module with a validate method in which all account-creation-specific validations will be defined. Each specific validation can then be performed by libraries such as express validator and validator.
exports.AccountCreationRequest = {
init: function(request) {
... extract attributes ...
},
sanitizeAndValidate: function() {
... use express-validator/validator on
attributes such as username, email, etc ...
},
isValid: function() {
... return result of validation ...
}
};
Then, when the backend API receives a request,
var accountCreationRequest = AccountCreationRequest.init(httpRequest);
accountCreationRequest.sanitizeAndValidate();
if (accountCreationRequest.isValid()) {
... store in database and notify client of success ...
} else {
... notify client of failure ...
}
My concern is that N APIs will require N request-validation-modules. However, since each API is unique, I don't think there is much opportunity for code reuse.
If you use express, you can do something like
app.use('/private', function(req, res, next) {
if (/*some condition to check for authentication*/) {
next();
} else { //unauthorized
res.status(401).send('not authorized, please authenticate');
}
});
that will filter everything under the /private path through your authentication condition. You can also use wildcards in the path if you prefer.

Resources