Develop Reference

Why my app node.js work from my side online, but not for everyone?

I deployed an react app on my website. I use node.js API with static folder to render the index.html file like this:
//React Endpoint
const root = require("path").join(__dirname, "../../pages/P7-GROUPOMANIA/frontend/build/");
app.use(express.static(root));
app.use("*", (req, res) => {
res.sendFile("index.html", { root });
});
I run the Node.j server on my VPS and everything work fine, no error. I tested multiple browser and device and all was working.
But Yesterday someone tell me my app don't work on Chrome. From my side it still work well on chrome.
But I can see the problem on Edge: ERR_EMPTY_RESPONSE. It look like the API don't send any response.
I didn't do any change so I really don't know where I can find a solution because there is no error, in console from server side or client side.
You can test from your side at : https://minidev.fr:5443/
I already tried to restart the node server and searching if there is error on the console or syntax error.
I hope someone can help to understand why it work from my side with different device but not for everyone.
And hope my explanation is clear, I'm French i do my best to keep it clear.
Thanks in advance for help

Electron + Vue + msal-nodejs + Azure Ad: redirect URL issue

I'm building a desktop app using Electron and Vue as framework.
I also need to authenticate the user using Azure AD and I'm using msal-node.js as library to do that.
I'm able to authenticate with the server in azure and get the user info, but I cannot figure it out how to set the redirect URL.
First I have to say that the behaviour between dev and prod change drastically and I'm going to explain both scenarios and, in both of them I'm going to use history mode or not
DEV - using createWebHistory
Return Url in Azure and .env file: http://localhost:8080/
This is what I've got from the devTools during the normal navigation (no authenticated)
And this is what I've got after the authentication (the call to the API is successful):
Blank page in the app.
DEV - using createWebHashHistory
Return Url in Azure and .env file: http://localhost:8080/#/
After the authentication (failed):
Blank page in the app.
PROD
In prod I must use createWebHasHistory otherwise I've got blank page from the beginning.
The first problem I've got in production is the url itself.
When I create the window I call the following url:
await win.loadURL('app://./index.html')
In azure I cannot use the same url because it's not a valid url.
If I use just:
await win.loadURL('app://index.html')
I've got blank page
Any idea?
Thank you

The solution I've found it's pretty simple. Probably it's not the most "elegant", but it works, at least for prod. In dev I've still got the same weird problem described above.
Basically I'm starting a node server (localhost:3031 for example), within the app itself, then I'm catching the redirect url with it (localhost:3031/redirect) and serving the internal url from it:
expressApp.get('/redirect', async (req, res) => {
await win.loadURL('app://./index.html#about')
})
As I said, it works and I don't see any security issue with that, but, if you have any other idea or suggestion, please let me know.
Thank you
UPDATE
I've found the issue with Dev as well. In order to authenticate I'm using what Microsoft is suggesting in its documentation.
If you look at the file AuthProvider.js there is this portion of code, at the beginning:
const CUSTOM_FILE_PROTOCOL_NAME = process.env.REDIRECT_URI.split(':')[0];
Down below, in the method "getTokenIteractive" there is this other piece of code that applies the new protocol:
protocol.registerFileProtocol(CUSTOM_FILE_PROTOCOL_NAME, (req, callback) => {
const requestUrl = new URL(req.url)
callback(path.normalize(`${__dirname}/${requestUrl.path}`))
})
In Dev my REDIRECT_URI is "http://localhost:3031/redirect", but the app protocol must be "app" (or whatever you have chosen) in order to work with Vue. So, I've just wrapped this last method in a condition based on the environment and now everything works as expected everywhere.
I hope all this can be useful to someone.

I ran into a similar issue and your solution helped me out, thank you! Can I ask how you handled the logout redirect?
Also have you tried onBeforeRequest to handle the redirects, instead of a node server?
It was used as an example in an auth0 blog: https://auth0.com/blog/securing-electron-applications-with-openid-connect-and-oauth-2/

testcafe issue when returning from a Node ExpressJS redirect

I'm currently testing a React front-end application with TestCafe. Current environment is:
React: 16.3.2
Node: 8.10.0
TestCafe: 0.23.0
MacOS Mojave 10.14.1
We've written about 65 tests which all run great. We've introduced a Single Sign On component into our application which has posed some automation challenges. Instead of trying to drive TestCafe against our app AND this particular SSO provider, we're using a fake API call instead.
Simplified order of operations for the app during normal usage is:
React app starts, detects no SSO credentials
Environmental service provides app with a proper SSO URL, react app redirects user to SSO login page using window.location
User logs in and SSO redirects back to our react app with a an additional URL query param & respective value.
React app proceeds forward in a 'logged in' state
Pretty basic stuff.
When the React app is being tested, we just provide different URLs which point to a local ExpressJS instance on localhost:3002. When the React app performs a window.location to the fake SSO API (http://localhost:3002/fakeOAuth) the ExpressJS instance simply performs a response.redirect(http://localhost:3000/?sso=fakeCode) and now we are back to our React app with the additional synthetic SSO data. This scheme works great when not being driven by TestCafe.
When we drive the React app via TestCafe, TestCafe hangs when returning back from the fake SSO call to the React app. After this hang, we have to forcefully kill TestCafe on the command line with a ctrl-c.
Using chrome debug tools and looking at the console output, there is a message:
Uncaught TypeError: __get$ is not a function
at hotCreateRequire (bundle.js:73)
at bundle.js:719
at bundle.js:722
and a screenshot can be found at the end of this post below.
The Test code:
import { Selector } from 'testcafe'
fixture 'Landing Page Body Tests'
.page 'localhost:3000'
test ('Displays correct main welcome title', async t => {
const landingPage = Selector('.card-title')
await t
.expect((landingPage).innerText).eql('Welcome, Fakeuser', 'Incorrect Username Found')
})
Screenshot of TestCafe failure
Does anyone have any ideas as to why TestCafe crashes? I have reworked the test a few times, researched and experimented with using TestCafe's Roles and ClientFunction classes but to no avail. Any input would be greatly appreciated.

It looks like a bug in TestCafe. The __get$function is an internal TestCafe function, and the __get$ is not a function error means that TestCafe wasn't able to process your page properly and install its internal functions in the global window object.
I suggest that you create a new bug report in the TestCafe repository, and provide a HAR report and an example that can be used to reproduce the problem.

Nodejs User login System

Am looking for some information on how to create a node.js login system, I have came across a lot of examples using express.
But am looking for some direction on how to do this without using express.
The main reason behind this is that my login webpages will be hosted on an apache server and my node.js server application will be running on a different server running mongoDB.
Any help in pointing me in the right direction would be great.
Thanks,
Iain

I know you said you didn't want solutions using express. But you may want to checkout Drywall for other inspiration. There are a lot of problems we solved and I'm sure there are some take-a-ways you could use.
Drywall Aqua - A website and user system for Node.js:
https://jedireza.github.io/aqua/

SweetAuth
A lightweight, zero-configuration user authentication module which doesn't depend on a database.
https://www.npmjs.com/package/sweet-auth
It's simple as:
app.get('/private-page', (req, res) => {
if (req.user.isAuthorized) {
// user is logged in! send the requested page
// you can access req.user.email
}
else {
// user not logged in. redirect to login page
}
})
With this, you have the flexibility to point your front end pages in a separate server to a nodejs in another server.

Expressjs session only persists on localhost

I've got a simple web-page created in node/express which has a simple login system. The way i'm testing if a user has logged in, is basically a check to see if req.session.user exist, which is created at login, and the session is destroyed on logout.
This works great as long as the client connects to http://localhost:8000, however, if i connect to http://10.0.1.6:8000 a new session object is created on every request, which means i can never check if the user actually has logged in.
Why is this? I need to connect to http://10.0.1.6:8000 as I'm testing my client from android (where localhost is the android device, not my server/computer).

Silly me, gotta stop programming when tired. I was running the index.html file locally, instead of from the server (cross-domain cookies? i laugh in your face!)

You can try to set up a session with your app.
var app = express.createServer();
app.use(express.cookieParser(...));
app.use(express.session(...));
According to the docs you also have to use cookieParser() before you set up your session.
http://expressjs.com/guide.html
http://www.senchalabs.org/connect/middleware-session.html