I am new to Stackoverflow so please forgive me if my question is bit difficult to understand. However, background of my problem is following.
I have created a NodeJS RESTful API based on the following tutorial -
https://www.codementor.io/olatundegaruba/nodejs-restful-apis-in-10-minutes-q0sgsfhbd
I have also created a Vue based frontend what I use to display data from database with GET request, POST new data to database and also PATCH/DELETE requests.
I need to create a login/registration system to secure my api endpoints so that the unauthorized person cannot see/delete/modify the content but I have no idea where to start or how to implement it.
My project frontend and backend repositories are visible on:
Frontend - https://github.com/umbluu/mufc-api-fe
Backend - https://github.com/umbluu/mufc-api-be
Can someone please point out some hints/tips how to proceed with my task?
Related
I'm fairly new to the webdev. I have a React frontend built with Vite, and a Node.js backend that uses MongoDB. I finished my little project and when It came to deploy it to my Linux server, I got confused about how to handle API calls.
Is there any way to hide API URL's on frontend apps? Because everything is done in client side, and frontend is basically an interface between user and backend, that should be impossible. But how does for example, big companies like Facebook handle this? If I go to Facebook and inspect the code, can I find the exact IP and API address that facebook backend serves me the posts? Or are there any tricks to make this more secure? What are the industry standards are on this topic?
The interface between your web application in the browser and your backend service is HTTP(s). There are HTTP verbs such as GET, POST, DELETE, etc. You can pass argument or information to your backend services via query parameters which are visible in the URL, or you can send it in the body of a request. An HTTP POST, for example would have a body that is not seen or viewable unless the end user made specific effort to view it.
I am studying NodeJS and React front-end. And I want to test what I have learned by making a web page.
I want to create two servers: back-end server to provide API, front-end server to manipulate data by communicating with back-end server through AJAX.
In backend server, I will use NodeJS(expressJS). I have been reading below link to install expressJS server.
enter link description here
but I am stuck on choosing which template engine do I use. Since I want my back-end server to be provider for just only API - besides, I am not sure what API means correctly, I guess it is for manipulating data throguh AJAX
So simply my question is,
What template engine do I have to adopt in my back-end server?
I'm starting to build a React Native app after having finished my first implementation of a node.js backend.
I was recommended using passport.js for authentication.
I don't know too much about this entire subject, but I do know my needs:
I can't have any sessions/users
I'd like to create some type of handshake using the phone's UUID(?)
I want only my mobile app to be able to address the API (ideally) and for "outsiders" to either be ignored or receive a 403 (ideally ignore? - I'm asking :) )
How do I go about doing that?
I am doing a side project, with purpose of learning to separate front-end and backend, and I decided to use express with node, to design a REST Api as my backend.
My question is, how do I authenticate my restful api. I saw some tutorials, but they always connect frontend and backend by using serverside rendering with jade or ejs, and I'm not interested with that.
How do I authenticate each user and give them access only to certain data and also how do I design endpoints that are only accessible by my front-end application?
I would really appreciate help. Also you can send links to articles that describe this king of authentication and project architecture, because I feel that i'm looking in the wrong places, and need some help.
I'm new at Firebase, I'm starting making a project which has to include Firebase and angular2, but I am such confused about how to implement them. I don't know if a there's the need to have a Back-end implementation (like Java or NodeJs) to handle some security issues (like form validation, authentication, routing etc), or it's enough just implementing Angular2 to handle all these issues. I would be so Thankful about any helpful advice how I could implement these both technologies to build my project successfully. Thanks
first firebase is something like your backend firebase can safe get and send request as your backend apps...
and angular js will do the rest like you just said andd all the backend stuff you can handle by firebase :)
This is my simple explanation on how this 2 works together
Always keep in mind that Angular works only in front-end. Its domain is the look and feel, application events, sending data to server and anything else that has something to do with displaying data is coded in this area.
Backend services in the other hand interacts with your database, creating business logic, handling authentications, saving / sending of data and other stuff that interacts with the database is coded from here.
Now how these two interact is done by the frontend service to send HTTP requests to the Server which is the backend service. This is done by using Angulars $http service or the so called jQuery AJAX or the infamous XMLHttpRequest JavaScript native. New technologies today utilizes Web Sockets which is being used by Firebase and some other frameworks, Web Sockets offers a faster way sending / fetching data from server.
The server then interprets the data being sent and send appropriate response. For example getting user list, saving profile, getting reports, logging in, etc.. It would work in this workflow.
1) Angular sends http request to server to get list of users.
2) Backend service installed in the server then interprets the data being sent.
3) Backend service then gets list of users from the database.
4) Backend then sends the data back to the frontend service.
5) Frontend then recieves server response and displays the data to the view.
Also these two is coded separately. To have more detailed explations research about how frontend and backend services interact you can find so much resouces in Google.