I have created a small application in loopback in which i was saving user email and password , password in the form of simple text.
Now we have got feature request , to save password in some encrypted format , say , Base64.
So what i want is whenever new user created save password in encrypted format , which is easy , which we can do it.
But issues comes we have created users from many different different code locations, so instead of updating code every place is it possible to add some form of trigger on password field , so whenever this field gets updated , will call a function , which will take password text , and update the same with encrypted format.
so we don't have to worry about writing code everyplace.
Let me know if the question is not clear.
I am looking for Loopback solution.
Thanks
Ever heard of loopback Operation hooks?
https://loopback.io/doc/en/lb2/Operation-hooks.html
use the before save hook or after save hook on a model to do what ever you want.
they have an example, you can try it out
If you use default user model, password is by default stored in encrypted form.
If you want custom trigger than you can do it using remote or operation hooks.
Operation Hook: https://loopback.io/doc/en/lb2/Operation-hooks.html
Remote Hook: https://loopback.io/doc/en/lb2/Remote-hooks.html
The password is stored in encrypted form. You can use operation hook.
Answering your question in the spirit and then in the letter .
Triggers are database level feature where as loop back is your server framework .Keeping that mind your best opportunity within loopback is to use Operation hooks like earlier answers suggested .
However ,if you insist on trigger then you need to use the drivers supported by the DB. In case of oracle there are nodejs-oracle and loopback-oracle connector .If you are using mongo ,which i assume you do , then you may use mongodb oplog which will give you life cycle method where you can hook your desired code .For performance reasons i wouldn't recommend such trigger solutions .
It is not clear from your question what different different code locations means .I assume it is diff parts of your application which might not be loopback .In which case ,putting an entry in a queue and handle it via a processor will be your best bet sothat you can solve the problem of multiple origin .
Related
I am showing a link on a page and I want to change that link, by using a form.
where should I save that link and retrieve to render the page other that a database?
*I think involving database for such a small task is not performance efficient.
what I can do is save it in a global variable as a string, so that I can access it and change it.
But is it a good practice to use global variable for such task in production?
OK, now that we know that this is a change that you want to affect all users, then a global or preferably a module-level variable or a property on a module-shared object would be fine.
If you want this change to be persistent and survive a server restart, then you would need to write the change to disk somewhere and have code that reads that setting back in from disk when your server restarts. A simple way to do that might be to read/write it to a file in the JSON format. That gives you simple extensibility to also include other settings in that file.
Your admin form can then just update this variable and trigger a save to disk of all the current settings.
I believe which approach you want to implement really depends on the scenario e.g. how frequently will the link be changed, how frequently will it be read etc. A couple of suggestions:
If different user wants to see and update the same link without affecting others, you can use on client side stored cookies. Then you won't need a db but each user will manage their own link that no one else can access.
You could use a file e.g. json or simple text file and use built in fs to read and write into that file. However in that case you would want to use sync operations to avoid concurrency issues e.g. const contents = fs.readFileSync('storage.txt', 'utf8');
Of course you could store data in a string too, however if server was to go down, the link would not persist.
I have an nodejs server running witch show data on a web interface. The data is fetched from a MongoDB using mongoose. The data is added via an node-red application witch is isolated from the rest.
Currently my nodejs server fetches the data every 5 seconds. Is there a way to know if the data in my MongoDB has changed?
Thanks, I hope my question is clear.
I was also looking for something similar to what you are asking for few months back. Few ways which i know to do it are:
1) You can try to use middlewares while inserting your documents in DB. You can then send that new data either after saving it in DB or at the time of insertion only.
2) Refer to this answer which talks about solving your problem using inbuilt functions provided by mongoDb. You can study in deep about them in mongoDb docs.
3) There is also another way to do this which includes listening to changes in log files. As you know everything done in mongo is recorded and logged in files so whenever there is some change in data you can know it from there also. You will have to do the digging by yourself in this method.
Hope it helps!
We've got an application in Django running against a PGSQL database. One of the functions we've grown to support is real-time messaging to our UI when data is updated in the backend DB.
So... for example we show the contents of a customer table in our UI, as records are added/removed/updated from the backend customer DB table we echo those updates to our UI in real-time via some redis/socket.io/node.js magic.
Currently we've rolled our own solution for this entire thing using overloaded save() methods on the Django table models. That actually works pretty well for our current functions but as tables continue to grow into GB's of data, it is starting to slow down on some larger tables as our engine digs through the current 'subscribed' UI's and messages out appropriately which updates are needed as which clients.
Curious what other options might exist here. I believe MongoDB and other no-sql type engines support some constructs like this out of the box but I'm not finding an exact hit when Googling for better solutions.
Currently we've rolled our own solution for this entire thing using
overloaded save() methods on the Django table models.
Instead of working on the app level you might want to work on the lower, database level.
Add a PostgreSQL trigger after row insertion, and use pg_notify to notify external apps of the change.
Then in NodeJS:
var PGPubsub = require('pg-pubsub');
var pubsubInstance = new PGPubsub('postgres://username#localhost/tablename');
pubsubInstance.addChannel('channelName', function (channelPayload) {
// Handle the notification and its payload
// If the payload was JSON it has already been parsed for you
});
See that and that.
And you will be able to to the same in Python https://pypi.python.org/pypi/pgpubsub/0.0.2.
Finally, you might want to use data-partitioning in PostgreSQL. Long story short, PostgreSQL has already everything you need :)
I'm using nano to connect to couchDB through node.js; I have read the basic documentation for couch.db and understand it for the most part, but I didn't see a simple query function anywhere. All I would like to do is (from my server), get the value of a field , from a specific document. How would I do this?
Additionally, while looking for the answer to this, I ran across one site that said an html page can directly send a GET to the DB to get values; I thought the database was secure though, so how is this possible? I guess I'm missing something big here.
The simplest way to get a specific document by id is using the get method. This will return you the document itself:
var Nano = require('nano'),
db = new Nano('http://admin:password#localhost:5984').use(yourDatabase),
db.get(yourDocumentId, function (err, yourDocument, headers) {
return console.log(err || yourDocument);
});
Re your second question about a webpage requesting data straight from CouchDB: this can be done securely as long as you have a login specifically for your end user in CouchDB. Your end user would log in to CouchDB and CouchDB would return a cookie which your browser would send on each subsequent request to CouchDB as a way of authenticating itself.
see http://guide.couchdb.org/editions/1/en/security.html#cookies for more info.
Personally I would not use this approach as it makes it too easy to couple your UI to your data making future changes harder. I would recommend creating a REST api in express and call that from your UI. It will keep your UI code more focused on UI logic and your api implementation focused on dealing with CouchDB document and view operations.
I am writing service using NodeJS + Restify. I have split each actual service into separate file (what, I assume, everyone is doing). They all are going to be using mysql database so I thought I could open a single connection to database which could be used by each service rather than opening connections every time a request is done.
The problem is that I don't seem to find a way to pass user data. By user data I mean any custom data that would be accessible by every service callbacked by the server.
I primarily use NodeJS + Express, but having looked through some of the documentation of Restify, I believe you could use the authorization parser (under Bundled Plugins on their site: click here to go there)
I think that would be the most basic way to pass user data.
I haven't tested it but, I believe you'd just add this to use it:
server.use(restify.authorizationParser());
You could then access the user data with:
//This is based on the structure of req.authorization in the documentation.
req.authorization.basic.user
I believe you could set new user data (when the user logs in or something) like:
req.authorization.id = 'id'