Giter Site home page Giter Site logo

api-node-express-mongo-baltaio's Introduction

api-node-express-mongo-baltaio

Passo 01

yarn init -y

yarn add express http debug

yarn add nodemon -D - nodemon (automatically restarting the node application when file changes)

node ./bin/server.js

Passo 02

yarn add body-parser - Parse incoming request bodies in a middleware before your handlers, available under the req.body property

Passo 03

  • instalar studio 3t
    • Studio 3T is the professional GUI and IDE for MongoDB available for Windows, Mac, and Linux. Explore and manage your data faster with features like query building, data exploration, aggregation and data comparison, import/export, code generation, and more

yarn add mongoose - Mongoose is a MongoDB object modeling tool designed to work in an asynchronous environment

... criação de rotas, controllers, models, repositories

Pacotes

  • yarn add guid
    • Utilizado para gerar IDs
  • yarn add md5
    • Utilizado para encriptar as senhas com MD5

Envio de e-mail

  • Acessar site do Sendgrid
  • Logar na conta e buscar por Settings > API Keys
    • Create API Key
    • Full access
  • inserir chave gerada no config.js
  • yarn add [email protected]
  • criar serviço que chama método de envio de email no sendgrid
  • importar email-service no controller e consumir serviço

Autenticação

  • podemos passar o token no Header, no Body ou como Query String

  1. yarn add [email protected]

  2. criar auth-service.js com os métodos básicos

    • gerar token
    • decodificar token
    • autorizar (interceptador de rotas)

  3. registrar rota para autenticação

  4. criar métodos no controller e repositório para autenticar usuário e retornar o token

  5. proteger as rotas utilizando o método authorize() como interceptador

  6. armazenamos o Id do usuário no Token, para tornar mais seguras as futuras chamadas onde precisamos passar o Id do usuário logado

    • como a informação está contida no token JWT, não passamos o Id ou Email do usuário no corpo da requisição, e a responsabilidade de identificar o usuário logado é do decodeToken()

  7. definir os diferentes papéis que terão acesso a aplicação (customer-model.js)

  8. criar método isAdmin no auth-service.js

  9. atualizar controller para criar usuário com nova informação de role, e também para retornar token (authenticate e refresh) com o novo campo roles

  10. atualizar as rotas com o novo método que só deixa acessar quando usuário é admin

api-node-express-mongo-baltaio's People

Contributors

bugasmarcondes avatar

Watchers

James Cloos avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.