F07: Routing, brukerprofiler, og innlogging

PG6300-14 Webutvikling og API-design

Observasjoner rundt element 2

bcrypt (igjen)

Passord i plaintext?

Kryptert?

 

NOPE

var bcrypt = require('bcrypt');

var password = 'ananas';

var passwordHash = bcrypt.hashSync(password, 10);
console.log(password + ' -> ' + passwordHash);

var isMatch = bcrypt.compareSync(password, passwordHash);
console.log(isMatch);

http://codahale.com/how-to-safely-store-a-password/

JWT (igjen)

Routing i Angular

https://docs.angularjs.org/api/ngRoute/service/$route

// $routeProvider

app.config(function($routeProvider) {
    $routeProvider
        .when('/path', {controller: 'SomeController', templateUrl: 'someTemplate'});
});

// $location
$location.path('/path');

NG: ApplicationController

Events

LoginService.login(username, password)
	.then(function() {
		$scope.$emit('loggedin', username);
$scope.$on('loggedin', function(event, username) {
	$scope.currentUser = username;
});

bcrypt med Express

Person.findOne({username: loginAttempt.username}, function(err, person) {
	if (!person) {
		return res.status(401).send('Invalid username or password');
	}

	if (!bcrypt.compareSync(
			loginAttempt.password,
			person.passwordHash)) {
		return res.status(401).send('Invalid username or password');
	}

	var token = jwt.encode({username: loginAttempt.username}, secret);
	res.status(201).send(token);
});

PG6300-14-07: routing-brukerprofiler-innlogging

By theneva

Made with Slides.com

PG6300-14-07: routing-brukerprofiler-innlogging

  • 538

More from theneva

  • PG6300-17-013 Ready for takeoff!
    theneva
    801
  • PG6300-17-012 Realtime updates with WebSockets
    theneva
    837
  • Copy of Things that go wrong when deploying Java with containers (and how to avoid them) QUICKLY
    theneva
    704