It is not indented well (particularly around SQL queries), has no comments, and has inconsistent use of vertical whitespace to separate logical sections. session ID determination, database update, and decoration onto reqĭo you do any validation on req.body at all outside of this function? You are taking a potential dangerous path in there is no input validation here.user agent parsing and decoration onto req.decorate IP address determination and decoration onto req.You likely should be considering different Express middleware functions to do things like: Thanks for your first submission for review.įirst and foremost, the thing that really jumps out at me is that this function is doing WAY too many different things. Is what I'm doing correct? And what about the passport? Because as far as I know the passport uses the Headers Authorization token.Įxample add to cart: export const addToCart = (req,res) =>) I am using React SPA, Express.js and MySQL. When logging in with Google or Facebook, I use the passport for authentication and when I am successful I store the sessionID to the database. I store the data chart list in the database based on the sessionID so when a user visits the website, the user does not need to log in for add to cart.Īs well as login, to check the user has logged in or not, I have checked the sessionID that is in the user and checked it on the database whether or not the sessionID is in the database. I'm making an online shopping store or e-commerce and I use an express session for many things.Įxample: Shopping Cart, Authentication user*
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |