This project is to learn basic concepts about creating APIs with ORM Sequelize, connecting to PostgreSQL to execute queries (creating, reading, updating, deleting and getting data from the database), using an MVC architecture. The Fake_Store database has product tables that have relationships to the category table
install the project and continue reading.
You need install PostgreSQL - object-oriented relational database management system - _or any other object-oriented relational database management system
> npm i
> npm start
//load migrations
> npx sequelize-cli db:migrate
- NodeJS - Asynchronous event driven JavaScript runtime environment.
- Express - The framework used.
- PostgreSQL - Object-oriented relational database management system.
- Sequelize - ORM.
- Visual Studio Code - Code Editor Developed.
- Post-Man - API platform for developers to design, build, test, and iterate on their APIs.
- JsonWebToken - Packague for Authorization.
- Bcrypt - Packague for Password Hashing Function
- A relational database is structured, meaning the data is organized in tables. Many times, the data within these tables have relationships with one another, or dependencies. A non relational database is document-oriented, meaning, all information gets stored in more of a laundry list order. (Source of) Blog: David Pablo.
At login, after a user submits their credentials (and they are validated), the server logs data (to remember that the user has successfully logged in). This data that is recorded in the backend, in correspondence with the session identifier, is what is known as status. On the client side, a cookie is created to store the session identifier, while the data is stored on the server (and is called session variables).
- A user enters her credentials (data that allows her to log in)
- The server verifies that the credentials are correct and creates a session (this may correspond to creating a file, a new record in a database, or some other server-side solution)
- A cookie with the session ID is placed in the user's web browser.
- On subsequent requests, the session ID is compared to sessions created by the server
- Once the user logs out, the session is destroyed on both sides (both client and server)
The server no longer keeps track of which users are connected or which tokens have been issued. This is because every request made to the server is accompanied by a token, and the server verifies the authenticity of the request based solely on the token. As we discussed before, JWT defines a format for tokens. But JWT doesn't tie us to any client-side data persistence mechanism or any rules about how the token should be transported. Tokens are usually sent as an Authorization header, with the value Bearer {JWT}; but they can also be sent in the body of a POST request or even as a query parameter.
Let's see how it works:
- A user enters her credentials (data that allows her to log in)
- The server verifies that the credentials are correct and returns a signed token
- The token is stored on the client side, usually in local storage (but can also be stored in session storage or even as a cookie)
- Subsequent requests to the server include this token (via an authorization header or one of the other methods mentioned above)
- The server decodes the JWT and if the token is valid processes the request
- Once the user logs out, the token is destroyed on the client side (no server interaction required). (Source of) Blog: programacionymas
Open Authorization is an open standard that enables simple authorization flows for web sites or computer applications. It is a protocol proposed by Blaine Cook and Chris Messina, which allows the secure authorization of an API in a standard and simple way for desktop, mobile and web applications.
OAuth allows a user from site A to share their information on site A (service provider) with site B (called consumer) without sharing their full identity
- Agustin Baez - Initial Work - AgusBaez.
- Alexis Nicolás Moragues - Mentor - amoragues95.
- Agustin Baez - Documentation - fulanitodetal.
- Thanks to my mentor(Alexis Moragues) who proposed the creation of this practice and to Avalith Skill Factory for giving this opportunity to grow as a person and as a programmer 🛣️.
- help me with the youtube video Fatz Code FatzCode_youtube📢
- Thanks to the community you can continue learning self-taught 🤓.
⌨️ con ❤️ por Agustin Baez 😊.