BACKEND

 PASSPORT IS A LIBRARY THAT HELPS IN AUTHENTICATION . TO INSTALL: npm i passport                          npm i passport-local                         npm i passport-local-mongoose USING PASSPORT , AUTHENTICATION IS MADE EASY, IT CAN BE IMPLENTED USING  GMAIL, FACEBOOK,GITHUB..ETC USER MODEL: WE CAN DEFINE OUR USERNAME AS PER OUR WISH. PASSPORT LOCAL MONGOOSE WILL ADD A USERNAME, HASHED PASSWORD, SALT VALUE. IN MAJOR PROJECT, USER.JS const mongoose = require ( "mongoose" ); const Schema = mongoose . Schema ; const passportLocalMessage = require ( "passport-local-mongoose" ); const userSchema = new Schema ({   email : {     type : String ,     required : true ,   }, }); userSchema . plugin ( passportLocalMessage ); module . exports = mongoose . model ( "User" , userSchema ); APP.JS const flash = require (...

SALTING IS A TECHNIQUE TO PROTECT PASSWORDS STORED IN DATABSES BY ADDING A STRING OF 32(OR) MORE CHARACTERS AND THEN HASHING THEM. IT IS THE TECHNIQUE IN WHICH AN ADDITIONAL STRING IS ATTACHED TO OUR PASSWORD WHICH IS CALLED AS SALT. LET salt=%?# password:abhi => abhi%?# this password is sent to hashing. 1234 => 1234%?#  IT SAVES FROM CYBER ATTACKS LIKE REVERSE LOOKUP TABLE. IT IS THE KIND OF ATTACK IN WHICH THE ATTACKER TRIES TO FIND THE PASSWORD FROM THE HASHED STRING. SALTING PROVIDES FROM SUCH TYPES OF ATTACKS.

 HASHING: PROCESS OF CONVERTING A STRING IN READABLE FORMAT TO UNRECOGNIZABLE FORMAT. PROPERTIES: => FOR EVERY INPUT , THERE IS A FIXED OUTPUT. FOR A PARTICULAR INPUT , THERE IS ONLY ONE OUTPUT. => THEY ARE ONE-WAY FUNCTIONS, WE CAN'T GET INPUT FROM OUTPUT. FOR EXAMPLE: CONSIDER A MODULUS FUNCTION                    | -5 | = 5 AND                  |+5| = 5 HERE BASED ON THE OUTPUT (5), THE INPUT CANNOT BE GENERATED OR GUESSED IT MIGHT BE EITHER +5 OR -5. EX-2: CONSIDER  A % FUNCTION.  3%3=0   6%3=0 9%3=0 12%3=0 HERE, BASED ON THE OUTPUT (0) THE INPUT CANNOT BE GENERATED OR GUESSED. => FOR A DIFFERENT INPUT , THERE IS A DIFFERENT OUTPUT BUT OF SAME LENGTH . WHATEVER MIGHT BE THE INPUT, THE OUTPUT IS OF THE SAME LENGTH. => SMALL CHANGES IN THE INPUT SHOULD BRING LARGE CHANGE IN THE OUTPUT. FOR EXAMPLE:  I/P : abc  O/P : grdasgbsertawe4rfj I/P...

AUTHENTICATION: PROCESS OF VERIFYING WHO SOMEONE IS. VERIFYING IDENTITY. USED TO SIGN UP/LOGIN AUTHORIZATION: PROCESS OF VERIFYING WHAT SPECIFIC APPLICATIONS,FILES, AND DATA A USER HAS ACCESS TO. STORING PASSWORDS: PASSWORDS ARE NEVER STORED IN THE DATABASE DIRECTLY . THEY ARE STORED IN THEIR HASHED FORM. A HASH FUNCTION CONVERTS A STRING (READABLE) TO UNRECOGNIZABLE STRING(UNREADABLE) . THE PASSWORD ENTERED BY THE USER IS SENT TO A HASH FUNCTION AND AN UNREADABLE STRING IS GENERATED .THIS STRING IS STORED IN THE DATABASE. IT IS VERIFIED FOR AUTHENTICATION. WHEN AN USER SETS A PASSWORD : abc123 THIS IS CONVERTED INTO AN UNRECOGNIZABLE STRING: str1   BY THE HASH FUNCTION, AND THAT STRING IS STORED IN THE DATABASE. IF THE USER , WHILE LOGGING IN ENTERS ANOTHER PASSWORD: abc , THIS STRING IS SENT TO THE HASH FUNCTION , IT GENERATES A STRING: str2 (AS THE PASSWORD IS DIFFERENT) . AS str2 DOESNOT MATCH WITH s tr1(STORED IN DB ) LOGIN FAILS.

 WHEN TWO COLLECTIONS LIKE USERS AND POSTS ARE IN A ONE TO MANY RELATION WHERE IF A USER'S ACCOUNT IS DELETED ALL THE POSTS CREATED BY THE USER ARE DELETED. THE PROCESS OF HANDLING THIS DELETION IS KNOWN AS HANDLING DELETION. IT IS BASICALLY CASCADING OF DELETION THAT PROPOGATES WITH USERS. ANOTHER EXAMPLE: CUSTOMERS AND THEIR ORDERS ARE IN A ONE TO MANY RELATION,SO WHEN A CUSTOMER'S ACCOUNT IS DELETED ALL HIS ORDERS ARE DELETED. // HANDLING DELETION USING MONGOOSE MIDDLEWARE const mongoose = require ( "mongoose" ); const { Schema } = mongoose ; main ()   . then (() => {     console . log ( "connection successful" );   })   . catch (( err ) => {     console . log ( err );   }); async function main () {   await mongoose . connect ( "mongodb://127.0.0.1:27017/relations" ); } const orderSchema = new Schema ({   item : String ,   price : Number , }); const customerSchema = new Schema ({   name : Str...

 RELATIONSHIPS INCLUDE  ONE - TO -ONE (1x 1)   ONE ENTITY OF A TABLE IS IN RELATION WITH ONLY ONE ENTITY OF ANOTHER. ONE - TO -MANY (1x N)   ONE ENTITY IS IN RELATION WITH MANY MANY - TO - MANY(NxN)   MANY ENTITIES ARE IN RELATION WITH MANY OTHER. ONE- TO-MANY IS MORE HARDER TO BE REPRESENTED THAN ONE - TO - ONE AND MANY - TO - MANY ONE- TO -MANY IT IS CATEGORIZED INTO 3 BASED ON MANY MANY CAN BE IN 3 TYPES 1. ONE -TO-FEW:  SMALL NUMBER (2,5 ,100,500) STORE THE CHILD DOCUMENT INSIDE PARENT TAKE ZOMATO OR AMAZON FOR EXAMPLE, A SINGLE USER CAN HAVE MULTIPLE ADDRESSES. HERE WE DONOT CREATE TWO MODELS FOR USER AND ADDRESS, AS ADDRESS IS ASSOCIATED WITH USER DIRECTILY, WE STORE THE CHILD DOCUMENT INSIDE PARENT. const mongoose = require ( "mongoose" ); const { Schema } = mongoose ; main ()   . then (() => {     console . log ( "connection successful" );   })   . catch (( err ) => {     console . log ( err );...

 MONGOOSE ERRORS CAN BE MANIPULATED. const handleValidationErr = ( err ) => {   console . log ( "It is a validation error. Refer to the rules" );   console . dir ( err . message );   return err ; }; app . use (( err , req , res , next ) => {   console . log ( err . name );   if ( err . name === "ValidationError" ) {     err = handleValidationErr ( err );     next ( err );   } });

AN ASYNC FUNCTION IS CREATED.WHICH WRAPS THE ASYNC CALLBACK. function asyncWrap ( fn ) {   return function ( req , res , next ) {     fn ( req , res , next ). catch (( err ) => next ( err ));   }; }   WE WRAP EVERY TRY-CATCH TO ASYNC WRAP. // INDEX ROUTE app . get (   "/chats" ,   asyncWrap ( async ( req , res , next ) => {     let chats = await Chat . find ();     res . render ( "index.ejs" , { chats });   }) ); // NEW ROUTE app . get ( "/chats/new" , ( req , res ) => {   res . render ( "new.ejs" ); }); const ExpressError = require ( "./ExpressError.js" ); // HANDLING ASYNC ERROR MESSAGES app . use (( err , req , res , next ) => {   let { status = 500 , message = " UNKNOWN ERROR OCCURRED" } = err ;   res . status ( status ). send ( message ); }); // SHOW ROUTE app . get (   "/chats/:id" ,   asyncWrap ( async ( req , res , next ) => {     let { id } = ...

  // POST ROUTE app . post ( "/chats" , async ( req , res , next ) => {   try {     let { from , to , msg } = req . body ;     let newchat = new Chat ({       from : from ,       msg : msg ,       to : to ,       created_at : new Date (),     });     await newchat . save ();     res . redirect ( "/chats" );   } catch ( err ) {     next ( err );   } });

const ExpressError = require ( "./ExpressError.js" ); // HANDLING ASYNC ERROR MESSAGES app . use (( err , req , res , next ) => {   let { status = 500 , message = " UNKNOWN ERROR OCCURRED" } = err ;   res . status ( status ). send ( message ); }); // SHOW ROUTE app . get ( "/chats/:id" , async ( req , res , next ) => {   let { id } = req . params ;   let chat = await Chat . findById ( id );   if ( ! chat ) {     next ( new ExpressError ( 404 , "chat not found" ));   }   res . render ( "edit.ejs" , { chat }); });   HERE IF WE SEND  if ( ! chat ){     throw new ExpressError ( 404 , "chat not found" ); } THEN THE REQUIRED ERROR MESSAGE IS NOT DISPLAYED. HENCE,WE SEND IT THROUGH NEXT(). EXPRESS.JS class ExpressError extends Error {     constructor ( status , message ){         super ();         this . status = status ;       ...