The difference between static and dynamic servers

judgment

Whether to request a database

Yes, dynamic server
No request, static server

Read data, store data

Target a

Implement user registration function

The user submits the user name and password
There is a new line of data in the users.json file

Train of thought

Write a form in front and let the user fill in name and password
The front end listens for the Submit event
The front end sends a POST request with the data in the request body
The back end receives the POST request
The back end gets the name and password in the request body
The backend stores data

Goal 2

Implement the user login function

Home page home.html, login users can see their own user name
Login Login page for submitting user name and password
If the user name and password match, the home page is automatically redirected

Login Page

Write a form in front and let the user fill in name and password
The front end listens for the Submit event
The front end sends a POST request with the data in the request body
The back end receives the POST request
The back end gets the name and password in the request body
The back end reads the data to see if there is a matching name and password
If a match is found, the back end should mark the user as logged in

Cookie

define

A Cookie is a string sent from the server to the browser
The browser must save this Cookie (unless the user deletes it)
Any subsequent request for the same secondary domain name (any request) must be accompanied by a Cookie

The Set – Cookie response headers

response.setHeader('Set-Cookie', `user_id=${user.id}; HttpOnly`) 

const cookie = request.headers['cookie']
Copy the code

Goal 3

Display user name

Get user information before rendering the home page
If there is a user, replace {{user.name}} with user.name
If there is no user, the login button is displayed

Target four: Tamper-proof user_id

Idea 1: encryption

The user_id is encrypted and sent to the front end, which decrypts the user_id when it is read by the back end. This method is feasible, but has security vulnerabilities
Vulnerability: Encrypted content can be used indefinitely
Solution: JWT

Idea 2: Hide information on the server

Put the user information in x of the server and give the information a random ID
Send a random ID to the browser
The back-end obtains user information through X [id] the next time it reads the ID

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

Dynamic server

The difference between static and dynamic servers

judgment

Whether to request a database

Read data, store data

Target a

Implement user registration function

Train of thought

Goal 2

Implement the user login function

Login Page

Cookie

define

The Set – Cookie response headers

Goal 3

Display user name

Target four: Tamper-proof user_id

Idea 1: encryption

Idea 2: Hide information on the server

Dynamic server

The difference between static and dynamic servers

judgment

Whether to request a database

Read data, store data

Target a

Implement user registration function

Train of thought

Goal 2

Implement the user login function

Login Page

Cookie

define

The Set – Cookie response headers

Goal 3

Display user name

Target four: Tamper-proof user_id

Idea 1: encryption

Idea 2: Hide information on the server

Related Posts

A universal way to install Nodejs on Linux

Interviewer: Do you know anything about front-end routing?

From front-end routing to SPA, let’s talk about 😁 [Plan]