
Primary LanguageJavaScript


events api

TIPS USED while doing this project

  • Issues Access Token and Refresh Token

  • Access token = short time to expire

  • Refresh token = long time to expire

  • Client stores access token in memory and NOT in local storage or cookies

    (If you can store tokens with javascript (in localstorage and cookies) a hacker can also retrieve it with javascript)

  • The REST API are issued with a httpOnly cookie

    this cookie cannot be accessed with javascript

  • Refresh token should have an expiration, which then require a user to login again

  • Refresh tokens should not have the ability to issue new refresh tokens because that will grant indefinite access. - they should also be able to expire

  • Acess token is issued after user authentication

  • New token is issued at Refresh request

  1. To generate random access and refresh tokens with node for our env access token

    open terminal
    type node, hit enter
    type require('crypto').randomBytes(64).toString('hex')
    output something like below
Migrate scraped data into mongocloud

mongoimport --uri mongodb+srv://:@cluster0.7tbkbvy.mongodb.net/ --collection --type json --file <filename.json> --jsonArray