I would like to encrypt all the datas that is being saved in mongoose. Do you know some plugins or some moduls, in nodejs, that does this ? And how could i do it efficiently with angularjs in frontend ?
For example : i'm using a chat system, using socket.io. And i store the messages in this model :
var messageSchema = new Schema({
type: {
type: String,
required: false
},
user: {
type: String,
default: '',
trim: true
},
content: {
type: String,
default: '',
trim: true
},
slug: {
type: String,
lowercase: true,
trim: true
},
created: Date,
updated: [Date],
roomCreator: {
type: Schema.ObjectId,
ref: 'Room'
},
});
I want all this data to be encrypted in the most secure way as possible, so nobody should be able to see any of the contents of the messages.
Thanks in advance
There is this:
ChatSafe
Though I am not sure how I feel about it though. It has the ability to use different cipher keys, but it has no inherent way to get keys from one client to the other, which is necessary to decrypt messages (apparently you have to send them a url, which is how other clients get the cipher key). It is cool that it does all the encryption client-side though.
I think I would work this one though: Implement AES Strength Encryption With JavaScript
It shows you how to build a client-side angular based encryption service.
Encrypt everything client side > shoot it to node > save/do whatever > send it to other clients > decrypt client side.
Related
I have been having trouble figuring out how to update a User with graphQL. The functionality I'm currently aiming for is for the user to be able to update their account/profile information. I have some things set up for the user like a bio field for their profile, and a profile picture field that's set up to take a URL and display that as their profile picture.
I have no problems when it comes to creating using graphQL. A user can sign up, log in, make posts, etc without issue. I can also update the User in regards to other models, for example, a new post pushes to the users Post data just fine.
I have not been able to figure out how to update a user directly though. Essentially I can get around this by creating a new model for "profile pic" and pushing that to the User, but that seems like it's just extra steps that might slow things down, as well as shortchanging myself being able to learn something new.
This is the User model. I have omitted a few fields due to the exact block of code being large, but this includes the "image" and "bio" fields (the fields I would like to update) as well as the reference to the Post model which I mentioned above that functions appropriately.
User.js
const userSchema = new Schema(
{
username: {
type: String,
required: true,
unique: true,
trim: true
},
email: {
type: String,
required: true,
unique: true,
match: [/.+#.+\..+/, 'Must match an email address!']
},
password: {
type: String,
required: true,
minlength: 8
},
image: {
type: String
},
bio: {
type: String,
maxLength: 500
},
posts: [
{
type: Schema.Types.ObjectId,
ref: 'Post'
}
],
},
Below is the mutation in Explorer, including the variables and the result.
Profile Pic Resolver
addProfilePic: async (parent, { image }, context) => {
if (context.user) {
const updatedUser = await User.findOneAndUpdate(
{ _id: context.user._id },
{ image: image },
{ new: true, runValidators: true }
);
return updatedUser;
}
throw new AuthenticationError('You need to be logged in!');
},
typeDefs.js (relevant only)
type Mutation {
addProfilePic(_id: ID!, image: String!): Auth
}
I notice that in the Explorer page it returns "null" for user with a 200 status. I am led to believe that means that it's not able to even access the "image" field on the user to be able to update it. When compared to my other mutations in regards to users, this is set up very similarly and I'm not sure what the difference is.
I feel like I am missing something very basic here in regards to being able to update. I haven't been able to find an update mutation example that works. Could anyone assist? My main questions would be:
Why does the mutation return "null" for user?
How can I set up my resolver to appropriately update information on an already-created object?
Thank you to anyone who is able to take a look and assist, I will be closely watching this post for replies and will update any other code someone may need to be able to assist. I've been stuck in regards to updating information for a long time, but my site is getting to the point where it's nearly ready and I need to tackle this updating issue in order to progress. Thank you!
Quick Edit: I want to add that "Auth" is referenced. The appropriate authorization headers are in place to retrieve the data. Just wanted to add that in as I highly doubt authorization has anything to do with this!
I have solved this issue and would like to leave the answer here for anyone who may find it useful.
In the mutation typeDefs, I changed the "Auth" to "User",
type Mutation {
addProfilePic(_id: ID!, image: String!): User
}
and then in the mutation itself, took away the user field like such:
mutation addProfilePic($_id: ID!, $image: String!) {
addProfilePic(_id: $_id, image: $image) {
_id
username
image
}
}
This has allowed the user to update their profile photo information. Hope this helps!
I'm a student working on a chat application for my internship, where I use socket.io.
Right now I am busy thinking of a good way to store the messages send in conversations.
As of now I do the following:
For each conversation between one user and another user, a new collection is made.
On every message sent, the message is stored in the according conversation collection in a single document.
The collections:
Where the document looks as follows:
Now I wonder if there is a good argument to be made to have just one collection "conversations", and store all the messages in multiple documents, where each conversation is a new document.
Creating a new collection for every message is very bad idea instead of that you use a simple schema as given below to store your messages
const conversation_schema = new Schema({
from: {
type: ObjectID,
ref: 'User'
},
to: {
type: ObjectID,
ref: 'User'
},
messageBody: { // body of the message(text body/ image blob/ video blob)
type: String,
},
messageType: { // type of the message(text, mp3, mp4, etc...)
type: String,
},
read: { // to boolean flag to mark whether the to user has read the message
type: Boolean,
default: false,
},
createdAt: { // when was this message goit created
type: Date,
default: new Date(),
},
});
you can fetch the conversation between the two users using the following query
conversations.find({
$or: [
{from: 'user1', TO: 'user2},
{from: 'user2', TO: 'user1},
],
}).populate({ path: 'to', model: User })
.populate({ path: 'from', model: User })
.sort({ createdAt: -1 })
I am wondering if there was an easy way to add versioning to model for easy optimistic concurrency. I was curious if anyone here has integrated that into their project with sequelize and got it to work seamless, without having to manually add the version to the where of every update ect.
I started with something like this
export const User = sequelize.define('user', {
id: {type: Sequelize.STRING, primaryKey: true},
name: {type: Sequelize.STRING, allowNull: false}
}, {
underscored: true,
tableName: 'r_users',
version: true // <- here
});
but the version doesn't change when updating the record or migration
The migration version can be found in SequelizeMeta but to select from it you need to add quotes 'SequelizeMeta' or change the name of the table to sequelize_meta by add
"migrationStorageTableName": "sequelize_meta",
to the config
I have a UI component that generates a mongo schema like this
{
content: String,
date: { type: Date, default: Date.now },
author: {
type: Schema.Types.ObjectId,
ref: 'User'
}
}
the idea is take this schema and generate the end-point to get the info, the question is where do you recomend storage the schema in mongoDB or in the files somehow run programmatically
yo angular-fullstack:endpoint mySchema
Thank You
So I'm fairly new to the mean-stack and I'm using mean.js as a framework.
Using Yeoman I've made a new CRUD module called groups. In a group I want to be able to have an owner, the user who made the group, and a collection of members. According to the mongoose docs I gave the GroupSchema the following structure:
var GroupSchema = new Schema({
name: {
type: String,
default: '',
required: 'Please fill Group name',
trim: true
},
created: {
type: Date,
default: Date.now
},
user: {
type: Schema.ObjectId,
ref: 'User'
},
members: [{type: Schema.ObjectId, ref: 'Member'}]
});
Now, when a group is created the only member will be the owner. I've got the following app structure:
Project:
- app (server side code)
- controllers
- models
- routes
- public (client side code)
- modules
- groups
-controllers
Where do I put the method to add the current user to a certain group? My best guess is that the controller should take care of that, but is it the server or the client side controller?
I wouldn't set it on the client or trust the client. Your server side create function should ignore members completely and just push the current user onto the members array.