Integrating a covert cipher into user registration

Apologies for any lack of knowledge on this framework and its elements as I am in the process of learning through practice.

I have configured a simple application using angular-fullstack and am currently exploring some tasks that I would like guidance on. Specifically, I am interested in adding an extra form field to the user registration process to restrict sign-ups to individuals who provide a predetermined security code shared verbally. If an invalid code is entered, the new user should not be created, and possibly a message can be displayed to notify the user.

In my 

server/config/environment/index.js
file, I have introduced a new item under the secrets key which will be used to validate the code provided.

...

// Secret for session, you will want to change this and make it an environment variable
secrets: {
  session: 'myapp-secret',
  secretCode: 'my-secret' // pre-determined secret code
},

...

In the form, I have added the additional field with ng-model="secret". The form directs to the controller's register function, so I need to include the value of the new input when passing it to Auth.createUser:

$scope.register = function(form){
    ...

    if (form.$valid) {
        Auth.createUser({
            name: $scope.user.name,
            email: $scope.user.email,
            password: $scope.user.password,
            secret: $scope.secret // Field to pass to the user controller
        })
    }

    ...
}

Next, I need to implement the logic for checking the secret code within the create function of 

server/api/user/user.controller.js
.

/**
 * Creates a new user
 */
exports.create = function(req, res, next) {
  ...

  if (req.body.secret !== config.secrets.secretCode) {
     // Cancel new user creation
  };

  ...
};

My current query pertains to how I should handle this scenario within the if statement. Upon investigating the framework, it appears that perhaps I could simply redirect or return to the /signup page with an error message. However, I am uncertain about the most appropriate approach in this situation.

I have explored various angles on this matter but have yet to experience the "Eureka!" moment where I feel assured that I am approaching it correctly. Is my method unconventional?

javascriptangularjsauthenticationangular-fullstack

Answer №1

Applying the principle of SRP is guiding my approach in this situation.

There are two concerning aspects to address here. One, there is no need for a secret key to be involved in the user creation process. The secret should only be required for security measures when an actual person is creating a user. Therefore, the logic for handling the secret key should be grouped together with other actions related to actual user interaction within the controller rather than being embedded inside the Auth.create method.

The second issue that stands out is directing and handling redirects within the controller. It seems like you have acknowledged this concern and taken steps to rectify it.

It would be beneficial to have the controller handle both security checks and redirection functions, resulting in a code structure similar to the following:

// controller.js
if (key_matches)
   createUser();
else
   redirectUser()

// auth.js
exports.create = function(req) {
    create_user(req);
}

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

Tips for displaying personalized error messages from your REST API in a JavaScript client

I'm utilizing a Java REST API that has been generated using swagger. If the client is unauthorized, I am sending custom error messages in response. public Response collaborationCollabIdDelete(Integer collabId, SecurityContext securityContext, Str ...

javascriptjavarestswagger

When using ng-transclude within ng-repeat, the $transclude function is not available

In my directive, I have a list-like container that transcludes content within an ng-repeat loop. This is the template structure: <div ng-repeat='item in items'> <div ng-transclude></div> </div> Here is an example of ...

angularjsangularjs-directive

Generating SVG paths with the combination of svg.js and opentype.js

Greetings everyone! I have successfully managed to grab SVG path data using opentype.js, but I'm encountering some difficulties when trying to use that data with svg.js in order to render the path: Below is the code snippet that I am currently workin ...

javascriptsvg.js

Is there a way to add external navigation controls for the Nivo Slider using raphaeljs?

Looking to create a slideshow with interactive next and previous buttons. Utilizing NivoSlider for the smooth transitions, along with raphaelJS for dynamic button animations. The main challenge I'm facing is how to link my custom triangle element to N ...

javascriptjqueryraphaelnivo-slider

When utilizing ng-views within PhoneGap, receiving the origin is restricted due to the Access-Control-Allow-Origin policy

Having trouble getting ng-views to function properly in an Android phone app. When attempting to navigate to one of the views via a hyperlink, I encounter the error message: "Origin is not allowed by Access-Control-Allow-Origin" I have made attempts to m ...

androidangularjscordova

Display buttons when hovering with React

Seeking assistance with implementing functionality in a React application where buttons for editing and deleting display only when the mouse hovers over the corresponding row. Currently, the implemented code displays these buttons in all rows on hover. Sn ...

javascriptreactjs

Creating a React.js component and setting an initial value within it

Recently delved into the world of React.js and currently attempting to create a reusable header that can switch between two states: one for when the user is logged in, and another for when the user is not logged in. // Header.js var Header = React.createC ...

javascripthtmlreactjs

React-Beautiful-Dnd fails to function properly following a rerender of the component

Currently, I am working with React-Beautiful-Dnd and facing an issue with dragging and dropping items in a list. I expect the items to change their appearance when a user starts dragging any item - becoming more compact to fit more items on the screen. To ...

javascriptreactjsdrag-and-dropreact-beautiful-dnd

jQuery and Easy Dialog

My jQuery Model window has a form inside. Even though I have set autoOpen to false in my dialog, the fields are still visible when the page is created. All forms are contained within a div. This is what my dialog code looks like: $("#dialog-form").dial ...

javascriptjqueryjquery-uimodal-dialog

"Unexpected end of input encountered while attempting to parse JSON data using JSON.parse

The code snippet below demonstrates how to create a server that retrieves COVID-19 timeline data for the US using Node.js and Express: const express = require('express'); const app = express(); const https = require('https'); const url ...

javascriptnode.jsjsonexpress

Utilizing the same code for multiple UI-Select components within an Angular application

Is there a way to efficiently reuse code when dealing with multiple ui-select elements in an Angular app, each connected to different remote APIs to populate options? After reading about AngularJS Wrapping a ui-select in a custom directive, I was inspired ...

angularjsangularjs-directiveui-select

Issue with Ajax functionality not functioning properly in Visual Studio for Windows (Blend)

I am encountering an issue with my ajax login script. When I attempt to call the login function, nothing seems to happen... function login() { var login = new XMLHttpRequest; var e = document.getElementById("email").value; ...

javascriptphpajaxvisual-studio-2013blend

Increasing the upward motion of the matrix raining HTML canvas animation

Recently, I've been experimenting with the Matrix raining canvas animation here and I was intrigued by the idea of making it rain upwards instead of downwards. However, my attempts to achieve this using the rotate() method resulted in skewing and stre ...

javascripthtmlcanvas

The logo image dynamically switches as the user scrolls through various colored sections

Looking to create a feature that changes the logo image as users scroll through different colored sections. Specifically, switching between dark and light themes. a) How can we determine if the section the user is currently on has a dark or light theme? b ...

javascriptjquery

How to toggle between two background colors in a webpage with the click of a button using JavaScript

I need help with a unique website feature. I want to implement a button that cycles between two different background colors (white and black) as well as changes the font color from black to white, and vice versa. My goal is to create a negative version of ...

javascripthtmlcsscolorsbackground

Ways to retrieve information from every subcollection in Firestore

I am looking to retrieve information from all onsite collections https://i.sstatic.net/hnkW4.png My goal is to access data from all onsite collections. Here is the code I am using: export class FirebaseService { onsiteRef: AngularFirestoreCollection< ...

javascriptangulargoogle-cloud-firestore

Transitioning jQuery .load and the usage of sorttable.js for sorting data

My jQuery code snippet is as follows: $("#loadBtn").click(function(){ $('#div1').delay(200).slideUp('slow') .load ('page2.php #div2').hide().delay(300).slideDown('slow'); return false; ...

javascriptjqueryhtmlajaxsorttable.js

Encountering an error message while starting up a Node Express server

Hello everyone, I am currently new to webpack and attempting to run my own server using 'node server.js'. However, I encountered an issue with the following error message: $ node server.js /path/to/server.js:3 import path from 'path' ^ ...

javascriptexpressreactjswebpack

Determining the size of a custom-typed array in Typescript

Can anyone explain how to find the length of a custom typed array? For example: type TMyArray = IProduct[] interface IProduct { cost: number, name: string, weight: number } So, how can we determine the length in this case: const testArr: TMyArray ...

javascriptreactjstypescript

Prevent the appearance of horizontal scrollbars by refraining from using margin-left on a full-width element to display a static menu

On my webpage, there is a fixed menu element td on the left side that remains in place while scrolling. This fixed menu is 150px wide, while the page container spans 100% of the width. When using position:fixed, it removes the element from the normal layou ...

javascriptjqueryhtmlcsscss-position