The latest articles on Forem by Jahongir Sobirov (@jahongir2007). https://forem.com/jahongir2007 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F592564%2Ff901f5cf-c366-48d2-a110-e805b76702ae.gif https://forem.com/jahongir2007 en Jahongir Sobirov Mon, 16 Feb 2026 17:42:35 +0000 https://forem.com/jahongir2007/how-to-send-otp-codes-with-whatsapp-using-nodejs-36ap https://forem.com/jahongir2007/how-to-send-otp-codes-with-whatsapp-using-nodejs-36ap <p>For sending OTP (One-Time Password) codes to clients with WhatsApp using Node.js pretty simple! For that we need only one library which is named <code>auth-verify</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>auth-verify </code></pre> </div> <h2> Initialize <code>auth-verify</code> </h2> <p>We need to configure our WhatsApp phone number for sending OTP codes.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">AuthVerify</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">auth-verify</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">auth</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">AuthVerify</span><span class="p">();</span> <span class="c1">// configuring whatsapp</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nf">sender</span><span class="p">({</span> <span class="na">via</span><span class="p">:</span> <span class="dl">"</span><span class="s2">whatsapp</span><span class="dl">"</span><span class="p">,</span> <span class="na">phoneId</span><span class="p">:</span> <span class="dl">"</span><span class="s2">YOUR_PHONE_ID</span><span class="dl">"</span><span class="p">,</span> <span class="na">token</span><span class="p">:</span> <span class="dl">"</span><span class="s2">YOUR_WHATSAPP_TOKEN</span><span class="dl">"</span> <span class="p">});</span> </code></pre> </div> <h2> Sending OTP codes to the users </h2> <p>For sending you need to only <code>send()</code> method from <code>auth-verify</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span><span class="dl">"</span><span class="s2">RECIEVER_PHONE</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span><span class="na">text</span><span class="p">:</span> <span class="s2">`Your OTP code is </span><span class="p">${</span><span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nx">code</span><span class="p">}</span><span class="s2">`</span><span class="p">},</span> <span class="p">(</span><span class="nx">err</span><span class="p">,</span> <span class="nx">info</span><span class="p">)</span><span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if</span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">err</span><span class="p">);</span> <span class="k">else</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">info</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <h2> Verfiying the OTP code </h2> <p>For verifying it you should use <code>verify()</code> method:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nf">verify</span><span class="p">(</span><span class="dl">"</span><span class="s2">RECIEVER_PHONE</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">123456</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">err</span><span class="p">,</span> <span class="nx">success</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if</span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">err</span><span class="p">.</span><span class="nx">message</span><span class="p">);</span> <span class="k">else</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">✅ OTP verified</span><span class="dl">"</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <h2> Full codes </h2> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">AuthVerify</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">auth-verify</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">auth</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">AuthVerify</span><span class="p">();</span> <span class="c1">// configuring whatsapp</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nf">sender</span><span class="p">({</span> <span class="na">via</span><span class="p">:</span> <span class="dl">"</span><span class="s2">whatsapp</span><span class="dl">"</span><span class="p">,</span> <span class="na">phoneId</span><span class="p">:</span> <span class="dl">"</span><span class="s2">YOUR_PHONE_ID</span><span class="dl">"</span><span class="p">,</span> <span class="na">token</span><span class="p">:</span> <span class="dl">"</span><span class="s2">YOUR_WHATSAPP_TOKEN</span><span class="dl">"</span> <span class="p">});</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span><span class="dl">"</span><span class="s2">RECIEVER_PHONE</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span><span class="na">text</span><span class="p">:</span> <span class="s2">`Your OTP code is </span><span class="p">${</span><span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nx">code</span><span class="p">}</span><span class="s2">`</span><span class="p">},</span> <span class="p">(</span><span class="nx">err</span><span class="p">,</span> <span class="nx">info</span><span class="p">)</span><span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if</span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">err</span><span class="p">);</span> <span class="k">else</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">info</span><span class="p">);</span> <span class="p">});</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nf">verify</span><span class="p">(</span><span class="dl">"</span><span class="s2">RECIEVER_PHONE</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">123456</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">err</span><span class="p">,</span> <span class="nx">success</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if</span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">err</span><span class="p">.</span><span class="nx">message</span><span class="p">);</span> <span class="k">else</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">✅ OTP verified</span><span class="dl">"</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> api javascript node tutorial Jahongir Sobirov Tue, 03 Feb 2026 08:16:38 +0000 https://forem.com/jahongir2007/how-to-use-api-based-providers-for-sending-otp-in-nodejs-5h3j https://forem.com/jahongir2007/how-to-use-api-based-providers-for-sending-otp-in-nodejs-5h3j <p>For using API based providers you should have API key or API secret. And in this post I'll show you how to use <strong>Resend</strong> API provider for sending OTP codes to clients. For this we need only single library which named <code>auth-verify</code>. You can install it from NPM<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>auth-verify </code></pre> </div> <h3> Setup </h3> <p>Firt of all we should configure API provider to our app:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">AuthVerify</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">auth-verify</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">auth</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">AuthVerify</span><span class="p">();</span> <span class="c1">// configure the otp sender</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nf">sender</span><span class="p">({</span> <span class="na">via</span><span class="p">:</span> <span class="dl">'</span><span class="s1">email</span><span class="dl">'</span><span class="p">,</span> <span class="na">service</span><span class="p">:</span> <span class="dl">'</span><span class="s1">api</span><span class="dl">'</span><span class="p">,</span> <span class="na">apiService</span><span class="p">:</span> <span class="dl">'</span><span class="s1">resend</span><span class="dl">'</span><span class="p">,</span> <span class="na">apiKey</span><span class="p">:</span> <span class="dl">'</span><span class="s1">YOUR_API_KEY_HERE</span><span class="dl">'</span> <span class="p">});</span> </code></pre> </div> <blockquote> <p>You can use also <strong>Mailgun</strong>, <strong>Sendgrid</strong>. Just change the <code>apiService</code></p> </blockquote> <h3> Sending the OTP code </h3> <p>For sending OTP code to the client we'll use <code>send()</code> method.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">await</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span><span class="dl">"</span><span class="s2">johndoe@example.com</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">otpLen</span><span class="p">:</span> <span class="mi">5</span><span class="p">,</span> <span class="c1">// length of otp codes (default: 6)</span> <span class="na">subject</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Account verification</span><span class="dl">"</span><span class="p">,</span> <span class="na">text</span><span class="p">:</span> <span class="s2">`Your OTP code is </span><span class="p">${</span><span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nx">code</span><span class="p">}</span><span class="s2">`</span> <span class="p">});</span> </code></pre> </div> <h3> Verify the OTP code </h3> <p>For verifying OTP code which is provided by client we'll use <code>verify()</code> method.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">valid</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nf">verify</span><span class="p">(</span><span class="dl">"</span><span class="s2">johndoe@example.com</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">12345</span><span class="dl">"</span><span class="p">);</span> <span class="k">if</span><span class="p">(</span><span class="nx">valid</span><span class="p">)</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">User verified!</span><span class="dl">'</span><span class="p">);</span> <span class="k">else</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">Invalid code!</span><span class="dl">'</span><span class="p">);</span> </code></pre> </div> node beginners tutorial security Jahongir Sobirov Thu, 29 Jan 2026 18:16:54 +0000 https://forem.com/jahongir2007/how-to-hash-passwords-before-saving-it-on-database-in-nodejs-3kh7 https://forem.com/jahongir2007/how-to-hash-passwords-before-saving-it-on-database-in-nodejs-3kh7 <p>Hashing password plays crucial role on security of systems and networks. So in this post we'll learn how to hash passwords before saving it on database using Node.js. For this we need a authentication library named <code>auth-verify</code><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>auth-verify </code></pre> </div> <h2> Making the configuration </h2> <p>For hashing the password we should make correct configuration:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">AuthVerify</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">auth-verify</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">auth</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">AuthVerfiy</span><span class="p">({</span> <span class="na">hashAlg</span><span class="p">:</span> <span class="dl">'</span><span class="s1">pbkdf2</span><span class="dl">'</span><span class="p">,</span> <span class="c1">// or 'scrypt'</span> <span class="na">iterations</span><span class="p">:</span> <span class="mi">100000</span><span class="p">,</span> <span class="na">keyLen</span><span class="p">:</span> <span class="mi">64</span> <span class="p">});</span> </code></pre> </div> <h3> <code>🔐 hashAlg: 'pbkdf2'</code> </h3> <p>This chooses <strong>the hashing algorithm.</strong></p> <h4> <code>pbkdf2</code> </h4> <ul> <li>Stands for Password-Based Key Derivation Function 2</li> <li>Built into Node.js crypto</li> <li>Designed <em>specifically</em> for passwords</li> <li> <p>Uses:</p> <ul> <li>password</li> <li>salt</li> <li>iterations (many rounds) <ul> <li>✔️ Secure</li> </ul> </li> </ul> </li> <li><p>✔️ Battle-tested</p></li> <li><p>✔️ Slower on purpose (good against brute-force)</p></li> </ul> <h4> <code>scrypt</code> (alternative) </h4> <ul> <li>Even more memory-hard</li> <li>Stronger against GPU attacks</li> <li>Slightly heavier on the server</li> </ul> <h5> 👉 Rule of thumb: </h5> <ul> <li> <code>pbkdf2</code> → safe, standard, widely used</li> <li> <code>scrypt</code> → stronger, modern, more expensive</li> </ul> <h3> 🔁 <code>iterations: 100000</code> </h3> <p>This is how many times the hash function runs.<br> Think of it like this:</p> <blockquote> <p>Instead of hashing once, hash 100,000 times</p> </blockquote> <p>Why?</p> <ul> <li>Makes attacks <strong>VERY slow</strong> </li> <li>If an attacker tries millions of passwords → 💀 CPU melts Example:</li> <li>1 iteration → ⚠️ weak</li> <li>10,000 → okay</li> <li><p>100,000 → good (production-level)</p></li> <li><p>✔️ More iterations = more security</p></li> <li><p>❌ Too many = slower login</p></li> </ul> <p>👉 100_000 is a great balance</p> <h3> 🔑 <code>keyLen: 64</code> </h3> <p>This is the length of the final hash (in bytes).</p> <ul> <li> <code>64 bytes</code> = 512 bits</li> <li>Longer hash = harder to crack</li> <li>Stored in DB as hex/base64</li> </ul> <p>Example:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>password → pbkdf2 → 64-byte hash </code></pre> </div> <ul> <li>✔️ 32 bytes → ok</li> <li>✔️ 64 bytes → strong</li> </ul> <h2> Hashing the password </h2> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">auth</span><span class="p">.</span><span class="nx">crypto</span><span class="p">.</span><span class="nf">hash</span><span class="p">(</span><span class="dl">"</span><span class="s2">myPassword123</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">err</span><span class="p">,</span> <span class="nx">result</span><span class="p">)</span><span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if</span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">err</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <h2> Verifying the password </h2> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">auth</span><span class="p">.</span><span class="nx">crypto</span><span class="p">.</span><span class="nf">verify</span><span class="p">(</span><span class="dl">"</span><span class="s2">secret123</span><span class="dl">"</span><span class="p">,</span> <span class="nx">result</span><span class="p">,</span> <span class="p">(</span><span class="nx">err</span><span class="p">,</span> <span class="nx">valid</span><span class="p">)</span><span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if</span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">err</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">valid</span><span class="p">)</span> <span class="c1">// true</span> <span class="p">});</span> </code></pre> </div> <h2> Full example </h2> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">AuthVerify</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">auth-verify</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">auth</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">AuthVerfiy</span><span class="p">({</span> <span class="na">hashAlg</span><span class="p">:</span> <span class="dl">'</span><span class="s1">pbkdf2</span><span class="dl">'</span><span class="p">,</span> <span class="c1">// or 'scrypt'</span> <span class="na">iterations</span><span class="p">:</span> <span class="mi">100000</span><span class="p">,</span> <span class="na">keyLen</span><span class="p">:</span> <span class="mi">64</span> <span class="p">});</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">crypto</span><span class="p">.</span><span class="nf">hash</span><span class="p">(</span><span class="dl">"</span><span class="s2">myPassword123</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">err</span><span class="p">,</span> <span class="nx">result</span><span class="p">)</span><span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if</span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">err</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">);</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">crypto</span><span class="p">.</span><span class="nf">verify</span><span class="p">(</span><span class="dl">"</span><span class="s2">secret123</span><span class="dl">"</span><span class="p">,</span> <span class="nx">result</span><span class="p">,</span> <span class="p">(</span><span class="nx">err</span><span class="p">,</span> <span class="nx">valid</span><span class="p">)</span><span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if</span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">err</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">valid</span><span class="p">)</span> <span class="c1">// false</span> <span class="p">});</span> <span class="p">});</span> </code></pre> </div> node security beginners tutorial Jahongir Sobirov Thu, 22 Jan 2026 09:25:17 +0000 https://forem.com/jahongir2007/how-to-add-github-oauth-login-in-nodejs-step-by-step-2h9l https://forem.com/jahongir2007/how-to-add-github-oauth-login-in-nodejs-step-by-step-2h9l <p>If you’re building a Node.js app and want users to sign in with <strong>GitHub</strong>, the <strong>auth-verify</strong> library makes it simple. It provides built-in helpers for OAuth (including GitHub) alongside features like JWT, OTP, and session management.</p> <h2> 🧠 What You’ll Build </h2> <p>A login flow where:</p> <ol> <li>Users click “Sign in with GitHub”</li> <li>They’re redirected to GitHub to authorize</li> <li>GitHub sends back a code</li> <li>Your server uses that code to obtain user info</li> </ol> <p>The result: a logged-in user session inside your app.</p> <h2> 🛠️ Step 1 — Prep Your GitHub OAuth App </h2> <p>Before code, register your app with GitHub:</p> <ol> <li>Go to <strong>GitHub Developer Settings</strong> → <strong>OAuth Apps</strong> </li> <li>Create a new OAuth app</li> <li>Set the <strong>Callback URL</strong> (example: <code>http://localhost:3000/auth/github/callback</code>)</li> <li>Copy your <strong>Client ID</strong> and <strong>Client Secret</strong> This is standard GitHub OAuth setup using the <em>authorization code flow</em>.</li> </ol> <h2> 📦 Step 2 — Install Dependencies </h2> <p>In your project folder:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>auth-verify express </code></pre> </div> <p>This gives you the core auth-verify library plus Express for routing.</p> <h2> 💻 Step 3 — Basic Server Setup </h2> <p>Create <code>server.js</code> (or similar) with an Express app:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">AuthVerify</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">auth-verify</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="c1">// ⚡ initialize auth-verify</span> <span class="kd">const</span> <span class="nx">auth</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">AuthVerify</span><span class="p">({</span> <span class="na">storeTokens</span><span class="p">:</span> <span class="dl">"</span><span class="s2">memory</span><span class="dl">"</span> <span class="p">});</span> <span class="c1">// configure GitHub OAuth handler</span> <span class="kd">const</span> <span class="nx">github</span> <span class="o">=</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">oauth</span><span class="p">.</span><span class="nf">github</span><span class="p">({</span> <span class="na">clientId</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">GITHUB_CLIENT_ID</span><span class="p">,</span> <span class="na">clientSecret</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">GITHUB_CLIENT_SECRET</span><span class="p">,</span> <span class="na">redirectUri</span><span class="p">:</span> <span class="dl">"</span><span class="s2">http://localhost:3000/auth/github/callback</span><span class="dl">"</span> <span class="p">});</span> <span class="c1">// redirect user to GitHub OAuth page</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/auth/github</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">github</span><span class="p">.</span><span class="nf">redirect</span><span class="p">(</span><span class="nx">res</span><span class="p">);</span> <span class="p">});</span> <span class="c1">// handle callback from GitHub</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/auth/github/callback</span><span class="dl">"</span><span class="p">,</span> <span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">userData</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">github</span><span class="p">.</span><span class="nf">callback</span><span class="p">(</span><span class="nx">req</span><span class="p">);</span> <span class="c1">// Here you have GitHub profile + tokens</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">GitHub User:</span><span class="dl">"</span><span class="p">,</span> <span class="nx">userData</span><span class="p">);</span> <span class="c1">// do your own login logic (session/cookie/JWT)</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">success</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">user</span><span class="p">:</span> <span class="nx">userData</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">"</span><span class="s2">GitHub OAuth error</span><span class="dl">"</span><span class="p">,</span> <span class="nx">err</span><span class="p">);</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">500</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">error</span><span class="p">:</span> <span class="dl">"</span><span class="s2">OAuth failed</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="p">});</span> <span class="c1">// start server</span> <span class="nx">app</span><span class="p">.</span><span class="nf">listen</span><span class="p">(</span><span class="mi">3000</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">Server listening on http://localhost:3000</span><span class="dl">"</span><span class="p">)</span> <span class="p">);</span> </code></pre> </div> <ul> <li>✔️ <code>github.redirect(res)</code> sends the user to GitHub’s authorization page</li> <li>✔️ <code>github.callback(req)</code> retrieves access token + user details</li> </ul> <blockquote> <p>Note: auth-verify abstracts away the GitHub token exchange and user fetch for you — this simplifies the manual POST to GitHub’s <code>/login/oauth/access_token</code> endpoint.</p> </blockquote> <h2> 🔐 Step 4 — Session or JWT </h2> <p>Once you have the GitHub user data:</p> <ul> <li>Create a session</li> <li>Issue a JWT</li> <li>Save user data in DB</li> </ul> <p>Example (simplified JWT):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">jwtToken</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">jwt</span><span class="p">.</span><span class="nf">sign</span><span class="p">({</span> <span class="na">id</span><span class="p">:</span> <span class="nx">userData</span><span class="p">.</span><span class="nx">id</span> <span class="p">},</span> <span class="dl">"</span><span class="s2">1h</span><span class="dl">"</span><span class="p">);</span> <span class="nx">res</span><span class="p">.</span><span class="nf">cookie</span><span class="p">(</span><span class="dl">"</span><span class="s2">token</span><span class="dl">"</span><span class="p">,</span> <span class="nx">jwtToken</span><span class="p">);</span> </code></pre> </div> <p>Now your app can use the token to protect routes.</p> <h2> ✨ Final Notes </h2> <h3> 🎯 Scopes </h3> <p>When redirecting, you can request additional scopes — e.g., <code>user:email</code>, <code>repo</code>. Just configure that in GitHub app setup or pass to the redirect function.</p> <h3> 🛡 Security </h3> <p>Use secure cookies, CSRF checks, state parameters, and HTTPS in production.</p> <h3> 📌 auth-verify Advantage </h3> <p>Instead of wiring manual OAuth flows, <em>auth-verify</em> gives you a unified API for different providers (Google, Facebook, GitHub…), JWT, OTP, and session handling.</p> <h2> 💬 In Summary </h2> <ul> <li>✅ Register your GitHub OAuth app</li> <li>✅ Install and configure <code>auth-verify</code> </li> <li>✅ Create Express routes for redirect + callback</li> <li>✅ Generate your tokens/sessions after successful login</li> </ul> webdev javascript node beginners Jahongir Sobirov Fri, 16 Jan 2026 13:56:14 +0000 https://forem.com/jahongir2007/how-to-create-otp-flow-system-on-nodejs-step-by-step-mcg https://forem.com/jahongir2007/how-to-create-otp-flow-system-on-nodejs-step-by-step-mcg <p>One-Time Passwords (OTP) are everywhere — login verification, sign-up confirmation, 2FA, password resets, etc. In this tutorial, we’ll build a simple and secure OTP authentication flow in Node.js using the <code>auth-verify</code> library.</p> <p>The <code>auth-verify</code> package helps you generate, send, and verify OTP codes quickly, and supports multiple delivery methods like email, SMS, Telegram, etc. It also includes useful features like cooldowns and JWT integration.</p> <h2> 🚀 What You’ll Build </h2> <p>✔ Endpoint to <strong>request/send OTP</strong><br> ✔ Endpoint to <strong>verify OTP</strong><br> ✔ Basic user model (memory/DB)<br> ✔ Configurable sender (Email/SMS)</p> <h2> 📦 Step 1 — Install &amp; Set Up </h2> <p>First create a new Node.js project and install dependencies:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">mkdir </span>auth-verify-otp <span class="nb">cd </span>auth-verify-otp npm init ­-y npm <span class="nb">install </span>express auth-verify dotenv </code></pre> </div> <p>Create a <code>.env</code> file to store sensitive config:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight ini"><code><span class="py">PORT</span><span class="p">=</span><span class="s">3000</span> <span class="py">EMAIL_HOST</span><span class="p">=</span><span class="s">smtp.gmail.com</span> <span class="py">EMAIL_USER</span><span class="p">=</span><span class="s">me@example.com</span> <span class="py">EMAIL_PASS</span><span class="p">=</span><span class="s">yourEmailPassword</span> <span class="py">EMAIL_PORT</span><span class="p">=</span><span class="s">yourEmailPort</span> </code></pre> </div> <blockquote> <p>🧠 Tip: For Gmail, generate an App Password (recommended instead of real password).</p> </blockquote> <h2> 📧 Step 2 — Configure OTP Sender </h2> <p>Inside <code>index.js</code> set up <code>auth-verify</code> and configure a sender (e.g., email). The OTP manager automatically handles generation, storage, cooldowns, expiration, and more.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">dotenv</span><span class="dl">'</span><span class="p">).</span><span class="nf">config</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">express</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">AuthVerify</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">auth-verify</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">json</span><span class="p">());</span> <span class="c1">// Initialize auth-verify</span> <span class="kd">const</span> <span class="nx">auth</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">AuthVerify</span><span class="p">();</span> <span class="c1">// Configure email sender</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nf">sender</span><span class="p">({</span> <span class="na">via</span><span class="p">:</span> <span class="dl">'</span><span class="s1">email</span><span class="dl">'</span><span class="p">,</span> <span class="na">host</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">EMAIL_HOST</span><span class="p">,</span> <span class="na">sender</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">EMAIL_USER</span><span class="p">,</span> <span class="na">pass</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">EMAIL_PASS</span><span class="p">,</span> <span class="na">port</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">EMAIL_PORT</span> <span class="p">});</span> </code></pre> </div> <h2> 📮 Step 3 — OTP Request Route </h2> <p>When a user hits <code>/send-otp</code>, generate an OTP and send it by email.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">app</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">'</span><span class="s1">/send-otp</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">email</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="k">await</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span><span class="nx">email</span><span class="p">,</span> <span class="p">{</span> <span class="na">otpLen</span><span class="p">:</span> <span class="mi">5</span><span class="p">,</span> <span class="c1">// length of OTP code</span> <span class="na">subject</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Account verification</span><span class="dl">"</span><span class="p">,</span> <span class="na">text</span><span class="p">:</span> <span class="s2">`Your OTP code is </span><span class="p">${</span><span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nx">code</span><span class="p">}</span><span class="s2">`</span> <span class="p">})</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">OTP sent!</span><span class="dl">'</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">err</span><span class="p">);</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">500</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">error</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Failed to send OTP</span><span class="dl">'</span> <span class="p">});</span> <span class="p">}</span> <span class="p">});</span> </code></pre> </div> <blockquote> <p><code>auth.otp.code</code> is generated code for showing to user</p> </blockquote> <h2> 🔍 Step 4 — OTP Verification </h2> <p>Create a route to verify the OTP the user enters:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">app</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">'</span><span class="s1">/verify-otp</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">code</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">isValid</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nf">verify</span><span class="p">(</span><span class="nx">email</span><span class="p">,</span> <span class="nx">code</span><span class="p">)</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">isValid</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">400</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">verified</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Invalid or expired OTP</span><span class="dl">'</span> <span class="p">});</span> <span class="p">}</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">verified</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">OTP verified successfully!</span><span class="dl">'</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">500</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">error</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Verification error</span><span class="dl">'</span> <span class="p">});</span> <span class="p">}</span> <span class="p">});</span> </code></pre> </div> <blockquote> <p><code>verify()</code> returns <code>true/false</code> so you can easily branch logic.</p> </blockquote> <h2> 🔄 Step 5 — Optional: Cooldown &amp; Resend Logic </h2> <p>To prevent spam and brute-forcing, <code>auth-verify</code> supports cooldowns: after sending an OTP, the user must wait a bit before requesting again.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nf">cooldown</span><span class="p">(</span><span class="dl">"</span><span class="s2">30s</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// cooldown before OTP can be resent</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">otp</span><span class="p">.</span><span class="nf">resend</span><span class="p">(</span><span class="dl">"</span><span class="s2">user@example.com</span><span class="dl">"</span><span class="p">)</span> </code></pre> </div> <p>The cooldown logic prevents rapid repeated OTP sends (important for both UX and security).</p> <h2> 🧠 What Happened Behind the Scenes </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Step</th> <th>What it Does</th> </tr> </thead> <tbody> <tr> <td>OTP Generation</td> <td>Creates a secure, random numeric code</td> </tr> <tr> <td>Setter</td> <td>Binds OTP to an identifier (email/phone)</td> </tr> <tr> <td>Sender</td> <td>Delivers code via email/SMS</td> </tr> <tr> <td>Verifier</td> <td>Checks submitted code against stored one</td> </tr> <tr> <td>Cooldown</td> <td>Prevents spam &amp; brute force</td> </tr> </tbody> </table></div> <p>All this heavy lifting comes built-in with <code>auth-verify</code>, so you don’t have to manually generate tokens, manage expiration, or build cooldown logic yourself.</p> <h2> 🏁 Final Thoughts </h2> <p>Building an OTP system from scratch involves a few moving parts — generating tokens, sending them securely, storing/expiring codes, and verifying them. Libraries like <code>auth-verify</code> simplify this process, letting you focus on product logic rather than boilerplate.</p> <p>Now your signup and login flows can support secure OTP validation in just a handful of routes!</p> javascript node security tutorial Jahongir Sobirov Wed, 14 Jan 2026 16:49:39 +0000 https://forem.com/jahongir2007/how-to-use-jwt-for-authentication-on-nodejs-510a https://forem.com/jahongir2007/how-to-use-jwt-for-authentication-on-nodejs-510a <p>Authentication is one of the most important parts of any modern web application.<br> One of the most popular solutions today is <strong>JWT (JSON Web Token)</strong>.</p> <h2> 🤔 What is JWT? </h2> <p><strong>JWT (JSON Web Token)</strong> is a compact, URL-safe token used to securely transmit information between parties.</p> <p>A JWT looks like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9... </code></pre> </div> <p>It consists of three parts:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>HEADER.PAYLOAD.SIGNATURE </code></pre> </div> <h2> 🧩 JWT Structure </h2> <h3> 1️⃣ Header </h3> <p>Contains token type and signing algorithm.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"alg"</span><span class="p">:</span><span class="w"> </span><span class="s2">"HS256"</span><span class="p">,</span><span class="w"> </span><span class="nl">"typ"</span><span class="p">:</span><span class="w"> </span><span class="s2">"JWT"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> 2️⃣ Payload </h3> <p>Contains user data (claims).<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"id"</span><span class="p">:</span><span class="w"> </span><span class="mi">42</span><span class="p">,</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="w"> </span><span class="s2">"user@example.com"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>⚠️ <strong>Never store passwords or sensitive data in payload</strong></p> <h3> 3️⃣ Signature </h3> <p>Used to verify the token wasn’t modified.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nc">HMACSHA256</span><span class="p">(</span><span class="nx">base64UrlHeader</span> <span class="o">+</span> <span class="dl">"</span><span class="s2">.</span><span class="dl">"</span> <span class="o">+</span> <span class="nx">base64UrlPayload</span><span class="p">,</span> <span class="nx">secret</span><span class="p">)</span> </code></pre> </div> <h2> 🔄 How JWT Authentication Works </h2> <ol> <li>User logs in with email &amp; password</li> <li>Server verifies credentials</li> <li>Server generates a JWT</li> <li>Client stores JWT (usually in memory or cookie)</li> <li>Client sends JWT in Authorization header</li> <li>Server verifies JWT on every request</li> </ol> <h2> 🛠️ Implementing JWT Auth in Node.js (Express) </h2> <h3> 📦 Install Dependencies </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>express auth-verify </code></pre> </div> <h3> 🔑 Generate (signing) JWT on Login </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">AuthVerify</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">auth-verify</span><span class="dl">'</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">auth</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">AuthVerify</span><span class="p">({</span> <span class="na">jwtSecret</span><span class="p">:</span> <span class="dl">"</span><span class="s2">SUPER_SECRET</span><span class="dl">"</span> <span class="c1">// setting secret for jwt</span> <span class="p">})</span> <span class="c1">// Generating jwt</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">jwt</span><span class="p">.</span><span class="nf">sign</span><span class="p">({</span><span class="na">userId</span><span class="p">:</span> <span class="mi">1</span><span class="p">,</span> <span class="na">user</span><span class="p">:</span> <span class="dl">"</span><span class="s2">John Doe</span><span class="dl">"</span><span class="p">},</span> <span class="dl">"</span><span class="s2">1h</span><span class="dl">"</span><span class="p">)</span> <span class="c1">// 1h expiration time of jwt</span> </code></pre> </div> <h3> 🔐 Login Route Example </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">express</span><span class="dl">'</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">()</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">json</span><span class="p">())</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">urlencoded</span><span class="p">({</span> <span class="na">extended</span><span class="p">:</span> <span class="kc">true</span> <span class="p">}))</span> <span class="kd">const</span> <span class="nx">AuthVerify</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">auth-verify</span><span class="dl">'</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">auth</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">AuthVerify</span><span class="p">({</span> <span class="na">jwtSecret</span><span class="p">:</span> <span class="dl">"</span><span class="s2">SUPER_SECRET</span><span class="dl">"</span> <span class="p">})</span> <span class="nx">app</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">'</span><span class="s1">/login</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span><span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">password</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">findUserByEmail</span><span class="p">(</span><span class="nx">email</span><span class="p">)</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">user</span><span class="p">)</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">401</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Invalid credentials</span><span class="dl">'</span> <span class="p">})</span> <span class="kd">const</span> <span class="nx">isValid</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">crypto</span><span class="p">.</span><span class="nf">verify</span><span class="p">(</span><span class="nx">password</span><span class="p">,</span> <span class="nx">user</span><span class="p">.</span><span class="nx">password</span><span class="p">)</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">isValid</span><span class="p">)</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">401</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Invalid credentials</span><span class="dl">'</span> <span class="p">})</span> <span class="kd">const</span> <span class="nx">token</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">jwt</span><span class="p">.</span><span class="nf">sign</span><span class="p">({</span><span class="na">userId</span><span class="p">:</span> <span class="mi">1</span><span class="p">,</span> <span class="na">user</span><span class="p">:</span> <span class="dl">"</span><span class="s2">John Doe</span><span class="dl">"</span><span class="p">},</span> <span class="dl">"</span><span class="s2">1h</span><span class="dl">"</span><span class="p">)</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="nx">token</span> <span class="p">})</span> <span class="p">})</span> <span class="nx">app</span><span class="p">.</span><span class="nf">listen</span><span class="p">(</span><span class="mi">3000</span><span class="p">,</span> <span class="p">()</span><span class="o">=&gt;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">App is running...</span><span class="dl">'</span><span class="p">))</span> </code></pre> </div> <h3> 🧱 Protecting Routes with JWT Middleware </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">auth</span><span class="p">.</span><span class="nx">jwt</span><span class="p">.</span><span class="nf">protect</span><span class="p">()</span> </code></pre> </div> <h3> 🔒 Protected Route Example </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/profile</span><span class="dl">'</span><span class="p">,</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">jwt</span><span class="p">.</span><span class="nf">protect</span><span class="p">(),</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span><span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Welcome!</span><span class="dl">'</span><span class="p">,</span> <span class="na">user</span><span class="p">:</span> <span class="nx">req</span><span class="p">.</span><span class="nx">user</span> <span class="p">})</span> <span class="p">})</span> </code></pre> </div> <h3> 📤 Sending JWT from Client </h3> <div class="highlight js-code-highlight"> <pre class="highlight http"><code><span class="err">Authorization: Bearer YOUR_JWT_TOKEN </span></code></pre> </div> <h3> ⚠️ Common JWT Mistakes </h3> <ul> <li>❌ Storing JWT in localStorage (XSS risk)</li> <li>❌ Putting sensitive data inside payload</li> <li>❌ No token expiration</li> <li><p>❌ Using weak secrets</p></li> <li><p>✅ Use HTTP-only cookies if possible</p></li> <li><p>✅ Always set expiresIn</p></li> <li><p>✅ Rotate secrets in production</p></li> </ul> <h3> 🧠 When Should You Use JWT? </h3> <p>JWT is great when:</p> <ul> <li>You have stateless APIs</li> <li>You use microservices</li> <li>You need mobile or SPA authentication</li> </ul> <p>JWT is not ideal when:</p> <ul> <li>You need instant logout everywhere</li> <li>You need heavy session control</li> </ul> <h3> 🏁 Conclusion </h3> <p>JWT provides a simple, scalable, and stateless way to handle authentication.<br> When used correctly, it’s powerful and secure.</p> <p>If you’re building APIs, SPAs, or mobile apps — JWT is worth mastering.</p> javascript node authentication backend Jahongir Sobirov Tue, 13 Jan 2026 18:01:39 +0000 https://forem.com/jahongir2007/how-to-create-password-back-up-system-on-nodejs-2095 https://forem.com/jahongir2007/how-to-create-password-back-up-system-on-nodejs-2095 <p>Passwords can be forgotten, and forcing users to reset via email every time is annoying. With magic links, we can provide a secure and seamless password backup system. In this tutorial, I’ll show how to implement it in Node.js using the auth-verify library. </p> <h3> Install dependecies </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>auth-verify express </code></pre> </div> <ul> <li> <strong>auth-verify</strong>: To handle magic links</li> <li> <strong>express</strong>: To create server routes.</li> </ul> <h3> Setup <code>auth-verify</code> </h3> <p>Initialize in your <code>server.js</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">express</span><span class="dl">'</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">()</span> <span class="kd">const</span> <span class="nx">AuthVerify</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">auth-verify</span><span class="dl">'</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">auth</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">AuthVerify</span><span class="p">({</span> <span class="na">mlSecret</span><span class="p">:</span> <span class="dl">'</span><span class="s1">super_secret_key</span><span class="dl">'</span><span class="p">,</span> <span class="c1">// making secret for magic links</span> <span class="na">mlExpiry</span><span class="p">:</span> <span class="dl">'</span><span class="s1">5m</span><span class="dl">'</span><span class="p">,</span> <span class="c1">// magic links expiration time</span> <span class="na">appUrl</span><span class="p">:</span> <span class="dl">'</span><span class="s1">http://localhost:3000</span><span class="dl">'</span><span class="p">,</span> <span class="c1">// URL of running app</span> <span class="na">storeTokens</span><span class="p">:</span> <span class="dl">'</span><span class="s1">memory</span><span class="dl">'</span> <span class="c1">// Storing magic links on 'memory' or 'redis'</span> <span class="p">})</span> <span class="c1">// Configuring magic link sender</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">magic</span><span class="p">.</span><span class="nf">sender</span><span class="p">({</span> <span class="na">service</span><span class="p">:</span> <span class="dl">'</span><span class="s1">gmail</span><span class="dl">'</span><span class="p">,</span> <span class="na">sender</span><span class="p">:</span> <span class="dl">'</span><span class="s1">yourapp@gmail.com</span><span class="dl">'</span><span class="p">,</span> <span class="na">pass</span><span class="p">:</span> <span class="dl">'</span><span class="s1">your_gmail_app_password</span><span class="dl">'</span> <span class="p">})</span> </code></pre> </div> <h3> Create Magic Link Endpoint </h3> <p>When a user forgets their password, we send a magic link to their email.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">app</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">'</span><span class="s1">/send-magic-link</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span><span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">email</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">magic</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span><span class="nx">email</span><span class="p">,</span> <span class="p">{</span> <span class="na">subject</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Your Reset password Link ✨</span><span class="dl">'</span><span class="p">,</span> <span class="na">html</span><span class="p">:</span> <span class="s2">`&lt;p&gt;Click below to sign in:&lt;/p&gt; &lt;a href="{{link}}"&gt;Login Now&lt;/a&gt;`</span> <span class="c1">// {{link}} automatically changes to link like localhost:3000/auth/verify?token=GENERATED_TOKEN</span> <span class="p">})</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">success</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Magic link sent!</span><span class="dl">'</span><span class="p">,</span> <span class="nx">result</span> <span class="p">})</span> <span class="p">}</span><span class="k">catch</span><span class="p">(</span><span class="nx">err</span><span class="p">){</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">500</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">success</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Failed to send magic link</span><span class="dl">'</span> <span class="p">})</span> <span class="p">}</span> <span class="p">})</span> </code></pre> </div> <h3> Create Verification end point </h3> <p>When user clicks the link that sent to his/her email token will be verified<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/auth/verify</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">token</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">query</span><span class="p">;</span> <span class="c1">// getting token by link</span> <span class="k">try</span> <span class="p">{</span> <span class="k">await</span> <span class="nx">auth</span><span class="p">.</span><span class="nx">magic</span><span class="p">.</span><span class="nf">verify</span><span class="p">(</span><span class="nx">token</span><span class="p">)</span> <span class="nx">res</span><span class="p">.</span><span class="nf">send</span><span class="p">(</span><span class="s2">` &lt;form method="POST" action="/reset-password"&gt; &lt;input name="newpassword" type="password"&gt; &lt;button type="submit"&gt;Set new password&lt;/button&gt; &lt;/form&gt; `</span><span class="p">)</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">400</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">success</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="nx">err</span><span class="p">.</span><span class="nx">message</span> <span class="p">})</span> <span class="p">}</span> <span class="p">})</span> </code></pre> </div> <h3> Set the new password </h3> <p>At this endpoint new password will be set by user<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">app</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">'</span><span class="s1">/reset-password</span><span class="dl">'</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span><span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">newpassword</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span> <span class="c1">// getting new password of user</span> <span class="c1">// And new password will be set in here...</span> <span class="p">})</span> </code></pre> </div> <h3> Conclusion: </h3> <p>With <strong>magic links</strong>, users can reset their passwords without remembering old ones. Using <code>auth-verify</code> makes this setup secure and easy. You now have a simple Node.js password backup system that’s user-friendly and secure.</p> node express tutorial beginners Jahongir Sobirov Thu, 01 Jan 2026 12:25:08 +0000 https://forem.com/jahongir2007/how-to-create-reactive-web-page-with-jquery-7la https://forem.com/jahongir2007/how-to-create-reactive-web-page-with-jquery-7la <p>Modern web apps feel “alive” because the UI updates automatically when data changes.<br> This is called <strong>reactivity</strong>.<br> Most people think you <em>need</em> frameworks like React or Vue for this — but you don’t.</p> <h2> What Is Reactivity? </h2> <p>Reactivity means:</p> <blockquote> <p><strong>When state changes → the UI updates automatically</strong></p> </blockquote> <p>Example:</p> <ul> <li>User types text → preview updates</li> <li>Counter increases → number on screen changes</li> <li>Checkbox toggles → text appears/disappears</li> </ul> <p>No manual DOM updates everywhere.</p> <h3> Step 1: Basic HTML </h3> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="cp">&lt;!DOCTYPE html&gt;</span> <span class="nt">&lt;html&gt;</span> <span class="nt">&lt;head&gt;</span> <span class="nt">&lt;title&gt;</span>Reactive Page<span class="nt">&lt;/title&gt;</span> <span class="nt">&lt;script </span><span class="na">src=</span><span class="s">"https://code.jquery.com/jquery-3.7.1.min.js"</span><span class="nt">&gt;&lt;/script&gt;</span> <span class="nt">&lt;script </span><span class="na">src=</span><span class="s">'https://signel.onrender.com/signel.js'</span><span class="nt">&gt;&lt;/script&gt;</span> <span class="nt">&lt;/head&gt;</span> <span class="nt">&lt;body&gt;</span> <span class="nt">&lt;h2&gt;</span>Live Preview<span class="nt">&lt;/h2&gt;</span> <span class="nt">&lt;input</span> <span class="na">id=</span><span class="s">"live"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;p&gt;</span>Preview: <span class="nt">&lt;span</span> <span class="na">id=</span><span class="s">"preview"</span><span class="nt">&gt;&lt;/span&gt;&lt;/p&gt;</span> <span class="nt">&lt;script </span><span class="na">src=</span><span class="s">"app.js"</span><span class="nt">&gt;&lt;/script&gt;</span> <span class="nt">&lt;/body&gt;</span> <span class="nt">&lt;/html&gt;</span> </code></pre> </div> <h3> Step 2: Create Reactive State </h3> <p>In <code>app.js</code>, we'll create <strong>reactive state</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// making reactive state</span> <span class="kd">const</span> <span class="nx">live</span> <span class="o">=</span> <span class="nf">state</span><span class="p">({</span> <span class="na">text</span><span class="p">:</span> <span class="dl">''</span> <span class="p">});</span> </code></pre> </div> <p>So we create state for watching and making react when that state changes<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// jQuery event → update Signel state</span> <span class="nf">$</span><span class="p">(</span><span class="dl">'</span><span class="s1">#live</span><span class="dl">'</span><span class="p">).</span><span class="nf">on</span><span class="p">(</span><span class="dl">'</span><span class="s1">input</span><span class="dl">'</span><span class="p">,</span> <span class="nf">function </span><span class="p">()</span> <span class="p">{</span> <span class="nx">live</span><span class="p">.</span><span class="nx">text</span> <span class="o">=</span> <span class="nf">$</span><span class="p">(</span><span class="k">this</span><span class="p">).</span><span class="nf">val</span><span class="p">()</span> <span class="p">})</span> </code></pre> </div> <p>When user types state will automatically change<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// Signel render → update DOM using jQuery</span> <span class="nf">render</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nf">$</span><span class="p">(</span><span class="dl">'</span><span class="s1">#preview</span><span class="dl">'</span><span class="p">).</span><span class="nf">text</span><span class="p">(</span><span class="nx">live</span><span class="p">.</span><span class="nx">text</span><span class="p">)</span> <span class="p">})</span> </code></pre> </div> <p>And finally updated state will be displayed in DOM</p> <h3> Full codes of <code>app.js</code>: </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">live</span> <span class="o">=</span> <span class="nf">state</span><span class="p">({</span> <span class="na">text</span><span class="p">:</span> <span class="dl">''</span> <span class="p">})</span> <span class="c1">// jQuery event → update Signel state</span> <span class="nf">$</span><span class="p">(</span><span class="dl">'</span><span class="s1">#live</span><span class="dl">'</span><span class="p">).</span><span class="nf">on</span><span class="p">(</span><span class="dl">'</span><span class="s1">input</span><span class="dl">'</span><span class="p">,</span> <span class="nf">function </span><span class="p">()</span> <span class="p">{</span> <span class="nx">live</span><span class="p">.</span><span class="nx">text</span> <span class="o">=</span> <span class="nf">$</span><span class="p">(</span><span class="k">this</span><span class="p">).</span><span class="nf">val</span><span class="p">()</span> <span class="p">})</span> <span class="c1">// Signel render → update DOM using jQuery</span> <span class="nf">render</span><span class="p">(()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nf">$</span><span class="p">(</span><span class="dl">'</span><span class="s1">#preview</span><span class="dl">'</span><span class="p">).</span><span class="nf">text</span><span class="p">(</span><span class="nx">live</span><span class="p">.</span><span class="nx">text</span><span class="p">)</span> <span class="p">})</span> </code></pre> </div> <h4> <a href="https://jsfiddle.net/jahongirsobirov/9r8knaL5/12/" rel="noopener noreferrer">Live demo</a> </h4> frontend ui tutorial javascript Jahongir Sobirov Wed, 24 Dec 2025 16:05:27 +0000 https://forem.com/jahongir2007/i-built-a-tiny-reactive-js-library-and-discovered-why-v-model-exists-1gg2 https://forem.com/jahongir2007/i-built-a-tiny-reactive-js-library-and-discovered-why-v-model-exists-1gg2 <h3> I Built a Tiny Reactive JS Library — and Rediscovered Why <code>v-model</code> Exists </h3> <p>When you use frameworks like Vue or React, a lot of things “just work”.<br> Recently, I tried to build <strong>a tiny reactive JavaScript library</strong> called <strong>Signel.js</strong>, and I learned why those things exist — the hard way.</p> <p><strong>Why I built it</strong></p> <p>I wanted to understand reactivity better, so I built a small library using:</p> <ul> <li> <code>Proxy</code> for state</li> <li>simple template interpolation (<code>$$value</code>)</li> <li>manual DOM bindings</li> </ul> <p>No virtual DOM. No JSX. Just raw JavaScript.</p> <h3> The demo: currency converter </h3> <p>I built a small USD → UZS currency converter using a free exchange-rate API.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">let</span> <span class="nx">state</span> <span class="o">=</span> <span class="nf">el</span><span class="p">(</span><span class="dl">"</span><span class="s2">.exchange</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">usdAmount</span><span class="p">:</span> <span class="dl">""</span><span class="p">,</span> <span class="na">uzsAmount</span><span class="p">:</span> <span class="dl">""</span> <span class="p">});</span> </code></pre> </div> <p>I bound the inputs like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">#usd</span><span class="dl">"</span><span class="p">,</span> <span class="nx">state</span><span class="p">,</span> <span class="dl">"</span><span class="s2">usdAmount</span><span class="dl">"</span><span class="p">);</span> <span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">#uzs</span><span class="dl">"</span><span class="p">,</span> <span class="nx">state</span><span class="p">,</span> <span class="dl">"</span><span class="s2">uzsAmount</span><span class="dl">"</span><span class="p">);</span> </code></pre> </div> <p>And watched the USD value:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nf">watch</span><span class="p">(</span><span class="nx">state</span><span class="p">,</span> <span class="dl">"</span><span class="s2">usdAmount</span><span class="dl">"</span><span class="p">,</span> <span class="k">async</span> <span class="nx">value</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">res</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">fetch</span><span class="p">(</span> <span class="dl">"</span><span class="s2">https://hexarate.paikama.co/api/rates/USD/UZS/latest</span><span class="dl">"</span> <span class="p">);</span> <span class="kd">const</span> <span class="nx">data</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">();</span> <span class="nx">state</span><span class="p">.</span><span class="nx">uzsAmount</span> <span class="o">=</span> <span class="p">(</span><span class="nx">value</span> <span class="o">*</span> <span class="nx">data</span><span class="p">.</span><span class="nx">data</span><span class="p">.</span><span class="nx">mid</span><span class="p">).</span><span class="nf">toFixed</span><span class="p">(</span><span class="mi">2</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <h3> The bug that confused me </h3> <p>Here’s what happened:</p> <ul> <li> <code>$$uzsAmount</code> in the template updated correctly ✅</li> <li>but the <code>&lt;input id="uzs"&gt;</code> <strong>did not update</strong> ❌</li> </ul> <p>At first, I thought:</p> <ul> <li>API issue?</li> <li>async bug?</li> <li>state not reactive?</li> </ul> <p>But the state <em>was</em> changing.</p> <h3> The real problem </h3> <p>My <code>el()</code> function re-rendered the element like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">el</span><span class="p">.</span><span class="nx">innerHTML</span> <span class="o">=</span> <span class="nx">template</span><span class="p">.</span><span class="nf">replace</span><span class="p">(...)</span> </code></pre> </div> <p>That means on every state change:</p> <ul> <li>inputs were destroyed</li> <li>new inputs were created</li> <li>old event listeners and bindings were lost</li> </ul> <p>So <code>input()</code> was bound to a DOM element that <strong>no longer existed.</strong><br> This explains why:</p> <ul> <li>text interpolation worked</li> <li>inputs silently failed</li> </ul> <h3> The fix: <code>model()</code> instead of <code>input()</code> </h3> <p>I already had a <code>model()</code> helper inspired by <code>v-model</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nf">model</span><span class="p">(</span><span class="dl">"</span><span class="s2">#usd</span><span class="dl">"</span><span class="p">,</span> <span class="nx">state</span><span class="p">,</span> <span class="dl">"</span><span class="s2">usdAmount</span><span class="dl">"</span><span class="p">);</span> <span class="nf">model</span><span class="p">(</span><span class="dl">"</span><span class="s2">#uzs</span><span class="dl">"</span><span class="p">,</span> <span class="nx">state</span><span class="p">,</span> <span class="dl">"</span><span class="s2">uzsAmount</span><span class="dl">"</span><span class="p">);</span> </code></pre> </div> <p><code>model()</code> stores state → DOM bindings as functions, so even after re-renders, the input value is updated correctly.</p> <p>After switching to <code>model()</code>:</p> <ul> <li>✅ USD input works</li> <li>✅ UZS input updates</li> <li>✅ Text interpolation still works</li> </ul> <h3> What I learned </h3> <p>This bug taught me more than any tutorial:</p> <ul> <li>Why frameworks avoid full <code>innerHTML</code> re-renders</li> <li>Why form bindings are special</li> <li>Why v-model-style abstractions exist</li> <li>Why DOM diffing and controlled inputs matter</li> </ul> <p>I accidentally rediscovered a problem that led to <strong>React, Vue, and Svelte</strong>.</p> <h3> Final thoughts </h3> <p>Building tiny libraries is an amazing way to understand big frameworks.</p> <p>If you want to learn how reactivity <em>really</em> works:</p> <ul> <li>build something small</li> <li>break it</li> <li>fix it</li> </ul> <p>That’s how frameworks are born.</p> <p>🔗 <a href="https://github.com/Jahongir2007/signel/tree/main" rel="noopener noreferrer">Signel.js</a> (MIT, experimental)<br> <a href="https://jsfiddle.net/xdh26mke/2/" rel="noopener noreferrer">Online demo</a></p> frontend reactivity javascript webdev Jahongir Sobirov Sat, 13 Dec 2025 16:02:24 +0000 https://forem.com/jahongir2007/how-to-create-live-validation-form-in-javascript-48b6 https://forem.com/jahongir2007/how-to-create-live-validation-form-in-javascript-48b6 <p>Forms are everywhere — login, signup, checkout.<br><br> But have you ever filled a form and realized <strong>you had to submit it just to see errors</strong>?</p> <p>Wouldn’t it be nice if the form <strong>validated itself as you type</strong>? </p> <p>In this post, I’ll show you how to build a <strong>live validation form in plain JavaScript</strong> — no React, no Vue, no heavy frameworks. Just simple, reactive code you can understand and extend.</p> <p>To make our form validate live, we need a system where:</p> <ul> <li>Every input updates a central <strong>state object</strong> as the user types.</li> <li>This state triggers <strong>validation logic</strong> automatically.</li> <li>Any errors or messages are reflected in the <strong>DOM instantly</strong>.</li> </ul> <p>Now we should prepare html part by making <code>form.html</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="cp">&lt;!DOCTYPE html&gt;</span> <span class="nt">&lt;html</span> <span class="na">lang=</span><span class="s">"en"</span><span class="nt">&gt;</span> <span class="nt">&lt;head&gt;</span> <span class="nt">&lt;meta</span> <span class="na">charset=</span><span class="s">"UTF-8"</span><span class="nt">&gt;</span> <span class="nt">&lt;meta</span> <span class="na">name=</span><span class="s">"viewport"</span> <span class="na">content=</span><span class="s">"width=device-width, initial-scale=1.0"</span><span class="nt">&gt;</span> <span class="nt">&lt;title&gt;</span>Live validation form<span class="nt">&lt;/title&gt;</span> <span class="c">&lt;!-- We need a only signel.js for making reactive form --&gt;</span> <span class="nt">&lt;script </span><span class="na">src=</span><span class="s">"https://signel.onrender.com/signel.js"</span><span class="nt">&gt;&lt;/script&gt;</span> <span class="nt">&lt;/head&gt;</span> <span class="nt">&lt;body&gt;</span> <span class="c">&lt;!-- Register form --&gt;</span> <span class="nt">&lt;form&gt;</span> <span class="nt">&lt;label</span> <span class="na">for=</span><span class="s">"username"</span><span class="nt">&gt;</span>Username<span class="nt">&lt;/label&gt;&lt;br&gt;</span> <span class="nt">&lt;input</span> <span class="na">type=</span><span class="s">"text"</span> <span class="na">name=</span><span class="s">"username"</span> <span class="na">placeholder=</span><span class="s">"Username"</span> <span class="na">class=</span><span class="s">"username"</span><span class="nt">&gt;&lt;br&gt;</span> <span class="nt">&lt;label</span> <span class="na">for=</span><span class="s">"password"</span><span class="nt">&gt;</span>Password<span class="nt">&lt;/label&gt;&lt;br&gt;</span> <span class="nt">&lt;input</span> <span class="na">type=</span><span class="s">"password"</span> <span class="na">name=</span><span class="s">"password"</span> <span class="na">placeholder=</span><span class="s">"Password"</span> <span class="na">class=</span><span class="s">"password"</span><span class="nt">&gt;&lt;br&gt;</span> <span class="nt">&lt;/form&gt;</span> <span class="c">&lt;!-- Warning messages appeares there --&gt;</span> <span class="nt">&lt;div</span> <span class="na">class=</span><span class="s">"warning-box"</span><span class="nt">&gt;</span> $$message <span class="nt">&lt;/div&gt;</span> <span class="nt">&lt;/body&gt;</span> <span class="nt">&lt;/html&gt;</span> </code></pre> </div> <p>Now in <code>&lt;script&gt;</code> part we make live validation logic for our form:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// Create reactive state bound to DOM</span> <span class="kd">let</span> <span class="nx">data</span> <span class="o">=</span> <span class="nf">el</span><span class="p">(</span><span class="dl">'</span><span class="s1">.warning-box</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">username</span><span class="p">:</span> <span class="dl">""</span><span class="p">,</span> <span class="c1">// it changes when user entered something to .username input</span> <span class="na">password</span><span class="p">:</span> <span class="dl">""</span><span class="p">,</span> <span class="c1">// it also changes</span> <span class="na">message</span><span class="p">:</span> <span class="dl">""</span> <span class="c1">// warning message will be saved there</span> <span class="p">});</span> <span class="c1">// Bind inputs to state</span> <span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">.username</span><span class="dl">"</span><span class="p">,</span> <span class="nx">data</span><span class="p">,</span> <span class="dl">"</span><span class="s2">username</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// input() function binds username property of data for getting value when user typed</span> <span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">.password</span><span class="dl">"</span><span class="p">,</span> <span class="nx">data</span><span class="p">,</span> <span class="dl">"</span><span class="s2">password</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// Watch username changes</span> <span class="nf">watch</span><span class="p">(</span><span class="nx">data</span><span class="p">,</span> <span class="dl">"</span><span class="s2">username</span><span class="dl">"</span><span class="p">,</span> <span class="nx">value</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// value.length &gt; 0 assures that warning message displays only user started to typing </span> <span class="k">if</span><span class="p">(</span><span class="nx">value</span><span class="p">.</span><span class="nx">length</span> <span class="o">&lt;</span> <span class="mi">3</span> <span class="o">&amp;&amp;</span> <span class="nx">value</span><span class="p">.</span><span class="nx">length</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">){</span> <span class="nx">data</span><span class="p">.</span><span class="nx">message</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">&lt;span style='color:red'&gt;Username must be at least 3 characters&lt;/span&gt;</span><span class="dl">"</span><span class="p">;</span> <span class="p">}</span><span class="k">else</span> <span class="p">{</span> <span class="nx">data</span><span class="p">.</span><span class="nx">message</span> <span class="o">=</span> <span class="dl">""</span><span class="p">;</span> <span class="p">}</span> <span class="p">});</span> <span class="c1">// Watch password changes</span> <span class="nf">watch</span><span class="p">(</span><span class="nx">data</span><span class="p">,</span> <span class="dl">"</span><span class="s2">password</span><span class="dl">"</span><span class="p">,</span> <span class="nx">value</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">value</span><span class="p">.</span><span class="nx">length</span> <span class="o">&lt;</span> <span class="mi">6</span> <span class="o">&amp;&amp;</span> <span class="nx">value</span><span class="p">.</span><span class="nx">length</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">)</span> <span class="p">{</span> <span class="nx">data</span><span class="p">.</span><span class="nx">message</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">&lt;span style='color:red'&gt;Password must be at least 7 characters&lt;/span&gt;</span><span class="dl">"</span><span class="p">;</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nx">data</span><span class="p">.</span><span class="nx">message</span> <span class="o">=</span> <span class="dl">""</span><span class="p">;</span> <span class="p">}</span> <span class="p">});</span> </code></pre> </div> <h4> And the result: </h4> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fu6drafw2iywrmshrg5rx.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fu6drafw2iywrmshrg5rx.png" alt=" " width="497" height="198"></a></p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkqwj6fnokxro700ltx0p.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fkqwj6fnokxro700ltx0p.png" alt="Result" width="503" height="503"></a></p> <p>The whole codes of <code>form.html</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="cp">&lt;!DOCTYPE html&gt;</span> <span class="nt">&lt;html</span> <span class="na">lang=</span><span class="s">"en"</span><span class="nt">&gt;</span> <span class="nt">&lt;head&gt;</span> <span class="nt">&lt;meta</span> <span class="na">charset=</span><span class="s">"UTF-8"</span><span class="nt">&gt;</span> <span class="nt">&lt;meta</span> <span class="na">name=</span><span class="s">"viewport"</span> <span class="na">content=</span><span class="s">"width=device-width, initial-scale=1.0"</span><span class="nt">&gt;</span> <span class="nt">&lt;title&gt;</span>Live validation form<span class="nt">&lt;/title&gt;</span> <span class="nt">&lt;script </span><span class="na">src=</span><span class="s">"https://signel.onrender.com/signel.js"</span><span class="nt">&gt;&lt;/script&gt;</span> <span class="nt">&lt;/head&gt;</span> <span class="nt">&lt;body&gt;</span> <span class="nt">&lt;form&gt;</span> <span class="nt">&lt;label</span> <span class="na">for=</span><span class="s">"username"</span><span class="nt">&gt;</span>Username<span class="nt">&lt;/label&gt;&lt;br&gt;</span> <span class="nt">&lt;input</span> <span class="na">type=</span><span class="s">"text"</span> <span class="na">name=</span><span class="s">"username"</span> <span class="na">placeholder=</span><span class="s">"Username"</span> <span class="na">class=</span><span class="s">"username"</span><span class="nt">&gt;&lt;br&gt;</span> <span class="nt">&lt;label</span> <span class="na">for=</span><span class="s">"password"</span><span class="nt">&gt;</span>Password<span class="nt">&lt;/label&gt;&lt;br&gt;</span> <span class="nt">&lt;input</span> <span class="na">type=</span><span class="s">"password"</span> <span class="na">name=</span><span class="s">"password"</span> <span class="na">placeholder=</span><span class="s">"Password"</span> <span class="na">class=</span><span class="s">"password"</span><span class="nt">&gt;&lt;br&gt;</span> <span class="nt">&lt;/form&gt;</span> <span class="nt">&lt;div</span> <span class="na">class=</span><span class="s">"warning-box"</span><span class="nt">&gt;</span> $$message <span class="c">&lt;!-- $$username and $$password --&gt;</span> <span class="nt">&lt;/div&gt;</span> <span class="nt">&lt;script&gt;</span> <span class="kd">let</span> <span class="nx">data</span> <span class="o">=</span> <span class="nf">el</span><span class="p">(</span><span class="dl">"</span><span class="s2">.warning-box</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">username</span><span class="p">:</span> <span class="dl">""</span><span class="p">,</span> <span class="na">password</span><span class="p">:</span> <span class="dl">""</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">""</span><span class="p">,</span> <span class="p">});</span> <span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">.username</span><span class="dl">"</span><span class="p">,</span> <span class="nx">data</span><span class="p">,</span> <span class="dl">"</span><span class="s2">username</span><span class="dl">"</span><span class="p">);</span> <span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">.password</span><span class="dl">"</span><span class="p">,</span> <span class="nx">data</span><span class="p">,</span> <span class="dl">"</span><span class="s2">password</span><span class="dl">"</span><span class="p">);</span> <span class="nx">watch</span><span class="p">(</span><span class="nx">data</span><span class="p">,</span> <span class="dl">"</span><span class="s2">username</span><span class="dl">"</span><span class="p">,</span> <span class="nx">value</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="nx">value</span><span class="p">.</span><span class="nx">length</span> <span class="o">&lt;</span> <span class="mi">3</span> <span class="o">&amp;&amp;</span> <span class="nx">value</span><span class="p">.</span><span class="nx">length</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">)</span> <span class="p">{</span> <span class="nx">data</span><span class="p">.</span><span class="nx">message</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">&lt;span style='color:red'&gt;Username must be at least 3 characters&lt;/span&gt;</span><span class="dl">"</span><span class="p">;</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nx">data</span><span class="p">.</span><span class="nx">message</span> <span class="o">=</span> <span class="dl">""</span><span class="p">;</span> <span class="p">}</span> <span class="p">});</span> <span class="nx">watch</span><span class="p">(</span><span class="nx">data</span><span class="p">,</span> <span class="dl">"</span><span class="s2">password</span><span class="dl">"</span><span class="p">,</span> <span class="nx">value</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="nx">value</span><span class="p">.</span><span class="nx">length</span> <span class="o">&lt;</span> <span class="mi">6</span> <span class="o">&amp;&amp;</span> <span class="nx">value</span><span class="p">.</span><span class="nx">length</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">)</span> <span class="p">{</span> <span class="nx">data</span><span class="p">.</span><span class="nx">message</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">&lt;span style='color:red'&gt;Password must be at least 7 characters&lt;/span&gt;</span><span class="dl">"</span><span class="p">;</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nx">data</span><span class="p">.</span><span class="nx">message</span> <span class="o">=</span> <span class="dl">""</span><span class="p">;</span> <span class="p">}</span> <span class="p">});</span> <span class="nt">&lt;/script&gt;</span> <span class="nt">&lt;/body&gt;</span> <span class="nt">&lt;/html&gt;</span> </code></pre> </div> <h3> Conclusion </h3> <p>In this post, we built a live validation form in JavaScript using Signel.js. </p> <p>You learned how to:</p> <ul> <li>Create a <strong>reactive state object</strong> bound to DOM elements</li> <li>Bind <strong>inputs</strong> to state automatically</li> <li>Use <strong>watchers</strong> to run validation logic in real-time</li> <li>Update the UI <strong>without any framework or virtual DOM</strong> </li> </ul> <p>This approach is lightweight, easy to understand, and perfect for small projects or learning how reactive frameworks work under the hood. </p> <p>No complex build tools, no heavy libraries — just plain JavaScript.</p> <p>Now it’s your turn: </p> <ul> <li>Try adding more validation rules (email, password strength, etc.) </li> <li>Combine reactive lists with form validation for a <strong>todo app</strong> </li> <li>Explore how watchers and state can power <strong>dynamic UIs</strong> </li> </ul> <p>What would you build next with Signel.js? Share your ideas in the comments! 🙌</p> webdev javascript frontend programming Jahongir Sobirov Mon, 01 Dec 2025 17:06:25 +0000 https://forem.com/jahongir2007/getting-input-values-by-id-or-class-on-the-backend-1ao3 https://forem.com/jahongir2007/getting-input-values-by-id-or-class-on-the-backend-1ao3 <p>Ever wanted to read or manipulate HTML form inputs on the backend—just like <code>document.getElementById</code> in the browser—without setting up <code>jsdom</code>?</p> <p>Meet <strong>FetchTL</strong>, a lightweight library that lets you sync, read, and update form/input data directly in Node.js. Perfect for server-driven HTML or JS-free forms.</p> <h3> Why Use FetchTL? </h3> <p>Backend developers often face these scenarios:</p> <ul> <li> <strong>Server-side form handling:</strong> Access input values without relying on frontend JS.</li> <li> <strong>Dynamic templates:</strong> Read and modify HTML inputs for emails, reports, or static pages.</li> <li> <strong>Simplified backend forms:</strong> No complex DOM emulation needed.</li> </ul> <p>FetchTL provides a <strong>mini DOM store</strong> on the server—fast, simple, and easy to integrate with Express.</p> <h3> Installation </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Install via npm</span> npm <span class="nb">install </span>fetchtl </code></pre> </div> <p>Import in your backend code:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">$</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">fetchtl</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">json</span><span class="p">());</span> <span class="c1">// Parse JSON bodies</span> </code></pre> </div> <h3> Syncing Form Data from Frontend </h3> <p>On the frontend, you can send form data with <code>$post</code>, <code>$put</code>, <code>$patch</code>, or <code>$delete</code> attributes.</p> <p>Example form:</p> <blockquote> <p>For using frontend you shoul import frontend fetchtl also:</p> <pre class="highlight html"><code><span class="nt">&lt;script </span><span class="na">src=</span><span class="s">"https://cdn.jsdelivr.net/gh/jahongir2007/fetchtl/fetchtl.js"</span><span class="nt">&gt;&lt;/script&gt;</span> </code></pre> </blockquote> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="nt">&lt;form</span> <span class="err">$</span><span class="na">post=</span><span class="s">"/api/form"</span> <span class="err">$</span><span class="na">reload=</span><span class="s">"false"</span> <span class="err">$</span><span class="na">single-fetch=</span><span class="s">"true"</span><span class="nt">&gt;</span> <span class="nt">&lt;input</span> <span class="na">id=</span><span class="s">"age"</span> <span class="na">name=</span><span class="s">"age"</span> <span class="na">value=</span><span class="s">"18"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;input</span> <span class="na">class=</span><span class="s">"email"</span> <span class="na">name=</span><span class="s">"email"</span> <span class="na">value=</span><span class="s">"user@mail.com"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;input</span> <span class="na">name=</span><span class="s">"username"</span> <span class="na">value=</span><span class="s">"Jahongir"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;button</span> <span class="na">type=</span><span class="s">"submit"</span><span class="nt">&gt;</span>Send<span class="nt">&lt;/button&gt;</span> <span class="nt">&lt;/form&gt;</span> </code></pre> </div> <p>Backend route to sync form data:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">app</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">"</span><span class="s2">/api/form</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// Sync form data into FetchTL store</span> <span class="nx">$</span><span class="p">.</span><span class="nf">sync</span><span class="p">(</span><span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">);</span> <span class="c1">// Access input values</span> <span class="kd">const</span> <span class="nx">username</span> <span class="o">=</span> <span class="nx">$</span><span class="p">.</span><span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">username</span><span class="dl">"</span><span class="p">).</span><span class="nf">val</span><span class="p">()[</span><span class="mi">0</span><span class="p">];</span> <span class="c1">// array for names/classes</span> <span class="kd">const</span> <span class="nx">age</span> <span class="o">=</span> <span class="nx">$</span><span class="p">.</span><span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">#age</span><span class="dl">"</span><span class="p">).</span><span class="nf">val</span><span class="p">();</span> <span class="c1">// single value for ID</span> <span class="kd">const</span> <span class="nx">emails</span> <span class="o">=</span> <span class="nx">$</span><span class="p">.</span><span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">.email</span><span class="dl">"</span><span class="p">).</span><span class="nf">val</span><span class="p">();</span> <span class="c1">// array for class</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">Synced $ store:</span><span class="dl">"</span><span class="p">,</span> <span class="nx">$</span><span class="p">.</span><span class="nx">store</span><span class="p">);</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="dl">"</span><span class="s2">success</span><span class="dl">"</span><span class="p">,</span> <span class="na">data</span><span class="p">:</span> <span class="p">{</span> <span class="nx">username</span><span class="p">,</span> <span class="nx">age</span><span class="p">,</span> <span class="nx">emails</span> <span class="p">}</span> <span class="p">});</span> <span class="p">});</span> </code></pre> </div> <h3> Getting and Setting Input Values </h3> <p>FetchTL uses selectors just like the browser:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Selector</th> <th>Example</th> <th>Returns / Updates</th> </tr> </thead> <tbody> <tr> <td>ID</td> <td><code>#age</code></td> <td>Single string</td> </tr> <tr> <td>Class</td> <td><code>.email</code></td> <td>Array of values</td> </tr> <tr> <td>Name</td> <td><code>username</code></td> <td>Array of values</td> </tr> </tbody> </table></div> <h3> Get Values </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">age</span> <span class="o">=</span> <span class="nx">$</span><span class="p">.</span><span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">#age</span><span class="dl">"</span><span class="p">).</span><span class="nf">val</span><span class="p">();</span> <span class="c1">// "18"</span> <span class="kd">const</span> <span class="nx">emails</span> <span class="o">=</span> <span class="nx">$</span><span class="p">.</span><span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">.email</span><span class="dl">"</span><span class="p">).</span><span class="nf">val</span><span class="p">();</span> <span class="c1">// ["user@mail.com"]</span> <span class="kd">const</span> <span class="nx">usernames</span> <span class="o">=</span> <span class="nx">$</span><span class="p">.</span><span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">username</span><span class="dl">"</span><span class="p">).</span><span class="nf">val</span><span class="p">();</span> <span class="c1">// ["Jahongir"]</span> </code></pre> </div> <h3> Set Values </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">$</span><span class="p">.</span><span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">#age</span><span class="dl">"</span><span class="p">).</span><span class="nf">val</span><span class="p">(</span><span class="dl">"</span><span class="s2">19</span><span class="dl">"</span><span class="p">);</span> <span class="nx">$</span><span class="p">.</span><span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">.email</span><span class="dl">"</span><span class="p">).</span><span class="nf">val</span><span class="p">(</span><span class="dl">"</span><span class="s2">new@mail.com</span><span class="dl">"</span><span class="p">);</span> <span class="nx">$</span><span class="p">.</span><span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">username</span><span class="dl">"</span><span class="p">).</span><span class="nf">val</span><span class="p">(</span><span class="dl">"</span><span class="s2">John</span><span class="dl">"</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">$</span><span class="p">.</span><span class="nx">store</span><span class="p">);</span> </code></pre> </div> <h3> Why FetchTL is Easier than jsdom </h3> <ul> <li>No virtual DOM setup needed.</li> <li>Works directly with <code>req.body</code> from forms.</li> <li>Automatically syncs and stores input values.</li> <li>Supports IDs, classes, and names with minimal code.</li> <li>Ideal for server-driven UIs or JS-free frontend.</li> </ul> <h3> Example: Complete Express App </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">$</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">fetchtl</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">json</span><span class="p">());</span> <span class="nx">app</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">"</span><span class="s2">/api/form</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">$</span><span class="p">.</span><span class="nf">sync</span><span class="p">(</span><span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">username</span> <span class="o">=</span> <span class="nx">$</span><span class="p">.</span><span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">username</span><span class="dl">"</span><span class="p">).</span><span class="nf">val</span><span class="p">()[</span><span class="mi">0</span><span class="p">];</span> <span class="kd">const</span> <span class="nx">age</span> <span class="o">=</span> <span class="nx">$</span><span class="p">.</span><span class="nf">input</span><span class="p">(</span><span class="dl">"</span><span class="s2">#age</span><span class="dl">"</span><span class="p">).</span><span class="nf">val</span><span class="p">();</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="dl">"</span><span class="s2">success</span><span class="dl">"</span><span class="p">,</span> <span class="na">data</span><span class="p">:</span> <span class="p">{</span> <span class="nx">username</span><span class="p">,</span> <span class="nx">age</span> <span class="p">}</span> <span class="p">});</span> <span class="p">});</span> <span class="nx">app</span><span class="p">.</span><span class="nf">listen</span><span class="p">(</span><span class="mi">3000</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">Server running on http://localhost:3000</span><span class="dl">"</span><span class="p">));</span> </code></pre> </div> <h3> Conclusion </h3> <p>FetchTL makes it ridiculously easy to handle form and input data on the backend. No DOM emulation, no complicated setup—just sync, access, and update.</p> <p>Next time you want to grab input values like in the browser—but on Node.js—reach for FetchTL.</p> backend node javascript tooling Jahongir Sobirov Mon, 17 Nov 2025 16:03:16 +0000 https://forem.com/jahongir2007/what-if-you-could-write-ajax-without-javascript-meet-fetchtl-2pk2 https://forem.com/jahongir2007/what-if-you-could-write-ajax-without-javascript-meet-fetchtl-2pk2 <p>Ever wished you could make an API request without writing a single line of JavaScript?</p> <p>Yeah… me too 😅<br> So I built <a href="https://fetchtl.onrender.com/" rel="noopener noreferrer">fetchtl</a> — a tiny library that lets you do things like:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="nt">&lt;div</span> <span class="err">$</span><span class="na">get=</span><span class="s">"/api/user"</span><span class="nt">&gt;&lt;/div&gt;</span> </code></pre> </div> <p>or even:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="nt">&lt;form</span> <span class="err">$</span><span class="na">post=</span><span class="s">"/api/register"</span> <span class="err">$</span><span class="na">send-on=</span><span class="s">"submit"</span><span class="nt">&gt;</span> <span class="nt">&lt;input</span> <span class="na">name=</span><span class="s">"email"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;button</span> <span class="na">type=</span><span class="s">"submit"</span><span class="nt">&gt;</span>Register<span class="nt">&lt;/button&gt;</span> <span class="nt">&lt;/form&gt;</span> </code></pre> </div> <p><strong>That’s it. No JS. No frameworks. No fetch(). Just HTML.</strong></p> <h3> 🌟 Why I Created fetchtl </h3> <p>As a web developer, I got tired of doing this 100 times:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nf">fetch</span><span class="p">(</span><span class="dl">"</span><span class="s2">/api/user</span><span class="dl">"</span><span class="p">)</span> <span class="p">.</span><span class="nf">then</span><span class="p">(</span><span class="nx">res</span> <span class="o">=&gt;</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">())</span> <span class="p">.</span><span class="nf">then</span><span class="p">(</span><span class="nx">data</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nb">document</span><span class="p">.</span><span class="nf">querySelector</span><span class="p">(</span><span class="dl">"</span><span class="s2">#user</span><span class="dl">"</span><span class="p">).</span><span class="nx">innerHTML</span> <span class="o">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">name</span><span class="p">;</span> <span class="p">});</span> </code></pre> </div> <p>Too much boilerplate. Too much repetition.<br> I wanted something like:<br> <strong>“Just write HTML and let the page fetch automatically.”</strong><br> So I created <strong>fetchtl</strong> — a tool that gives HTML magical new attributes:</p> <ul> <li> <code>$get</code> → Load data from an API</li> <li> <code>$post</code> → Submit a form via AJAX</li> </ul> <h3> 🚀 What Exactly Is fetchtl? </h3> <p>fetchtl is a <strong>JavaScript helper</strong> that watches your HTML for special attributes and automatically performs API calls.</p> <p><strong>No build tools. No configs. No React. No Vue.</strong><br> Just include it and start using it:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="nt">&lt;script </span><span class="na">src=</span><span class="s">"https://cdn.jsdelivr.net/gh/jahongir2007/fetchtl/fetchtl.js"</span><span class="nt">&gt;&lt;/script&gt;</span> </code></pre> </div> <p>Now HTML becomes <em>smart</em>.</p> <h3> 🤯 Example: Load API Data with Just One Attribute </h3> <h4> Before fetchtl (traditional way) </h4> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="nt">&lt;div</span> <span class="na">id=</span><span class="s">"user"</span><span class="nt">&gt;&lt;/div&gt;</span> <span class="nt">&lt;script&gt;</span> <span class="nf">fetch</span><span class="p">(</span><span class="dl">"</span><span class="s2">/api/user</span><span class="dl">"</span><span class="p">)</span> <span class="p">.</span><span class="nf">then</span><span class="p">(</span><span class="nx">res</span> <span class="o">=&gt;</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">())</span> <span class="p">.</span><span class="nf">then</span><span class="p">(</span><span class="nx">data</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nb">document</span><span class="p">.</span><span class="nf">getElementById</span><span class="p">(</span><span class="dl">"</span><span class="s2">user</span><span class="dl">"</span><span class="p">).</span><span class="nx">innerHTML</span> <span class="o">=</span> <span class="nx">data</span><span class="p">.</span><span class="nx">name</span><span class="p">;</span> <span class="p">});</span> <span class="nt">&lt;/script&gt;</span> </code></pre> </div> <h4> With fetchtl 🚀 </h4> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="nt">&lt;div</span> <span class="err">$</span><span class="na">get=</span><span class="s">"/api/user"</span><span class="nt">&gt;</span> Loading... <span class="nt">&lt;/div&gt;</span> </code></pre> </div> <p>fetchtl does everything automatically:</p> <ul> <li>fetches the URL</li> <li>replaces the inside HTML</li> <li>handles JSON</li> <li>updates instantly</li> </ul> <h3> 📝 Example: AJAX Form Without JavaScript </h3> <h4> Before </h4> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nb">document</span><span class="p">.</span><span class="nf">querySelector</span><span class="p">(</span><span class="dl">"</span><span class="s2">form</span><span class="dl">"</span><span class="p">).</span><span class="nf">addEventListener</span><span class="p">(</span><span class="dl">"</span><span class="s2">submit</span><span class="dl">"</span><span class="p">,</span> <span class="nx">e</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">e</span><span class="p">.</span><span class="nf">preventDefault</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">formData</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">FormData</span><span class="p">(</span><span class="nx">e</span><span class="p">.</span><span class="nx">target</span><span class="p">);</span> <span class="nf">fetch</span><span class="p">(</span><span class="dl">"</span><span class="s2">/api/register</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">method</span><span class="p">:</span> <span class="dl">"</span><span class="s2">POST</span><span class="dl">"</span><span class="p">,</span> <span class="na">body</span><span class="p">:</span> <span class="nx">formData</span> <span class="p">});</span> <span class="p">});</span> </code></pre> </div> <h4> With fetchtl 💛 </h4> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="nt">&lt;form</span> <span class="err">$</span><span class="na">post=</span><span class="s">"/api/register"</span> <span class="err">$</span><span class="na">send-on=</span><span class="s">"submit"</span> <span class="err">$</span><span class="na">reload=</span><span class="s">"false"</span><span class="nt">&gt;</span> <span class="nt">&lt;input</span> <span class="na">name=</span><span class="s">"email"</span> <span class="na">placeholder=</span><span class="s">"Your email"</span> <span class="nt">/&gt;</span> <span class="nt">&lt;button</span> <span class="na">type=</span><span class="s">"submit"</span><span class="nt">&gt;</span>Register<span class="nt">&lt;/button&gt;</span> <span class="nt">&lt;/form&gt;</span> </code></pre> </div> <ul> <li>The form submits via AJAX automatically.</li> <li>The page doesn’t reload.</li> <li>You didn’t write any JavaScript.</li> </ul> <h3> Built-in template engine (e.g. <code>$name</code> → replaced by JSON value) </h3> <p>So you can get directly and json object value by calling its name<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="nt">&lt;div</span> <span class="err">$</span><span class="na">get=</span><span class="s">'/user'</span><span class="nt">&gt;</span> User name: $name <span class="nt">&lt;/div&gt;</span> </code></pre> </div> <h3> 🔄 Auto-refresh sections </h3> <p>With <code>$poll</code> you can refresh any section of your web page<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight html"><code><span class="nt">&lt;div</span> <span class="err">$</span><span class="na">get=</span><span class="s">'/api/status'</span> <span class="err">$</span><span class="na">poll=</span><span class="s">'2000'</span><span class="nt">&gt;</span> User status: $status <span class="nt">&lt;/div&gt;</span> </code></pre> </div> <ul> <li> <code>$poll</code> means that every 2000 ms or 2 seconds fetchtl sends request to server Useful for: <ul> <li>live dashboards</li> <li>instant search</li> <li>real-time forms</li> </ul> </li> </ul> <p>Github page: <a href="https://github.com/Jahongir2007/fetchtl" rel="noopener noreferrer">https://github.com/Jahongir2007/fetchtl</a></p> html javascript tooling