Forem: John Khay 💯 The latest articles on Forem by John Khay 💯 (@that_khayy). https://forem.com/that_khayy https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F976119%2Fd1f7e297-b0b3-413a-9fe3-1c70ff9064fb.jpg Forem: John Khay 💯 https://forem.com/that_khayy en Overcoming Backend Challenges: My Journey and Aspirations with HNG Internship John Khay 💯 Tue, 02 Jul 2024 22:03:50 +0000 https://forem.com/that_khayy/overcoming-backend-challenges-my-journey-and-aspirations-with-hng-internship-42jc https://forem.com/that_khayy/overcoming-backend-challenges-my-journey-and-aspirations-with-hng-internship-42jc <p><strong>Introduction</strong></p> <p>Hello, I'm Kingsley, and I'm embarking on an exciting journey with the HNG Internship. As a budding backend developer, I recently encountered a particularly challenging problem that tested my skills and perseverance. In this blog post, I will walk you through the problem I faced, how I tackled it, and why I'm thrilled to be a part of the HNG Internship.</p> <p>The Problem</p> <p>The problem emerged while working on a user authentication system for a web application. The application needed to securely register users, handle login requests, and manage sessions. The complexity was compounded by the requirement to integrate social media login options and ensure all data transfers were encrypted.</p> <p>Step-by-Step Solution</p> <ol> <li> <p><strong>Understanding the Requirements</strong>:<br> I started by outlining the key requirements:</p> <ul> <li>Secure user registration and login.</li> <li>Session management.</li> <li>Social media login integration.</li> <li>Data encryption.</li> </ul> </li> <li> <p><strong>Choosing the Right Tools</strong>:<br> Based on the requirements, I chose:</p> <ul> <li> <strong>Node.js and Express.js</strong> for the backend framework.</li> <li> <strong>Passport.js</strong> for authentication and social media login integration.</li> <li> <strong>bcrypt</strong> for password hashing.</li> <li> <strong>JWT (JSON Web Tokens)</strong> for session management.</li> <li> <strong>HTTPS</strong> for secure data transfer.</li> </ul> </li> <li><p><strong>Setting Up the Project</strong>:<br> I initialized a new Node.js project and installed the necessary dependencies:<br> </p></li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> npm init <span class="nt">-y</span> npm <span class="nb">install </span>express passport bcrypt jsonwebtoken dotenv </code></pre> </div> <ol> <li> <strong>Implementing User Registration</strong>: I created an endpoint for user registration that hashes the password using bcrypt before storing it in the database: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="kd">const</span> <span class="nx">bcrypt</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">bcrypt</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">saltRounds</span> <span class="o">=</span> <span class="mi">10</span><span class="p">;</span> <span class="nx">app</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">'</span><span class="s1">/register</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">username</span><span class="p">,</span> <span class="nx">password</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">hashedPassword</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">bcrypt</span><span class="p">.</span><span class="nf">hash</span><span class="p">(</span><span class="nx">password</span><span class="p">,</span> <span class="nx">saltRounds</span><span class="p">);</span> <span class="c1">// Store user with hashed password in the database</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">201</span><span class="p">).</span><span class="nf">send</span><span class="p">(</span><span class="dl">'</span><span class="s1">User registered successfully</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">500</span><span class="p">).</span><span class="nf">send</span><span class="p">(</span><span class="dl">'</span><span class="s1">Error registering user</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="p">});</span> </code></pre> </div> <ol> <li> <strong>Implementing Login and JWT Authentication</strong>: I set up the login endpoint to validate the user and issue a JWT for session management: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="kd">const</span> <span class="nx">jwt</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">jsonwebtoken</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">secretKey</span> <span class="o">=</span> <span class="dl">'</span><span class="s1">your_secret_key</span><span class="dl">'</span><span class="p">;</span> <span class="nx">app</span><span class="p">.</span><span class="nf">post</span><span class="p">(</span><span class="dl">'</span><span class="s1">/login</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">username</span><span class="p">,</span> <span class="nx">password</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="c1">// Retrieve user from the database</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="p">{};</span> <span class="c1">// assume this is the retrieved user</span> <span class="kd">const</span> <span class="nx">match</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">bcrypt</span><span class="p">.</span><span class="nf">compare</span><span class="p">(</span><span class="nx">password</span><span class="p">,</span> <span class="nx">user</span><span class="p">.</span><span class="nx">hashedPassword</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="nx">match</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">token</span> <span class="o">=</span> <span class="nx">jwt</span><span class="p">.</span><span class="nf">sign</span><span class="p">({</span> <span class="nx">username</span> <span class="p">},</span> <span class="nx">secretKey</span><span class="p">,</span> <span class="p">{</span> <span class="na">expiresIn</span><span class="p">:</span> <span class="dl">'</span><span class="s1">1h</span><span class="dl">'</span> <span class="p">});</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="nx">token</span> <span class="p">});</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">401</span><span class="p">).</span><span class="nf">send</span><span class="p">(</span><span class="dl">'</span><span class="s1">Invalid credentials</span><span class="dl">'</span><span class="p">);</span> <span class="p">}</span> <span class="p">});</span> </code></pre> </div> <ol> <li> <strong>Integrating Social Media Login</strong>: I used Passport.js to integrate social media login options like Google and Facebook: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="kd">const</span> <span class="nx">passport</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">passport</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">GoogleStrategy</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">passport-google-oauth20</span><span class="dl">'</span><span class="p">).</span><span class="nx">Strategy</span><span class="p">;</span> <span class="nx">passport</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="k">new</span> <span class="nc">GoogleStrategy</span><span class="p">({</span> <span class="na">clientID</span><span class="p">:</span> <span class="dl">'</span><span class="s1">your_client_id</span><span class="dl">'</span><span class="p">,</span> <span class="na">clientSecret</span><span class="p">:</span> <span class="dl">'</span><span class="s1">your_client_secret</span><span class="dl">'</span><span class="p">,</span> <span class="na">callbackURL</span><span class="p">:</span> <span class="dl">'</span><span class="s1">/auth/google/callback</span><span class="dl">'</span> <span class="p">},</span> <span class="p">(</span><span class="nx">token</span><span class="p">,</span> <span class="nx">tokenSecret</span><span class="p">,</span> <span class="nx">profile</span><span class="p">,</span> <span class="nx">done</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// Find or create user in the database</span> <span class="nf">done</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="nx">profile</span><span class="p">);</span> <span class="p">}));</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/auth/google</span><span class="dl">'</span><span class="p">,</span> <span class="nx">passport</span><span class="p">.</span><span class="nf">authenticate</span><span class="p">(</span><span class="dl">'</span><span class="s1">google</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">scope</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">profile</span><span class="dl">'</span><span class="p">]</span> <span class="p">}));</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/auth/google/callback</span><span class="dl">'</span><span class="p">,</span> <span class="nx">passport</span><span class="p">.</span><span class="nf">authenticate</span><span class="p">(</span><span class="dl">'</span><span class="s1">google</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">failureRedirect</span><span class="p">:</span> <span class="dl">'</span><span class="s1">/</span><span class="dl">'</span> <span class="p">}),</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">res</span><span class="p">.</span><span class="nf">redirect</span><span class="p">(</span><span class="dl">'</span><span class="s1">/</span><span class="dl">'</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <ol> <li> <strong>Ensuring Secure Data Transfer</strong>: Finally, I set up HTTPS to encrypt data transfer: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="kd">const</span> <span class="nx">https</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">https</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">fs</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">fs</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">options</span> <span class="o">=</span> <span class="p">{</span> <span class="na">key</span><span class="p">:</span> <span class="nx">fs</span><span class="p">.</span><span class="nf">readFileSync</span><span class="p">(</span><span class="dl">'</span><span class="s1">key.pem</span><span class="dl">'</span><span class="p">),</span> <span class="na">cert</span><span class="p">:</span> <span class="nx">fs</span><span class="p">.</span><span class="nf">readFileSync</span><span class="p">(</span><span class="dl">'</span><span class="s1">cert.pem</span><span class="dl">'</span><span class="p">)</span> <span class="p">};</span> <span class="nx">https</span><span class="p">.</span><span class="nf">createServer</span><span class="p">(</span><span class="nx">options</span><span class="p">,</span> <span class="nx">app</span><span class="p">).</span><span class="nf">listen</span><span class="p">(</span><span class="nx">port</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="s2">`Secure server running at https://localhost:</span><span class="p">${</span><span class="nx">port</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="p">});</span> </code></pre> </div> <h4> Why HNG Internship? </h4> <p>I am excited to be a part of the HNG Internship because it provides a unique opportunity to learn from industry experts, collaborate with fellow developers, and work on real-world projects. The internship offers a structured program that helps me improve my skills and gain valuable experience in backend development.</p> <h4> Conclusion </h4> <p>Solving this backend challenge was a significant milestone in my development journey. It reinforced the importance of understanding requirements, choosing the right tools, and implementing secure practices. As I continue to learn and grow with the HNG Internship, I look forward to tackling more complex problems and contributing to innovative projects.</p> <p>Learn more about the HNG Internship and its benefits <a href="https://hng.tech/internship">here</a> and <a href="https://hng.tech/premium">here</a>. If you're interested in hiring talented developers from the program, check out <a href="https://hng.tech/hire">this link</a>.</p> backenddevelopment hng node softwaredevelopment