+ 6
[Mongoose] How to include Username in Collection Name in the model() in Models?
In root/Models/Spending const SpendingList = mongoose.model('Spending', spendingSchema); But I have a login feature, I want: const SpendingList = mongoose.model(`${currentUser}${Spending}`, spendingSchema); What should I do? Store the user login name in a global variable on server.js? If so, when two people are using at the same time, will their sessions have the same global variable in the server? In other words, will B be using data entered by A?
43 Answers
+ 8
If i understand correctly, you want to create a seperate collection for each user.
I am not sure if that's a good idea.
Instead, just have a foreign user for each spending document and have create an autherization mechanism that restrics user A from accessing data of user B.
Of course if needed the mechamism may be more complex to allow roles acess (admin access for instance)
Here are some extra reading materials
https://www.npmjs.com/package/mongoose-authorization
https://medium.com/swlh/jwt-authentication-authorization-in-nodejs-express-mongodb-rest-apis-2019-ad14ec818122
https://medium.com/quick-code/handling-authentication-and-authorization-with-node-7f9548fedde8
https://stackoverflow.com/questions/47095895/check-resource-ownership-on-node-js-rest-api
+ 4
Gordon you don't add the entire schema, just a reference to the user object
Regarding the second question, how the server remembers which user: if you are using REST, then it doesn't.
You save the token on the client side (localStorage, sessionStorage, etc...)
And attach it to each request.
This way the server can determine using the token what user made the request
+ 3
You can have 2 models, 'User' and 'Spending'.
Include user object in spending model.
spending scheme:
const spendingSchema = mongoose.Schema({
amount: {
type: Number,
required: true
},
place: {
type: String,
required: true
},
user: {
type: Schema.Types.ObjectId, ref: "User",
required: true
}
});
+ 3
Gordon just built a simple app to demonstrate to 2 model user and spending interacting to each other.
Check out the github and web link here.
https://github.com/cv2k10/simple-spending-app
https://spending-app.glitch.me/
+ 3
CalviÕ² did you just made that in 15 minutes? xD
+ 3
You been busy š¤£
+ 3
not yet š
let me add soon š¤£
+ 2
Burey tested some time and just posted to GitHub..:)
+ 2
Burey I normally write this program repeatedly whenever i free, in order i can remember all the programming functions and syntax firmly. š¬
+ 2
It's still insecure user registration/login, would add passport.js with local stretegy later.
+ 2
CalviÕ² AKA Beast.js
+ 2
Gordon that's always a risk but there are techniques to minimize the risk.
Two factor auth
Setting TTL on tokens
Etc...
+ 2
Gordon welcome to wev dev xD
+ 2
Gordon JWT allows user to temporary login to auth page without keyin login password again, it would be expired later, for high secure webpage like banking, you could set the session timeout period shorter or disable the token, user would need to login whenever browsing the page.
+ 2
How to make the displayed spending list limited to those posted by the current user?
+ 2
Gordon No logout button? š§
+ 2
Gordon use this
const session = require('express-session');
const MongoStore = require('connect-mongo')(session);
app.use(session({
secret: 'foo',
store: new MongoStore(options)
}));
https://www.npmjs.com/package/connect-mongo
+ 2
I have implemented daily total and monthly total ~ yeah ~
+ 2
next : to add some charts š
some pie chart showing percentage ~š„§
and some bar chart showing high low ~š
+ 2
Good work.š.. Continue improve it, and build a full react native later.