'Passing all datas to the URL isn't the way to go, I think
I recently started to use NodeJS into my Angular program, so far, I'm doing it like this :
node :
app.get('/register/:username/:password', function(req, res){
db.collection('users').insertOne({
username: req.params.username,
password: req.params.password,
nbVotes: 0,
avatar: `https://ui-avatars.com/api/?name=${req.params.username}`,
grade: 'Membre'
}, function(err, data){
res.json(data)
})
})
Angular :
this.http.get('http://localhost:3001/register/'+ username+ '/'+ password).subscribe((data: any) => {
sessionStorage.setItem('name', username);
sessionStorage.setItem('password', password);
window.location.href = '/profil/' + username;
console.log("Connected ! ")
There is probably ( definitely ) a better way to do this, right ? Because going by the url like this feels... off. What if they were 50 inputs to check ?
Solution 1:[1]
From your code provided I could see that, you are passing the input values username and password as params in the URL, which is a bad practice since the password which is a secret entity will be visible in the URL and must be only passed through the body. Since the request is for registering the user, You must use the POST request instead of the GET request. And I suggest you to use some type of encryption methods like crypto while handling password.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
Solution | Source |
---|---|
Solution 1 | Ashik S Nair |