First step. Loopback intro

[atherdon]

intro

https://github.com/optis/loopback-rest-api - this is the best tutorial that helps me 1 year ago.

Please buzz me before including MongoDB database - so I'll generate a new instance for you.

As I want to see your progress - please use this repo and push your progress here. Share with me progress and questions that I can help you with. Don't hesitate to use my help. i willing to start fast and with less stress for you at the beginning. Also will check your git skills.

Is there any timeline to finish?

nope, because you only starting this. and I know how hard it can be from the beginning. But this is the best tutorial that I find about loopback. I use it too a year ago. btw, as usually - feel free and ask any questions or seek my help here.

invite link

Please use this link in order to be added as contributor : https://github.com/ChickenKyiv/loopback-tutor-intern-8/invitations

[chauhannishith]

i have started implementing using mlab for just trying things out. Do you want me to upload that to github too or only the final version on your instance of mongoDB?

[atherdon]

only code will be fine. my instance is mlab too :) nice speed btw. that tutorial have only one weak spot - and this is setup a local mongodb. this is why i want to help to avoid that. because our work is hosted at heroku with mlab addon

[chauhannishith]

Can you help me with one issue? We get the access token at the time of login but i can't find where to set it for accessing the data of specific user

[atherdon]

sure @chauhannishith , it's the latest code pushed on repo? can i grab it and check on my local PC? and give me some more details, maybe screenshot - will works well - so i can dig into it quickly

[chauhannishith]

I haven't coded it yet because i can't figure out where to send it. That's where i am stuck. If i dont set it then i dont get the data because unauthorised access is denied

[atherdon]

explain please what do you trying to do. because right now i'm only guessing.

So you open explorer and trying to get data, related to user only? Or you setup a frontend version(as i saw it was react) and trying to get user related data from server routes?

[chauhannishith]

I am trying to make a login page where user enters username and password. This data is sent to user/login and the response.data object i get back has the access token. Now i want to use that access token and get all the bookings that user has made. It should only show the bookings that the particular user has made

[atherdon]

gotcha!

it was my third guess :)

loopback is a bit tricky thing with auth. for sure you'll need to have passport for this stuff. the easiest (but bad) way is to generate a long urls with auth token in the end. but i think you want to have more efficient way to do it.

Btw, did you try to POST obj with your data, ie {user:"admin",pass:"123"} via Explorer and get a token?

Check this and tell me if it helps: https://docs.strongloop.com/display/public/LB/Introduction+to+User+model+authentication https://strongloop.com/strongblog/user-based-authentication-with-loopback/

Btw, nice progress so far! you're doing great.

[atherdon]

push to repo what you have right now. because i don't see how you trying grab things from loopback. usually loopback didn't save a session so it's not a similar thing to main express login.

i was lazy to handle a usual login logic at groceristar, but you can see how i did facebook login here : https://github.com/GroceriStar/groceristar/blob/master/server/server.js#L94

[atherdon]

if you want - we can split this task into few subtasks, will it be more easy to do for you?

[chauhannishith]

It will take some time to properly understand how things work but i will do it as it is. Not a big issue. It's just that no one has posted this trouble anywhere on the web so i have to make my own mistakes :)

[atherdon]

it's really a weak thing at loopback. but maybe they did it in purpose. i'm pretty sure they have an expalantion. but some hacks - can help you. i was stuck on this thing year ago too. so don;t worry

[chauhannishith]

i just pushed my code right now and i think that it is creating a new user everytime (or generating a different access token). I tried checking through explorer but it just says that authorization is required and so i am still not sure if it is working or not. Would have to go a little bit deeper into it to find out what is going where

[chauhannishith]

username: nishith password: 123456 this will show you the token and enter anything else then login failed error page will come

[atherdon]

i'll have some asap tasks at this moment. will grab your code and check it in a few hours. hope this is not a problem.

[chauhannishith]

No issues. I think i have figured out what's happening

[atherdon]

ok, take your time - this is not just a test - we definately will use what you've built here at least in one project. Because it covers a lot of things, that is not presented at Groceristar right now.

like normal login, sign up process, like email notifications, like separation backend and front (which is purely done with some html template engine and really break cool structure that Loopback have). you can see it at groceristar repo if you wish

[chauhannishith]

as per my research it says that you can not use the built in user model directly. They say that to use the built in functionalities (which are a lot) you have to extend the model. That means i will have to go through the documentation to make anything work properly. So please give me some time to analyse the documentation and find what needs to be done to be able use all the functionalities

[atherdon]

Sure, take your time

On 31-Mar-2018 at 08:36 AM, chauhannishith wrote:

as per my research it says that you can not use the built in user model directly. They say that to use the built in functionalities (which are a lot) you have to extend the model. That means i will have to go through the documentation to make anything work properly. So please give me some time to analyse the documentation and find what needs to be done to be able use all the functionalities

[atherdon]

i'll grab your code from 2nd branch. will take a look what i can find

[atherdon]

teach me how i can run a react frontend part because i didn't work with it really close.

[chauhannishith]

i havent generated the final build yet so you will have to run the project on separate ports. Open a terminal window do node in this loopback folder and then open a new terminal and go to the sub-folder client_src and do npmstart it will ask you if you want to run on a different port in my case the ports are 3000 for loopback and 3001 so try and tell me if you have any problems

[chauhannishith]

And sorry if i take too long to reply today as its my birthday today(no not an april fools prank) so have to attend those calls :)

[atherdon]

First thing that i saw - you don't have a model, that is a child of User model. yeah, i got your prev message that you don't have rights to use that model. but this can break some default stuff, that loopback has inside. I'm not sure, but usually, my ass is notifying me about future problems.

we still can have a simple solution like generate every time a links with additional(like localhost\account&token=xxx) attribute that related to access token - without saving a session. I don't like that way, but at least you'll be able to test how your ACL work. I think it was a main idea of setting up login page.

or i suppose we can go by passport way - install passport and use it.

[atherdon]

WOW! Happy birthday! It so cool!

Don't worry - i'll play here myself. i need to sit in a few chairs - help you, but not a lot, so you'll be able to debag things by yourself

[chauhannishith]

My plan was that I will extend the built-in User model with the userData model and add some fields inside this userData model like first name, last name, address, phone number and other details so that will be the future step. I am not hashing the password currently as it is not that tough and will easily be solved when I will add passport for user authentication. Currently, the system is not that complex so simple string works and I can check if I am entering correct data or not.

Also there is no route protection yet and you can access any page even if you are not logged in.

I had implemented acl initially in explorer but it was displaying all the data of all users with login of one user so I removed it back and am still searching on how to display the data of only logged in user with access token of that particular user

[chauhannishith]

The user owning the object ->Do you know anything about this role in acl? Currently when I submit the access token it gives me access to all the data for all the users. I can implement a filter but I don't think that would be secure. Can the above role solve this problem? I tried but couldn't find any documentation or thread relating to it.

Also i tried extending the built-in user database but by doing that I can't perform GET on it to access the other fields. Do I have to make any changes in the json to access that? Do you have any previous projects with loopback where i can have a look and study?

[chauhannishith]

I understood what's happening and how the data transfer is actually working(i think so). Now I have to handle route protection first and then I will push the code so you can check and tell me if there are any mistakes.

user login - done new user sign up - done

[atherdon]

as i still hiding - don't want to waste your time waiting. if you have spare time, please check this article. Put all things in one place. it was created for you https://medium.com/p/things-that-should-read-and-use-javascript-intern-at-groceristar-april-18-collection-bd6541e9ae28

[chauhannishith]

Sorry for the delay. I was learning redux so that we don't have to save any user data locally. The code is almost done, just one small error. Will be done by tonight

[atherdon]

perfect!

.

[chauhannishith]

https://github.com/strongloop/loopback/issues/3593 I am also encountering this same issue. It is not allowing me to filter based on userId and if I do it based on email then it works perfectly.

I also dropped everything related to redux as I couldn't find some examples or proper documentation related to redux-session or persistedStore as the data in redux gets reset whenever the page is refreshed or there is a change in route(this was the error I was talking about).

I made all these changes in the last two hours so tell me if there are any breaks

[atherdon]

please push the latest updates and i'll try to check it today of in 12-15 hours.

[chauhannishith]

Now do you want me to improve this code or start something new or just make this again in jade like your code of groceristar?

[atherdon]

will take a fast look, but will not able to debug it. still not finished my texts.

no - jade is waste of time. you can read some text here, while i'm checking the code: https://github.com/atherdon/artics/blob/master/Not%20finished/gs-frontend.md

[atherdon]

will checkout your code and will see what about session issue

[atherdon]

i think i find some confusing me stuff. will give you more notes soon

[atherdon]

and i assume i just dropped all info that we have :)

[atherdon]

i pushed my latest changes. i think it can broke a lot of stuff, so maybe we should combine our powers in order to make it works again :)

[chauhannishith]

Please don't create any more issues now as it is getting cluttered and confusing to do the task. It forces me to do things keeping in mind everything instead of modifying things as required on the go.

[atherdon]

Lol :) you don't need to keep in mind everything. this is why i'm trying to manage you and this project.

[atherdon]

i'm traveling right now, but keeping my eye on each of your commit. will try on my local machine when will be back.