Node.jsframework~30 mins

Why security is critical in Node.js - See It in Action

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Perf

Why Security is Critical in Node.js

📖 Scenario: You are building a simple Node.js server that handles user login data. Security is very important to protect user information and prevent unauthorized access.

🎯 Goal: Build a basic Node.js server that stores user credentials securely and checks login attempts safely.

📋 What You'll Learn

Create an object to store user credentials

Add a configuration variable for minimum password length

Write a function to validate user login using the stored credentials

Complete the server setup to handle login requests securely

💡 Why This Matters

🌍 Real World

This project shows how to handle user login securely in a Node.js web server, a common task in many web applications.

💼 Career

Understanding basic security practices in Node.js is essential for backend developers to protect user data and build trustworthy applications.

Progress0 / 4 steps

Create user credentials object

Create an object called users with these exact entries: "alice": "password123", "bob": "qwerty456", and "carol": "letmein789".

Node.js

// Create the users object with exact username-password pairs
// Your code here

Need a hint?

Use a JavaScript object with usernames as keys and passwords as values.

Add minimum password length configuration

Add a constant called MIN_PASSWORD_LENGTH and set it to 8.

Node.js

const users = {
  alice: "password123",
  bob: "qwerty456",
  carol: "letmein789"
};

// Define minimum password length
// Your code here

Need a hint?

This helps enforce password security rules.

Write login validation function

Write a function called validateLogin that takes username and password as parameters and returns true if the username exists in users and the password matches exactly, otherwise returns false.

Node.js

const users = {
  alice: "password123",
  bob: "qwerty456",
  carol: "letmein789"
};

const MIN_PASSWORD_LENGTH = 8;

// Write validateLogin function
// Your code here

Need a hint?

Check if the username exists as a key and compare the stored password with the input.

Complete server setup with login route

Add code to create an Express server, use express.json() middleware, and add a POST route /login that reads username and password from req.body, uses validateLogin to check credentials, and sends "Login successful" if valid or "Invalid credentials" if not.

Node.js

const users = {
  alice: "password123",
  bob: "qwerty456",
  carol: "letmein789"
};

const MIN_PASSWORD_LENGTH = 8;

function validateLogin(username, password) {
  return users[username] === password;
}

// Setup Express server and /login route
// Your code here

Need a hint?

Use Express to handle JSON requests and respond based on login validation.