fel-hanout's Issues
Implement Authorization
In your current code, any user of the platform can directly call any API with his Bearer Token and do things he is not supposed to do. For example, normal clients can create, delete, and update products.
To solve this, you should implement an authorization
middleware in your Express app.
The middleware is just a function that you can pass to the route
before the request handler and it should:
- Get the Bearer Token from the request
- Check if the user exists. Otherwise, return an error response.
- Check if the user role is
admin
. Return an error response in case the user is not an admin.
In the end, you'll have to add arole
attribute to your users. And create a function like this:
const authorize = (role) => (req, res, next) => {
// calls next() if user has required role
// returns error response if the user does not have the required role
}
And then call it this way
router.post("/products", authorize("admin"), createProduct)
In the API calls from the frontend, you'll have to make sure you send the Bearer Tokens in the requests.
Resources
For more on Express middlewares, take a look at this article.
Refator UI
As we discussed @MariemAbdi, UI/UX is a big pilar of front-end development. Your website, although fully functional, could benefit a lot from a refactoring of the User Interface. Ergonomic websites could help us look more professional and friendly and get more customers easily.
Here are a few things that you could start with:
- Use another font Take a look at Google fonts
- Remove the scroll bar when you don't need to scroll
- Update the colors that are in use. You need one primary color (the orange from your logo) and one secondary color (gray would look good I guess)
- Refactor the products table to a products grid catalog. Like in this website
- Refactor the product details page to a 2 column display like in this website
- For the general look of the pages Login and Signup, remove the navbar, put your logo at the top of the form and create a form like this one. The gray container does not look good
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.