2.83M
Категория: Базы данныхБазы данных
Похожие презентации:
Data Modeling and Databases II
Data Modeling and Databases II
Введение в базовые запросы в базах данных
Введение в базовые запросы в базах данных
Development course SQL databases in node
Development course SQL databases in node
Introduction to database management systems
Introduction to database management systems
What Was Old Is New Again. YottaDB
What Was Old Is New Again. YottaDB
CS186 - Introductionto Database Systems
CS186 - Introductionto Database Systems
7. Java databases and JDBC 2. JDBC Database Access JDBC
7. Java databases and JDBC 2. JDBC Database Access JDBC
Database
Database
Database
Database
Firebase. Quickly development of high-quality app
Firebase. Quickly development of high-quality app

MongoDB Authentication

1.

MongoDB
Authentication
Vadym Makhonin
March 2018
CONFIDENTIAL
1

2.

AGENDA OF THE LECTURE
• SQL vs NoSQL
• MongoDB
• Mongoose
• Authentication
• Passport.js
CONFIDENTIAL
2

3.

SQL VS
NOSQL
CONFIDENTIAL
3

4.

RELATIONAL DATABASE PROBLEMS
• Scalability
• Flexibility
NoSQL databases solve these problems
CONFIDENTIAL
4

5.

NOSQL DATABASE PROBLEMS
• No join
• No data integrity
• No transaction
CONFIDENTIAL
5

6.

WHERE SQL IS IDEAL
• logical related discrete data requirements
which can be identified up-front
• data integrity is essential
• standards-based proven technology with
good developer experience and support
CONFIDENTIAL
6

7.

WHERE NOSQL IS IDEAL
• unrelated, indeterminate or evolving data
requirements
• simpler or looser project objectives, able
to start coding immediately
• speed and scalability is imperative
CONFIDENTIAL
7

8.

MONGODB
CONFIDENTIAL
8

9.

MONGODB
MongoDB is an open source, document-oriented
database designed with both scalability and
developer agility in mind.
CONFIDENTIAL
9

10.

MONGODB COMPRASION TO SQL
SQL
MongoDB
database
database
table
collection
row
document
CONFIDENTIAL
10

11.

MOGNODB CLI
DEMO
CONFIDENTIAL
11

12.

MONGODB CLI
• show dbs
• use <DB_NAME>
• show collections
• help / db.help() /db.collection.help()
CONFIDENTIAL
12

13.

MONGODB CLI CRUD
• db.collection.insert(document)
• db.collection.find(query, projection)
• db.collection.update(query, update, options)
• db.collection.remove(query, options)
CONFIDENTIAL
13

14.

MONGODB DRIVERS
An application communicates with MongoDB by
way of a client library, called a driver, that
handles all interaction with the database in a
language appropriate to the application.
npm install mongodb
CONFIDENTIAL
14

15.

MOGNODB NATIVE DRIVER
DEMO
CONFIDENTIAL
15

16.

ORM, ODM
ORM (Object-Relational Mapping), ODM (Object Document
Mapper) - programming technique for converting data
between incompatible type systems in databases and
object-oriented programming languages. This creates, in
effect, a "virtual object database" that can be used from
within the programming language.
ORM – for relational databases, ODM – for NoSQL
databases.
Most popular ORM in Node.js – Sequelize.
CONFIDENTIAL
16

17.

MONGOOSE
CONFIDENTIAL
17

18.

MONGOOSE
Mongoose provides a straight-forward, schema-based
solution to model your application data. It includes built-in
type casting, validation, query building, business logic
hooks and more, out of the box.
CONFIDENTIAL
18

19.

MONGOOSE
DEMO
CONFIDENTIAL
19

20.

MONGOOSE API
• mongoose.connect(url, options)
• mongoose.Promise
• mongoose.Schema
• mongoose.model(name, schema)
• mongoose.plugin(func, options)
CONFIDENTIAL
20

21.

SCHEMA API
const schema = new Schema(definition, options)
• schema.methods
• schema.statics
• schema.virtual(name, options)
• schema.pre/post(method, callback)
• schema.plugin(func, options)
CONFIDENTIAL
21

22.

SCHEMA DEFINITION
• type
String
Number/Date
• required
• lowercase
• min
• default
• uppercase
• max
• unique
• trim
• validate
• match
• enum
CONFIDENTIAL
22

23.

AUTHENTICATION
CONFIDENTIAL
23

24.

AUTHENTICATION
• Authentication - is the process of actually
confirming truth identity.
• Authorization - is the function of specifying
access rights to resources related to information
security and computer security in general and to
access control in particular.
CONFIDENTIAL
24

25.

AUTHENTICATION METHODS
• HTTP
• Forms
• One-Time Password(two-factor authentication)
• API key
• Token-based
CONFIDENTIAL
25

26.

HOW TOKEN BASED WORKS
• User Requests Access with Username / Password
• Application validates credentials
• Application provides a signed token to the client
• Client stores that token and sends it along with
every request
• Server verifies token and responds with data
CONFIDENTIAL
26

27.

TOKEN-BASED AUTHENTICATION
Token formats:
Standards:
• SWT
• OAuth
• JWT
• OpenID Connect
• SAML
• SAML
• WS-Federation
CONFIDENTIAL
27

28.

PASSPORT.JS
CONFIDENTIAL
28

29.

PASSPORT
Passport is Express-compatible authentication
middleware for Node.js.
Passport's sole purpose is to authenticate requests,
which it does through an extensible set of plugins
known as strategies. The API is simple: you provide
Passport a request to authenticate, and Passport
provides hooks for controlling what occurs when
authentication succeeds or fails.
CONFIDENTIAL
29

30.

PASSPORT MAIN CONCEPTS
• Strategies
• Sessions
• Middleware
CONFIDENTIAL
30

31.

PASSPORT API
• passport.initialize / session()
• passport.use()
• passport.serializeUser / deserializeUser()
• passport.authenticate()
• req.login / logout()
CONFIDENTIAL
31

32.

PASSPORT.JS
DEMO
CONFIDENTIAL
32

33.

THANK YOU!
CONFIDENTIAL
33
English     Русский Правила