From 682b85a423a7678191ec5987b8ca209d7e96aeb1 Mon Sep 17 00:00:00 2001 From: Mike Shecket Date: Tue, 29 Sep 2020 12:43:21 -0400 Subject: [PATCH] Copyediting of descriptions for Advanced Node & Express challenges (#39606) * Copyediting of challenge descriptions * Copyedited descriptions of Chai challenges * Update curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/clean-up-your-project-with-modules.english.md Co-authored-by: Shaun Hamilton <51722130+Sky020@users.noreply.github.com> * Update curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/create-new-middleware.english.md Co-authored-by: Shaun Hamilton <51722130+Sky020@users.noreply.github.com> * Update curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implement-the-serialization-of-a-passport-user.english.md * Update curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/create-new-middleware.english.md Co-authored-by: Shaun Hamilton <51722130+Sky020@users.noreply.github.com> * Update curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implementation-of-social-authentication.english.md Co-authored-by: Shaun Hamilton <51722130+Sky020@users.noreply.github.com> * Update curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implementation-of-social-authentication.english.md Co-authored-by: Shaun Hamilton <51722130+Sky020@users.noreply.github.com> * Update curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/registration-of-new-users.english.md Co-authored-by: Shaun Hamilton <51722130+Sky020@users.noreply.github.com> * Update curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/test-for-truthiness.english.md Co-authored-by: Shaun Hamilton <51722130+Sky020@users.noreply.github.com> * Update curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/test-for-truthiness.english.md Co-authored-by: Shaun Hamilton <51722130+Sky020@users.noreply.github.com> * Update curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/how-to-use-passport-strategies.english.md Co-authored-by: Shaun Hamilton <51722130+Sky020@users.noreply.github.com> * Update curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implement-the-serialization-of-a-passport-user.english.md Co-authored-by: Shaun Hamilton <51722130+Sky020@users.noreply.github.com> * Update curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implementation-of-social-authentication-ii.english.md Co-authored-by: Shaun Hamilton <51722130+Sky020@users.noreply.github.com> * Update curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/clean-up-your-project-with-modules.english.md Co-authored-by: Manish Giri * fix: added code tags Co-authored-by: Manish Giri * fix: add code tag * fix: change to code tag * fix: change to code tags * fix: added code tags * fix: capitalize Passport * fix: added code tags * fix: added code tags * fix: added code tags * fix: added code tags * fix: added code tags * fix: added code tags * fix: added code tags * fix: added code tags * fix: added code tags Co-authored-by: Shaun Hamilton <51722130+Sky020@users.noreply.github.com> Co-authored-by: Mrugesh Mohapatra <1884376+raisedadead@users.noreply.github.com> Co-authored-by: Manish Giri Co-authored-by: Randell Dawson <5313213+RandellDawson@users.noreply.github.com> --- .../announce-new-users.english.md | 4 ++-- .../authentication-strategies.english.md | 12 ++++++------ .../authentication-with-socket.io.english.md | 6 +++--- .../clean-up-your-project-with-modules.english.md | 8 ++++---- .../communicate-by-emitting.english.md | 2 +- .../create-new-middleware.english.md | 4 ++-- .../handle-a-disconnect.english.md | 2 +- .../hashing-your-passwords.english.md | 4 ++-- .../how-to-use-passport-strategies.english.md | 10 +++++----- ...t-the-serialization-of-a-passport-user.english.md | 8 ++++---- ...ementation-of-social-authentication-ii.english.md | 6 +++--- ...mentation-of-social-authentication-iii.english.md | 4 ++-- ...mplementation-of-social-authentication.english.md | 10 +++++----- .../logging-a-user-out.english.md | 2 +- .../registration-of-new-users.english.md | 2 +- .../send-and-display-chat-messages.english.md | 8 ++++---- .../serialization-of-a-user-object.english.md | 8 ++++---- ...ponse-using-chai-http-iii---put-method.english.md | 2 +- ...sponse-using-chai-http-iv---put-method.english.md | 4 ++-- ...tests-on-api-endpoints-using-chai-http.english.md | 2 +- ...onal-tests-using-a-headless-browser-ii.english.md | 4 ++-- ...ctional-tests-using-a-headless-browser.english.md | 2 +- .../test-for-truthiness.english.md | 4 ++-- 23 files changed, 59 insertions(+), 59 deletions(-) diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/announce-new-users.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/announce-new-users.english.md index 5616de3269..6da0b4c934 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/announce-new-users.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/announce-new-users.english.md @@ -9,9 +9,9 @@ forumTopicId: 301546
-Many chat rooms are able to announce when a user connects or disconnects and then display that to all of the connected users in the chat. Seeing as though you already are emitting an event on connect and disconnect, you will just have to modify this event to support such feature. The most logical way of doing so is sending 3 pieces of data with the event: name of the user connected/disconnected, the current user count, and if that name connected or disconnected. +Many chat rooms are able to announce when a user connects or disconnects and then display that to all of the connected users in the chat. Seeing as though you already are emitting an event on connect and disconnect, you will just have to modify this event to support such a feature. The most logical way of doing so is sending 3 pieces of data with the event: the name of the user who connected/disconnected, the current user count, and if that name connected or disconnected. -Change the event name to 'user', and pass an object along containing fields 'name', 'currentUsers', and 'connected' (to be true if connection, or false for disconnection of the user sent). Be sure to change both 'user count' events and set the disconnect one to send false for field 'connected' instead of true like the event emitted on connect. +Change the event name to 'user', and pass an object along containing the fields 'name', 'currentUsers', and 'connected' (to be true in case of connection, or false for disconnection of the user sent). Be sure to change both 'user count' events and set the disconnect one to send false for the field 'connected' instead of true like the event emitted on connect. ```js io.emit('user', { diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/authentication-strategies.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/authentication-strategies.english.md index 958d0255c9..7bf6e89064 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/authentication-strategies.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/authentication-strategies.english.md @@ -8,11 +8,11 @@ forumTopicId: 301547 ## Description
-A strategy is a way of authenticating a user. You can use a strategy for allowing users to authenticate based on locally saved information (if you have them register first) or from a variety of providers such as Google or GitHub. For this project we will set up a local strategy. To see a list of the 100's of strategies, visit Passports site here. +A strategy is a way of authenticating a user. You can use a strategy for allowing users to authenticate based on locally saved information (if you have them register first) or from a variety of providers such as Google or GitHub. For this project, we will set up a local strategy. To see a list of the hundreds of strategies, visit Passport's site here. -Add passport-local as a dependency and add it to your server as follows: const LocalStrategy = require('passport-local'); +Add passport-local as a dependency and add it to your server as follows: const LocalStrategy = require('passport-local'); -Now you will have to tell passport to use an instantiated LocalStrategy object with a few settings defined. Make sure this as well as everything from this point on is encapsulated in the database connection since it relies on it! +Now you will have to tell passport to use an instantiated LocalStrategy object with a few settings defined. Make sure this (as well as everything from this point on) is encapsulated in the database connection since it relies on it! ```js passport.use(new LocalStrategy( @@ -28,11 +28,11 @@ passport.use(new LocalStrategy( )); ``` -This is defining the process to take when we try to authenticate someone locally. First it tries to find a user in our database with the username entered, then it checks for the password to match, then finally if no errors have popped up that we checked for, like an incorrect password, the users object is returned and they are authenticated. +This is defining the process to use when we try to authenticate someone locally. First, it tries to find a user in our database with the username entered, then it checks for the password to match, then finally, if no errors have popped up that we checked for, like an incorrect password, the user's object is returned and they are authenticated. -Many strategies are set up using different settings, general it is easy to set it up based on the README in that strategies repository though. A good example of this is the GitHub strategy where we don't need to worry about a username or password because the user will be sent to GitHub's auth page to authenticate and as long as they are logged in and agree then GitHub returns their profile for us to use. +Many strategies are set up using different settings, but generally it is easy to set it up based on the README in that strategy's repository. A good example of this is the GitHub strategy where we don't need to worry about a username or password because the user will be sent to GitHub's auth page to authenticate. As long as they are logged in and agree then GitHub returns their profile for us to use. -In the next step we will set up how to actually call the authentication strategy to validate a user based on form data! +In the next step, we will set up how to actually call the authentication strategy to validate a user based on form data! Submit your page when you think you've got it right. If you're running into errors, you can check out the project completed up to this point here. diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/authentication-with-socket.io.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/authentication-with-socket.io.english.md index 07ff4b245e..f2fd14e9c2 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/authentication-with-socket.io.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/authentication-with-socket.io.english.md @@ -9,9 +9,9 @@ forumTopicId: 301548
-Currently, you cannot determine who is connected to your web socket. While req.user contains the user object, that's only when your user interacts with the web server and with web sockets you have no req (request) and therefore no user data. One way to solve the problem of knowing who is connected to your web socket is by parsing and decoding the cookie that contains the passport session then deserializing it to obtain the user object. Luckily, there is a package on NPM just for this that turns a once complex task into something simple! +Currently, you cannot determine who is connected to your web socket. While req.user contains the user object, that's only when your user interacts with the web server, and with web sockets you have no req (request) and therefore no user data. One way to solve the problem of knowing who is connected to your web socket is by parsing and decoding the cookie that contains the passport session then deserializing it to obtain the user object. Luckily, there is a package on NPM just for this that turns a once complex task into something simple! -Add passport.socketio, connect-mongo, and cookie-parser as dependencies and require them as passportSocketIo, MongoStore, and cookieParser respectfully. Also, we need to initialize a new memory store, from express-session which we previously required. It should look as follows: +Add passport.socketio, connect-mongo, and cookie-parser as dependencies and require them as passportSocketIo, MongoStore, and cookieParser respectively. Also, we need to initialize a new memory store, from express-session which we previously required. It should look like this: ```js const MongoStore = require('connect-mongo')(session); @@ -19,7 +19,7 @@ const URI = process.env.MONGO_URI; const store = new MongoStore({ url: URI }); ``` -Now we just have to tell Socket.IO to use it and set the options. Be sure this is added before the existing socket code and not in the existing connection listener. For your server it should look as follows: +Now we just have to tell Socket.IO to use it and set the options. Be sure this is added before the existing socket code and not in the existing connection listener. For your server, it should look like this: ```js io.use( diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/clean-up-your-project-with-modules.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/clean-up-your-project-with-modules.english.md index 7e5e8aaa52..fd308cf0fa 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/clean-up-your-project-with-modules.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/clean-up-your-project-with-modules.english.md @@ -8,7 +8,7 @@ forumTopicId: 301549 ## Description
-Right now everything you have is in your server.js file. This can lead to hard to manage code that isn't very expandable. +Right now, everything you have is in your server.js file. This can lead to hard to manage code that isn't very expandable. Create 2 new files: routes.js and auth.js Both should start with the following code: @@ -19,10 +19,10 @@ module.exports = function (app, myDataBase) { } ``` -Now in the top of your server file, require these files like such: const routes = require('./routes.js'); -Right after you establish a successful connect with the database instantiate each of them like such: routes(app, myDataBase) +Now, in the top of your server file, require these files like so: const routes = require('./routes.js'); +Right after you establish a successful connection with the database, instantiate each of them like so: routes(app, myDataBase) -Finally, take all of the routes in your server and paste them into your new files and remove them from your server file. Also take the ensureAuthenticated since we created that middleware function for routing specifically. You will have to now correctly add the dependencies in that are used, such as const passport = require('passport');, at the very top above the export line in your routes.js file. +Finally, take all of the routes in your server and paste them into your new files, and remove them from your server file. Also take the ensureAuthenticated function, since it was specifically created for routing. Now, you will have to correctly add the dependencies in which are used, such as const passport = require('passport');, at the very top, above the export line in your routes.js file. Keep adding them until no more errors exist, and your server file no longer has any routing (**except for the route in the catch block**)! diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/communicate-by-emitting.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/communicate-by-emitting.english.md index 35916e3d2a..7828b17c1a 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/communicate-by-emitting.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/communicate-by-emitting.english.md @@ -29,7 +29,7 @@ Finally, after incrementing the count, you should emit the event (still within t io.emit('user count', currentUsers); ``` -Now, you can implement a way for your client to listen for this event! Similarly to listening for a connection on the server, you will use the on keyword. +Now, you can implement a way for your client to listen for this event! Similar to listening for a connection on the server, you will use the on keyword. ```js socket.on('user count', function(data) { diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/create-new-middleware.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/create-new-middleware.english.md index 046f7042d5..6a6dc1041f 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/create-new-middleware.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/create-new-middleware.english.md @@ -8,9 +8,9 @@ forumTopicId: 301551 ## Description
-As in, any user can just go to /profile whether they authenticated or not by typing in the url. We want to prevent this by checking if the user is authenticated first before rendering the profile page. This is the perfect example of when to create a middleware. +As is, any user can just go to /profile whether they have authenticated or not, by typing in the url. We want to prevent this, by checking if the user is authenticated first before rendering the profile page. This is the perfect example of when to create a middleware. -The challenge here is creating the middleware function ensureAuthenticated(req, res, next), which will check if a user is authenticated by calling passports isAuthenticated on the request which in turn checks for req.user is to be defined. If it is then next() should be called, otherwise we can just respond to the request with a redirect to our homepage to login. An implementation of this middleware is: +The challenge here is creating the middleware function ensureAuthenticated(req, res, next), which will check if a user is authenticated by calling passport's isAuthenticated method on the request which, in turn, checks if req.user is defined. If it is, then next() should be called, otherwise, we can just respond to the request with a redirect to our homepage to login. An implementation of this middleware is: ```js function ensureAuthenticated(req, res, next) { diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/handle-a-disconnect.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/handle-a-disconnect.english.md index ac62958fda..86dfbe1cef 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/handle-a-disconnect.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/handle-a-disconnect.english.md @@ -9,7 +9,7 @@ forumTopicId: 301552
-You may notice that up to now you have only been increasing the user count. Handling a user disconnecting is just as easy as handling the initial connect except the difference is you have to listen for it on each socket versus on the whole server. +You may notice that up to now you have only been increasing the user count. Handling a user disconnecting is just as easy as handling the initial connect, except you have to listen for it on each socket instead of on the whole server. To do this, add another listener inside the existing 'connect' listener that listens for 'disconnect' on the socket with no data passed through. You can test this functionality by just logging that a user has disconnected to the console. diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/hashing-your-passwords.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/hashing-your-passwords.english.md index eee8be279f..b8020a681f 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/hashing-your-passwords.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/hashing-your-passwords.english.md @@ -8,11 +8,11 @@ forumTopicId: 301553 ## Description
-Going back to the information security section you may remember that storing plaintext passwords is never okay. Now it is time to implement BCrypt to solve this issue. +Going back to the information security section, you may remember that storing plaintext passwords is never okay. Now it is time to implement BCrypt to solve this issue. Add BCrypt as a dependency, and require it in your server. You will need to handle hashing in 2 key areas: where you handle registering/saving a new account, and when you check to see that a password is correct on login. -Currently on our registration route, you insert a user's password into the database like the following: password: req.body.password. An easy way to implement saving a hash instead is to add the following before your database logic const hash = bcrypt.hashSync(req.body.password, 12);, and replacing the req.body.password in the database saving with just password: hash. +Currently on our registration route, you insert a user's password into the database like so: password: req.body.password. An easy way to implement saving a hash instead is to add the following before your database logic const hash = bcrypt.hashSync(req.body.password, 12);, and replacing the req.body.password in the database saving with just password: hash. Finally, on our authentication strategy, we check for the following in our code before completing the process: if (password !== user.password) { return done(null, false); }. After making the previous changes, now user.password is a hash. Before making a change to the existing code, notice how the statement is checking if the password is **not** equal then return non-authenticated. With this in mind, your code could look as follows to properly check the password entered against the hash: diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/how-to-use-passport-strategies.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/how-to-use-passport-strategies.english.md index 83ebd37e83..d0ea69d4d1 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/how-to-use-passport-strategies.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/how-to-use-passport-strategies.english.md @@ -8,15 +8,15 @@ forumTopicId: 301555 ## Description
-In the index.pug file supplied there is actually a login form. It has previously been hidden because of the inline JavaScript if showLogin with the form indented after it. Before showLogin as a variable was never defined, it never rendered the code block containing the form. Go ahead and on the res.render for that page add a new variable to the object showLogin: true. When you refresh your page, you should then see the form! This form is set up to POST on /login so this is where we should set up to accept the POST and authenticate the user. +In the index.pug file supplied, there is actually a login form. It has previously been hidden because of the inline JavaScript if showLogin with the form indented after it. Before showLogin as a variable was never defined, so it never rendered the code block containing the form. Go ahead and on the res.render for that page add a new variable to the object showLogin: true. When you refresh your page, you should then see the form! This form is set up to POST on /login, so this is where we should set up to accept the POST and authenticate the user. -For this challenge you should add the route /login to accept a POST request. To authenticate on this route you need to add a middleware to do so before then sending a response. This is done by just passing another argument with the middleware before your function(req,res) with your response! The middleware to use is passport.authenticate('local'). +For this challenge you should add the route /login to accept a POST request. To authenticate on this route, you need to add a middleware to do so before then sending a response. This is done by just passing another argument with the middleware before your function(req,res) with your response! The middleware to use is passport.authenticate('local'). -passport.authenticate can also take some options as an argument such as: { failureRedirect: '/' } which is incredibly useful so be sure to add that in as well. As a response after using the middleware (which will only be called if the authentication middleware passes) should be to redirect the user to /profile and that route should render the view 'profile.pug'. +passport.authenticate can also take some options as an argument such as: { failureRedirect: '/' } which is incredibly useful, so be sure to add that in as well. The response after using the middleware (which will only be called if the authentication middleware passes) should be to redirect the user to /profile and that route should render the view profile.pug. -If the authentication was successful, the user object will be saved in req.user. +If the authentication was successful, the user object will be saved in req.user. -Now at this point if you enter a username and password in the form, it should redirect to the home page / and in the console of your server should be 'User {USERNAME} attempted to log in.' since we currently cannot login a user who isn't registered. +At this point, if you enter a username and password in the form, it should redirect to the home page /, and the console of your server should display 'User {USERNAME} attempted to log in.', since we currently cannot login a user who isn't registered. Submit your page when you think you've got it right. If you're running into errors, you can check out the project completed up to this point here. diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implement-the-serialization-of-a-passport-user.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implement-the-serialization-of-a-passport-user.english.md index 166455e6a0..cd9eec95dd 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implement-the-serialization-of-a-passport-user.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implement-the-serialization-of-a-passport-user.english.md @@ -9,12 +9,12 @@ forumTopicId: 301556
-Right now we're not loading an actual user object since we haven't set up our database. This can be done many different ways, but for our project we will connect to the database once when we start the server and keep a persistent connection for the full life-cycle of the app. -To do this, add your database's connection string (for example: mongodb+srv://:@cluster0-jvwxi.mongodb.net/?retryWrites=true&w=majority) to the environment variable MONGO_URI. This is used in the connection.js file. +Right now, we're not loading an actual user object since we haven't set up our database. This can be done many different ways, but for our project we will connect to the database once when we start the server and keep a persistent connection for the full life-cycle of the app. +To do this, add your database's connection string (for example: mongodb+srv://:@cluster0-jvwxi.mongodb.net/?retryWrites=true&w=majority) to the environment variable MONGO_URI. This is used in the connection.js file. _You can set up a free database on MongoDB Atlas._ -Now we want to the connect to our database then start listening for requests. The purpose of this is to not allow requests before our database is connected or if there is a database error. To accomplish you will want to encompass your serialization and your app routes in the following: +Now we want to connect to our database then start listening for requests. The purpose of this is to not allow requests before our database is connected or if there is a database error. To accomplish this, you will want to encompass your serialization and your app routes in the following code: ```js myDB(async client => { @@ -40,7 +40,7 @@ myDB(async client => { // app.listen out here... ``` -Be sure to uncomment the myDataBase code in deserializeUser, and edit your done(null, null) to include the doc. +Be sure to uncomment the myDataBase code in deserializeUser, and edit your done(null, null) to include the doc. Submit your page when you think you've got it right. If you're running into errors, you can check out the project completed up to this point here. diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implementation-of-social-authentication-ii.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implementation-of-social-authentication-ii.english.md index 822e303a77..b205534472 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implementation-of-social-authentication-ii.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implementation-of-social-authentication-ii.english.md @@ -8,9 +8,9 @@ forumTopicId: 301557 ## Description
-The last part of setting up your GitHub authentication is to create the strategy itself. For this, you will need to add the dependency of 'passport-github' to your project and require it in your auth.js as GithubStrategy like const GitHubStrategy = require('passport-github').Strategy;. Do not forget to require and configure dotenv to use your environment variables. +The last part of setting up your GitHub authentication is to create the strategy itself. For this, you will need to add the dependency of 'passport-github' to your project and require it in your auth.js as GithubStrategy like this: const GitHubStrategy = require('passport-github').Strategy;. Do not forget to require and configure dotenv to use your environment variables. -To set up the GitHub strategy, you have to tell passport to use an instantiated GitHubStrategy, which accepts 2 arguments: An object (containing clientID, clientSecret, and callbackURL) and a function to be called when a user is successfully authenticated which we will determine if the user is new and what fields to save initially in the user's database object. This is common across many strategies but some may require more information as outlined in that specific strategy's github README; for example, Google requires a scope as well which determines what kind of information your request is asking returned and asks the user to approve such access. The current strategy we are implementing has its usage outlined here, but we're going through it all right here on freeCodeCamp! +To set up the GitHub strategy, you have to tell Passport to use an instantiated GitHubStrategy, which accepts 2 arguments: an object (containing clientID, clientSecret, and callbackURL) and a function to be called when a user is successfully authenticated, which will determine if the user is new and what fields to save initially in the user's database object. This is common across many strategies, but some may require more information as outlined in that specific strategy's GitHub README. For example, Google requires a scope as well which determines what kind of information your request is asking to be returned and asks the user to approve such access. The current strategy we are implementing has its usage outlined here, but we're going through it all right here on freeCodeCamp! Here's how your new strategy should look at this point: @@ -27,7 +27,7 @@ passport.use(new GitHubStrategy({ )); ``` -Your authentication won't be successful yet, and actually throw an error, without the database logic and callback, but it should log to your console your GitHub profile if you try it! +Your authentication won't be successful yet, and it will actually throw an error without the database logic and callback, but it should log your GitHub profile to your console if you try it! Submit your page when you think you've got it right. If you're running into errors, you can check out the project completed up to this point here. diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implementation-of-social-authentication-iii.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implementation-of-social-authentication-iii.english.md index 8826ed249b..f6a69bf78a 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implementation-of-social-authentication-iii.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implementation-of-social-authentication-iii.english.md @@ -9,7 +9,7 @@ forumTopicId: 301558
-The final part of the strategy is handling the profile returned from GitHub. We need to load the user's database object if it exists, or create one if it doesn't, and populate the fields from the profile, then return the user's object. GitHub supplies us a unique id within each profile which we can use to search with to serialize the user with (already implemented). Below is an example implementation you can use in your project- it goes within the function that is the second argument for the new strategy, right below the console.log(profile); currently is: +The final part of the strategy is handling the profile returned from GitHub. We need to load the user's database object if it exists, or create one if it doesn't, and populate the fields from the profile, then return the user's object. GitHub supplies us a unique id within each profile which we can use to search with to serialize the user with (already implemented). Below is an example implementation you can use in your project--it goes within the function that is the second argument for the new strategy, right below where console.log(profile); currently is: ```js myDataBase.findOneAndUpdate( @@ -41,7 +41,7 @@ myDataBase.findOneAndUpdate( `findOneAndUpdate` allows you to search for an object and update it. If the object doesn't exist, it will be inserted and made available to the callback function. In this example, we always set `last_login`, increment the `login_count` by `1`, and only populate the majority of the fields when a new object (new user) is inserted. Notice the use of default values. Sometimes a profile returned won't have all the information filled out or the user will keep it private. In this case, you handle it to prevent an error. -You should be able to login to your app now- try it! +You should be able to login to your app now--try it! Submit your page when you think you've got it right. If you're running into errors, you can check out the project completed up to this point here. diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implementation-of-social-authentication.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implementation-of-social-authentication.english.md index a17e265cb4..cde33d5e3c 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implementation-of-social-authentication.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/implementation-of-social-authentication.english.md @@ -8,15 +8,15 @@ forumTopicId: 301559 ## Description
-The basic path this kind of authentication will follow in your app is:
  1. User clicks a button or link sending them to our route to authenticate using a specific strategy (EG. GitHub)
  2. Your route calls passport.authenticate('github') which redirects them to GitHub.
  3. The page the user lands on, on GitHub, allows them to login if they aren't already. It then asks them to approve access to their profile from our app.
  4. The user is then returned to our app at a specific callback url with their profile if they are approved.
  5. They are now authenticated and your app should check if it is a returning profile, or save it in your database if it is not.
+The basic path this kind of authentication will follow in your app is:
  1. User clicks a button or link sending them to our route to authenticate using a specific strategy (e.g. GitHub).
  2. Your route calls passport.authenticate('github') which redirects them to GitHub.
  3. The page the user lands on, on GitHub, allows them to login if they aren't already. It then asks them to approve access to their profile from our app.
  4. The user is then returned to our app at a specific callback url with their profile if they are approved.
  5. They are now authenticated, and your app should check if it is a returning profile, or save it in your database if it is not.
-Strategies with OAuth require you to have at least a Client ID and a Client Secret which is a way for them to verify who the authentication request is coming from and if it is valid. These are obtained from the site you are trying to implement authentication with, such as GitHub, and are unique to your app- THEY ARE NOT TO BE SHARED and should never be uploaded to a public repository or written directly in your code. A common practice is to put them in your .env file and reference them like: process.env.GITHUB_CLIENT_ID. For this challenge we're going to use the GitHub strategy. +Strategies with OAuth require you to have at least a Client ID and a Client Secret which is a way for the service to verify who the authentication request is coming from and if it is valid. These are obtained from the site you are trying to implement authentication with, such as GitHub, and are unique to your app--THEY ARE NOT TO BE SHARED and should never be uploaded to a public repository or written directly in your code. A common practice is to put them in your .env file and reference them like so: process.env.GITHUB_CLIENT_ID. For this challenge we're going to use the GitHub strategy. -Obtaining your Client ID and Secret from GitHub is done in your account profile settings under 'developer settings', then 'OAuth applications'. Click 'Register a new application', name your app, paste in the url to your Repl.it homepage (Not the project code's url), and lastly for the callback url, paste in the same url as the homepage but with /auth/github/callback added on. This is where users will be redirected to for us to handle after authenticating on GitHub. Save the returned information as 'GITHUB_CLIENT_ID' and 'GITHUB_CLIENT_SECRET' in your .env file. +Obtaining your Client ID and Secret from GitHub is done in your account profile settings under 'developer settings', then 'OAuth applications'. Click 'Register a new application', name your app, paste in the url to your Repl.it homepage (Not the project code's url), and lastly, for the callback url, paste in the same url as the homepage but with /auth/github/callback added on. This is where users will be redirected for us to handle after authenticating on GitHub. Save the returned information as 'GITHUB_CLIENT_ID' and 'GITHUB_CLIENT_SECRET' in your .env file. -In your routes.js file, add showSocialAuth: true to the homepage route, after showRegistration: true. Now, create 2 routes accepting GET requests: /auth/github and /auth/github/callback. The first should only call passport to authenticate 'github' and the second should call passport to authenticate 'github' with a failure redirect to '/' and then if that is successful redirect to '/profile' (similar to our last project). +In your routes.js file, add showSocialAuth: true to the homepage route, after showRegistration: true. Now, create 2 routes accepting GET requests: /auth/github and /auth/github/callback. The first should only call passport to authenticate 'github'. The second should call passport to authenticate 'github' with a failure redirect to /, and then if that is successful redirect to /profile (similar to our last project). -An example of how '/auth/github/callback' should look is similar to how we handled a normal login: +An example of how /auth/github/callback should look is similar to how we handled a normal login: ```js app.route('/login') diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/logging-a-user-out.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/logging-a-user-out.english.md index 69203aadeb..e2c5eb2e15 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/logging-a-user-out.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/logging-a-user-out.english.md @@ -20,7 +20,7 @@ app.route('/logout') }); ``` -You may have noticed that we're not handling missing pages (404), the common way to handle this in Node is with the following middleware. Go ahead and add this in after all your other routes: +You may have noticed that we're not handling missing pages (404). The common way to handle this in Node is with the following middleware. Go ahead and add this in after all your other routes: ```js app.use((req, res, next) => { diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/registration-of-new-users.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/registration-of-new-users.english.md index dcd904b96e..24baff1f10 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/registration-of-new-users.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/registration-of-new-users.english.md @@ -8,7 +8,7 @@ forumTopicId: 301561 ## Description
-Now we need to allow a new user on our site to register an account. On the res.render for the home page add a new variable to the object passed along- showRegistration: true. When you refresh your page, you should then see the registration form that was already created in your index.pug file! This form is set up to POST on /register so this is where we should set up to accept the POST and create the user object in the database. +Now we need to allow a new user on our site to register an account. On the res.render for the home page add a new variable to the object passed along--showRegistration: true. When you refresh your page, you should then see the registration form that was already created in your index.pug file! This form is set up to POST on /register, so this is where we should set up to accept the POST and create the user object in the database. The logic of the registration route should be as follows: Register the new user > Authenticate the new user > Redirect to /profile diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/send-and-display-chat-messages.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/send-and-display-chat-messages.english.md index 8c98a8d086..0d89ba60da 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/send-and-display-chat-messages.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/send-and-display-chat-messages.english.md @@ -9,7 +9,7 @@ forumTopicId: 301562
-It's time you start allowing clients to send a chat message to the server to emit to all the clients! Already in your client.js file you should see there is already a block of code handling when the message form is submitted. +It's time you start allowing clients to send a chat message to the server to emit to all the clients! In your client.js file, you should see there is already a block of code handling when the message form is submitted. ```js $('form').submit(function() { @@ -23,11 +23,11 @@ Within the form submit code, you should emit an event after you define mes socket.emit('chat message', messageToSend); ``` -Now on your server you should be listening to the socket for the event 'chat message' with the data being named message. Once the event is received it should then emit the event 'chat message' to all sockets io.emit with the data being an object containing name and message. +Now, on your server, you should be listening to the socket for the event 'chat message' with the data being named message. Once the event is received, it should emit the event 'chat message' to all sockets io.emit with the data being an object containing name and message. -In client.js, you should now listen for event 'chat message' and, when received, append a list item to #messages with the name a colon and the message! +In client.js, you should now listen for event 'chat message' and, when received, append a list item to #messages with the name, a colon, and the message! -At this point the chat should be fully functional and sending messages across all clients! +At this point, the chat should be fully functional and sending messages across all clients! Submit your page when you think you've got it right. If you're running into errors, you can check out the project completed up to this point here. diff --git a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/serialization-of-a-user-object.english.md b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/serialization-of-a-user-object.english.md index 3f451a499d..43b2f7f8e5 100644 --- a/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/serialization-of-a-user-object.english.md +++ b/curriculum/challenges/english/06-quality-assurance/advanced-node-and-express/serialization-of-a-user-object.english.md @@ -9,11 +9,11 @@ forumTopicId: 301563
-Serialization and deserialization are important concepts in regards to authentication. To serialize an object means to convert its contents into a small key essentially that can then be deserialized into the original object. This is what allows us to know who has communicated with the server without having to send the authentication data like username and password at each request for a new page. +Serialization and deserialization are important concepts in regards to authentication. To serialize an object means to convert its contents into a small key that can then be deserialized into the original object. This is what allows us to know who has communicated with the server without having to send the authentication data, like the username and password, at each request for a new page. -To set this up properly, we need to have a serialize function and a deserialize function. In passport we create these with passport.serializeUser( OURFUNCTION ) and passport.deserializeUser( OURFUNCTION ) +To set this up properly, we need to have a serialize function and a deserialize function. In Passport, we create these with passport.serializeUser( OURFUNCTION ) and passport.deserializeUser( OURFUNCTION ) -The serializeUser is called with 2 arguments, the full user object and a callback used by passport. Returned in the callback should be a unique key to identify that user - the easiest one to use being the user's _id in the object as it should be unique as it generated by MongoDB. Similarly, deserializeUser is called with that key and a callback function for passport as well, but, this time, we have to take that key and return the full user object to the callback. To make a query search for a Mongo _id, you will have to create const ObjectID = require('mongodb').ObjectID;, and then to use it you call new ObjectID(THE_ID). Be sure to add MongoDB as a dependency. You can see this in the examples below: +The serializeUser is called with 2 arguments, the full user object and a callback used by passport. A unique key to identify that user should be returned in the callback, the easiest one to use being the user's _id in the object. It should be unique as it generated by MongoDB. Similarly, deserializeUser is called with that key and a callback function for passport as well, but, this time, we have to take that key and return the full user object to the callback. To make a query search for a Mongo _id, you will have to create const ObjectID = require('mongodb').ObjectID;, and then to use it you call new ObjectID(THE_ID). Be sure to add MongoDB as a dependency. You can see this in the examples below: ```js passport.serializeUser((user, done) => { @@ -27,7 +27,7 @@ passport.deserializeUser((id, done) => { }); ``` -NOTE: This deserializeUser will throw an error until we set up the DB in the next step so comment out the whole block and just call done(null, null) in the function deserializeUser. +NOTE: This deserializeUser will throw an error until we set up the DB in the next step, so for now comment out the whole block and just call done(null, null) in the function deserializeUser. Submit your page when you think you've got it right. If you're running into errors, you can check out the project completed up to this point here. diff --git a/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-on-an-api-response-using-chai-http-iii---put-method.english.md b/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-on-an-api-response-using-chai-http-iii---put-method.english.md index 733ad4447f..e0fef95845 100644 --- a/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-on-an-api-response-using-chai-http-iii---put-method.english.md +++ b/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-on-an-api-response-using-chai-http-iii---put-method.english.md @@ -9,7 +9,7 @@ forumTopicId: 301590
As a reminder, this project is being built upon the following starter project on Repl.it, or cloned from GitHub. In the next example we'll see how to send data in a request payload (body). -We are going to test a PUT request. The '/travellers' endpoint accepts a JSON object taking the structure : +We are going to test a PUT request. The '/travellers' endpoint accepts a JSON object taking the structure: ```json { diff --git a/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-on-an-api-response-using-chai-http-iv---put-method.english.md b/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-on-an-api-response-using-chai-http-iv---put-method.english.md index d69beef98e..3b3bd44f45 100644 --- a/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-on-an-api-response-using-chai-http-iv---put-method.english.md +++ b/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-on-an-api-response-using-chai-http-iv---put-method.english.md @@ -8,7 +8,7 @@ forumTopicId: 301591 ## Description
As a reminder, this project is being built upon the following starter project on Repl.it, or cloned from GitHub. -This exercise is similar to the preceding. Look at it for the details. +This exercise is similar to the preceding one. Look at it for the details.
@@ -24,7 +24,7 @@ Send Replace assert.fail() and make the test pass. Check for 1) status, 2) type, 3) body.name, 4) body.surname. -Follow the assertion order above, We rely on it. +Follow the assertion order above: we rely on it.
## Tests diff --git a/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-on-api-endpoints-using-chai-http.english.md b/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-on-api-endpoints-using-chai-http.english.md index 663ca4eb02..e1f5e002fd 100644 --- a/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-on-api-endpoints-using-chai-http.english.md +++ b/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-on-api-endpoints-using-chai-http.english.md @@ -14,7 +14,7 @@ As a reminder, this project is being built upon the following starter project on ## Instructions
Replace assert.fail(). Test the status and the text.response. Make the test pass. -Don't send a name in the query, the endpoint responds with "hello Guest". +Don't send a name in the query; the endpoint responds with hello Guest.
## Tests diff --git a/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-using-a-headless-browser-ii.english.md b/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-using-a-headless-browser-ii.english.md index 014dd176f3..4e89062c45 100644 --- a/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-using-a-headless-browser-ii.english.md +++ b/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-using-a-headless-browser-ii.english.md @@ -13,8 +13,8 @@ As a reminder, this project is being built upon the following starter project on ## Instructions
-This exercise is similar to the preceding. -Look at the code for directions. Follow the assertions order, We rely on it. +This exercise is similar to the preceding one. +Look at the code for directions. Follow the assertions order: we rely on it.
## Tests diff --git a/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-using-a-headless-browser.english.md b/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-using-a-headless-browser.english.md index aac8d8e8f3..f8b12482b9 100644 --- a/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-using-a-headless-browser.english.md +++ b/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/run-functional-tests-using-a-headless-browser.english.md @@ -9,7 +9,7 @@ forumTopicId: 301595
As a reminder, this project is being built upon the following starter project on Repl.it, or cloned from GitHub. In the next challenges we are going to simulate the human interaction with a page using a device called 'Headless Browser'. -A headless browser is a web browser without a graphical user interface. These kind of tools are particularly useful for testing web pages as they are able to render and understand HTML, CSS, and JavaScript the same way a browser would. +A headless browser is a web browser without a graphical user interface. This kind of tool is particularly useful for testing web pages, as it is able to render and understand HTML, CSS, and JavaScript the same way a browser would.
diff --git a/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/test-for-truthiness.english.md b/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/test-for-truthiness.english.md index 5f1f2e8a39..bd5793709c 100644 --- a/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/test-for-truthiness.english.md +++ b/curriculum/challenges/english/06-quality-assurance/quality-assurance-and-testing-with-chai/test-for-truthiness.english.md @@ -9,7 +9,7 @@ forumTopicId: 301596
As a reminder, this project is being built upon the following starter project on Repl.it, or cloned from GitHub. -isTrue() will test for the boolean value true and isNotTrue() will pass when given anything but the boolean value of true. +isTrue() will test for the boolean value true and isNotTrue() will pass when given anything but the boolean value of true. ```js assert.isTrue(true, 'this will pass with the boolean value true'); @@ -18,7 +18,7 @@ assert.isTrue(1, 'this will NOT pass with the number value 1'); ``` -isFalse() and isNotFalse() also exist and behave similary to their true counterparts except they look for the boolean value of false. +isFalse() and isNotFalse() also exist and behave similarly to their true counterparts except they look for the boolean value of false.
## Instructions