I am trying to create a website (for personal use) where people can text each other, upload files / photos etc.
I would like to generate a token for every user in the database just to identify them without nicknames. I've got a function that generates a token and a database where I've got all my users.
The problem is I don't really know how to check if:
a) the user already exists in the database.
b) if exists how to assign them the token.
c) if doesn't create a new one and also assign them the token.
Here is my code, I wrote everything in JS using Google Firebase
firebase.initializeApp(firebaseConfig);
const db = firebase.database();
const username = prompt("Username:");
const receiver = prompt("Receiver's name:");
document.getElementById("send-message").addEventListener("submit", postChat);
function postChat(e)
{
e.preventDefault();
const timestamp = Date.now();
const chatTxt = document.getElementById("chat-txt");
const message = chatTxt.value;
chatTxt.value = "";
db.ref("messages/" username "/" receiver "/" timestamp).set({
usr: username,
msg: message,
});
db.ref("messages/" receiver "/" username "/" timestamp).set({
usr: username,
msg: message,
});
}
const fetchChat = db.ref("messages/" username "/" receiver "/");
fetchChat.on("child_added", function (snapshot)
{
const messages = snapshot.val();
const msg = "<li>" messages.usr " : " messages.msg "</li>";
document.getElementById("messages").innerHTML = msg;
});
That is how I generate a token
function generateAToken()
{
let characters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";
let token = "";
for(let i = 0; i < 32; i )
{
let tmp = Math.floor(Math.random() * 62);
token = characters[tmp];
}
}
Everything works really well right now, the point is when I type something in the prompts it immediately runs a function that solves the key problem which I described above.
That is how the JSON looks like right now
{
"messages": {
"user1": {
"user2": {
"1656608940603": {
"msg": "hi",
"usr": "user1"
},
"1656608958447": {
"msg": "hey, whats good?",
"usr": "user2"
}
}
},
"user2": {
"user1": {
"1656608940603": {
"msg": "hi",
"usr": "user1"
},
"1656608958447": {
"msg": "hey, whats good?",
"usr": "user2"
}
}
}
}
}
And here is a screen of how the website looks like right now if the username and receiver's names are user1 and user2.
Enter image description here!
I am kind of new in the environment so please if someone wants to help use easy language as you would talk to a kid.
Have a nice day to everyone ;)
CodePudding user response:
Generally, A token should not be saved in the database,
What I think is that :
the user enters username and password, in your code you will encrypt the password on registration using some algorithm or a library (crypto, JWT).
At login - Validate that the user's encrypted password from the database (registration phase), is same as the password encrypted at login (login phase).
So breaking into points:
User registers -> Password saved in database after encryption.
User logins -> Validate encrypted password same as the current password after encryption.
I hope what I say make sense haha.