Creative Inc.

I am a creative illustrator and graphic designer with more than 10 years of experience.

Originally from Toronto, currently based in London.

©2017 Your company - Made with DatoCMS

Labs II - Integration

Labs8 - RateMyDIY

Provide a paragraph (5-8 sentences) summarizing the work you did this week, the challenges you faced, the tools you used, and your accomplishments.

This week I continued to work on authorization. We overcame some blockers such as user roles and permissions, but struggled with connecting the front end to the back end authentication functionality. Upon reading the passport documentation more closely, we discovered that it’s main purpose is just to authenticate requests. This is done by storing a session with express-sessions and creating a cookie during that session. This cookie is then sent by the client on each request to the server. Working with cookies in Javascript is tricky due to security, if the httpOnly flag is set to false there could be breaches in the system. As a result, we were limited to what we could do with this cookie. Passport stores the user information it gets back on the request object itself, so this user data is accessible on the back end. However, when attempting to send this information to the front end it returns an empty object. Consequently, we tried to use an authid variable to query our database to find the corresponding userid and return a user object from our database instead, but with no luck as that returned an empty object as well. I believe we are dealing with an issue with cors. Regardless, we have yet to solve this problem.

List the tasks you pulled this week, and provide a link to the successfully merged PR completing that task and the trello card for that task. You must have at least one front end and one back end. The expected total is 6 with a minimum of 4.

PR Links
Session Store Github: https://github.com/Lambda-School-Labs/Labs8-RateMyDIY/pull/31
Trello: https://trello.com/c/Hotxeqpp/61-sessions-stor
Roles Github: https://github.com/Lambda-School-Labs/Labs8-RateMyDIY/pull/42
Trello: https://trello.com/c/eKSUvPlF/59-user-roles
Permissions Github: https://github.com/Lambda-School-Labs/Labs8-RateMyDIY/pull/47
Trello: https://trello.com/c/mFgKoUjQ/56-user-permissions
Connecting Auth Github: https://github.com/Lambda-School-Labs/Labs8-RateMyDIY/pull/51
Trello: https://trello.com/c/h3f0rBXu/75-connecting-auth

Pick one of your tickets and provide a detailed analysis of the work you did. This should be approximately ¼ page of text, and at least three screenshots.

PR chosen: Roles

Setting up roles required many different moving parts. It begins with the backend being deployed, as this was needed by Auth0 to implement their proprietary software called rules during the authentication process.

First we declare a new property on the user object called app_metadata which defaults to an empty object. Then we do the same with roles, which defaults to an empty array. The email addresses of the admins go in the admins list on the next line. Following that, there is an addRolesToUser function. This function intakes the user and a callback function. Basically, if it’s a user’s first time on the site they will be given a “new” role. After the first login, there is logic in place to check if the user has an email address of an admin to be given the “admin” role. If not, they default to a “user” role. This function is then called with the user argument and another function. It formally updates the auth0 database and assigns the roles to the user object.

After implementing the rule via the app dashboard, we look to the code to apply it. During the authentication process, we get the role property from the user object. We then test for what role the user is. If they are new, we add their information to our database. If not, we redirect them to the front end.

As a part of your journal entry, write ¼ to ½ a page reflecting on your experiences working with a team to integrate several servers, pages, APIs, and services into one project. Describe how your pieces of the project interfaced with and integrated with your teammates.

My experience happens to be working with the Auth API. Integrating this into our app has proven to be a real pain. We had up to 3 group members at a time working to figure it out but it still went over our heads. It ended up being a major time sink. I feel bad because auth was my job and I couldn’t deliver. But it’s a team effort, and mine understands that, which I am grateful for. I think this week really brought us together, as we were pair programming and working in a group throughout the whole week to defeat whatever errors we were battling. Towards the last few days we were able to implement the sendgrid and twilio APIs to send an email and a text to the user respectively. We treated them as separate entities, and it has been working out that way up to this point. Once auth is up and running in full force, we may need to go back and edit some things. While our app may not be working the best, I believe our team is, while doing everything we can to improve.

Stack Links
Front-end https://ratemydiy.netlify.com/
Back-end https://ratemydiy.herokuapp.com/
Interview https://youtu.be/rdmD3y6iMeg