DEV Community

FredAbod
FredAbod

Posted on

Authorization In Node.js, All You Need To Know

Liquid syntax error: 'raw' tag was never closed

Top comments (2)

Collapse
 
joelbonetr profile image
JoelBonetR 🥇

Hi @fredabod , nice introduction to this topic.

Pointing out improvement points:

Assuming that the headers look like that:

Authorization: {
    token: 'myToken'
}
Enter fullscreen mode Exit fullscreen mode

I'd change

const token = req.headers.authorization.split(' ')[1];
Enter fullscreen mode Exit fullscreen mode

for

const { token } = req.headers.authorization;
Enter fullscreen mode Exit fullscreen mode

just to avoid runtime errors if something went wrong (e.g. Authorization being undefined) as well as for maintainability as you can know what it does by just reading at this while in the array hardcoded position implementation you can be wondering "what the heck does Authorization have?".

Also take a look at CORS and specially to the DB Salt concept so you get better security on this.

Hope it helps somehow, best regards 😁

Collapse
 
fredabod profile image
FredAbod

This was really helpful. Thank you @joelbonetr