Node.js was chosen as the platform for this application for several reasons:
• Asynchronicity and Performance: The asynchronous nature of Node.js makes it ideal for handling multiple requests simultaneously without blocking threads, which is crucial for high-traffic web applications.
• Ecosystem and Community: Node.js boasts a vast ecosystem of packages available through npm (Node Package Manager). This enables rapid addition of functionality to the application by leveraging existing modules.
• Ease of Scaling: Applications written in Node.js are easy to scale, allowing for seamless growth as demand increases.
The app.js file contains the configuration and main logic of the Express.js server. It manages routes, user sessions, authentication, and various user and shopping list management functions.
passport.use(new LocalStrategy(...)): We use the local strategy of Passport.js to authenticate users using their username and password. We check if the user exists and then verify the password using bcrypt.
passport.serializeUser(...) and passport.deserializeUser(...): These functions manage the serialization and deserialization of users to store user session information.
app.use(session(...)): Configuration of sessions using express-session. Sessions are used to maintain the logged-in state of the user across different requests.
For encrypting user passwords, we use the bcrypt library. bcrypt is widely regarded as a secure tool for hashing passwords due to its salt function and multiple hashing mechanism, which makes brute force attacks (a trial-and-error method used to crack passwords or encryption keys by systematically checking all possible combinations) more difficult.
The entire code in app.js is designed to enable comprehensive management of users and shopping lists, while ensuring security through user authentication and authorization, as well as error handling.
The database.js file is responsible for establishing a connection with the MySQL database using the mysql2 library. The connection configuration is retrieved from the .env file, which stores authentication data in environment variables.