Skip to content

New lesson: Sessions #29082

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 33 commits into
base: main
Choose a base branch
from
Open

New lesson: Sessions #29082

wants to merge 33 commits into from

Conversation

MaoShizhong
Copy link
Contributor

Because

As part of the Node revamp's 2nd milestone

This PR

Issue

Closes #28847

Additional Information

Pull Request Requirements

  • I have thoroughly read and understand The Odin Project curriculum contributing guide
  • The title of this PR follows the location of change: brief description of change format, e.g. Intro to HTML and CSS lesson: Fix link text
  • The Because section summarizes the reason for this PR
  • The This PR section has a bullet point list describing the changes in this PR
  • If this PR addresses an open issue, it is linked in the Issue section
  • If any lesson files are included in this PR, they have been previewed with the Markdown preview tool to ensure it is formatted correctly
  • If any lesson files are included in this PR, they follow the Layout Style Guide

@MaoShizhong
Write intro and lesson overview
3c3a0fd
@MaoShizhong
Write sessions description
e212eb6
@MaoShizhong
Rearrange section content
4d23f47 
'Persisting logins' was a glorified intro anyway
@MaoShizhong
Add example app setup instructions
a2d7e44
@MaoShizhong
Start login example
657de49 
Only up to the original login process
@MaoShizhong
Handle general authentication middleware
0027857
@MaoShizhong
Rephrase validation feedback warning verbiage
ca2d4f9
@MaoShizhong
Explain session options in app.js
0cbc997 
Reordered setup code blocks for easier content flow.
Decided to introduce the session store and secret explanations here
instead of their own sections later on (not really needed there).
@MaoShizhong
Format code blocks for less horizontal scrolling
d767546
@MaoShizhong
Rearrange session options description
79ef33e 
New order allows for a more natural way of explaining how
express-session populates req.session.
That can be explained at the start and options explained to reflect
that, instead of explaining options in a bit of a black hole then
provide the context later in the lesson.
@MaoShizhong
Add section on password hashing with argon2id
2c0da9b
@MaoShizhong
Fix signup path
e5bfc45
@MaoShizhong
Add section on logging out
584b2a4 
Made more sense to talk about logging out after logging in, then talk
about password hashing afterwords.
@MaoShizhong
Add knowledge check questions
1869145 
Use subsections for better content organisation and linking
@MaoShizhong
Emphasise argon2 library defaults meet OWASP recommendations
45bf391
@MaoShizhong
Add login/signup links in views for convenient navigation
03da52f
@MaoShizhong
Fix grammar and US/UK spelling
77d56e1
@github-actions github-actions bot added the Content: NodeJS Involves the NodeJS course label Nov 13, 2024
@MaoShizhong
Rename lesson file
973251c 
"Session-based authentication" is a more appropriate title for the
lesson than just "Sessions", given that sessions are not exclusively
used for auth purposes.
@01zulfi 01zulfi self-requested a review November 13, 2024 16:19
@MaoShizhong
Demonstrate NODE_ENV conditional cookie options
b9b0b1e 
Makes sense to showcase them directly rather than just via text example after the fact
damon314159
damon314159 reviewed Nov 16, 2024
View reviewed changes
damon314159
damon314159 reviewed Nov 16, 2024
View reviewed changes
damon314159
damon314159 reviewed Nov 16, 2024
View reviewed changes
@01zulfi 01zulfi added the Project Node Revamp Issues/PRs related to the Node Revamp project label Dec 11, 2024
01zulfi
01zulfi requested changes Mar 16, 2025
View reviewed changes
Copy link
Member

@01zulfi 01zulfi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great stuff, left a few comments below

MaoShizhong and others added 3 commits March 16, 2025 19:18
@MaoShizhong @01zulfi
Amend verbiage as per review comments
93dea16 
Co-authored-by: 01zulfi <[email protected]>
@MaoShizhong
Make connect-pg-simple create session table if missing
96f4078 
Link to connect-pg-simple's SQL queries for this may be useful for learners to look at.
@MaoShizhong
Expand on serialising to and saving session data
f93b315 
Explicit `.save()` call required as per docs to force saving the
session before a redirect potentially triggers a page load:
https://expressjs.com/en/resources/middleware/session.html#:~:text=Session.save(callback)
@MaoShizhong MaoShizhong requested a review from 01zulfi March 18, 2025 15:53
@MaoShizhong
Remove note box heading prefixes
ddb093f 
Prefixes only necessary if
TheOdinProject#28372 gets merged.
Until then, they are not necessary.
@MaoShizhong
Streamline verbiage
ebbf606
@MaoShizhong MaoShizhong force-pushed the node-revamp-sessions branch from aba84a1 to ebbf606 Compare March 24, 2025 16:44
@MaoShizhong
Rename lesson file
624a15d 
IMHO, pairs a little better with a 'JSON Web Tokens' lesson since it doesn't follow the '*-based authentication' pattern
01zulfi
01zulfi requested changes Apr 17, 2025
View reviewed changes
nodeJS/authentication/sessions.md Outdated
} else {
const { rows } = await pool.query(
"SELECT * FROM users WHERE id = $1",
[req.session.userId],
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this might feel a bit magical to the learner. Hopefully some changes above might help

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let me know how the changes feel in regards to this bit.

@MaoShizhong MaoShizhong changed the title New lesson: Session-based authentication New lesson: Sessions Apr 17, 2025
@MaoShizhong
Use full word 'production'
165df10 
Quotes changed to double for lesson consistency
@MaoShizhong MaoShizhong force-pushed the node-revamp-sessions branch from 635e27a to 165df10 Compare April 17, 2025 22:40
@MaoShizhong MaoShizhong requested a review from 01zulfi April 21, 2025 10:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@columk1 columk1 columk1 left review comments

@damon314159 damon314159 damon314159 left review comments

@01zulfi 01zulfi Awaiting requested review from 01zulfi

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
Content: NodeJS Involves the NodeJS course Project Node Revamp Issues/PRs related to the Node Revamp project
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

New Lesson: Sessions
4 participants
@MaoShizhong @01zulfi @columk1 @damon314159