w12 Flashcards
Advantages of using Cloud Services:
Easy to integrate
Heavily tested Pay as you go No need to reinvent the wheel Developing a reliable and accurate text-to-speech service (for instance) might take months.
text-tos-speech
Google Cloud Text-to-Speech enables developers to synthesize natural-sounding speech with 30 voices, available in multiple languages and variants. It applies DeepMind™s groundbreaking research in WaveNet and Google™s powerful neural networks to deliver high-fidelity audio. With this easy-to-use API, you can create lifelike interactions across many applications and devices with your users.
How secure are MEAN stack apps?
MongoDB database is vulnerable to an attack called Query Selector Injection that uses Query selector logic operators to change queries password[$ne]=null
The simplest way to mitigate query selector injection is to cast the values to a String before running the query.
Authentication
Several authentication libraries can be used to provide user management and authentication, such as PassportJS and Everyauth.
What is Passport.js?
Passport is authentication middleware for Node.js. As it is extremely flexible and modular, Passport can be unobtrusively dropped in to any Express-based web application.
300+ authentication strategies
Single sign-on with OpenID and OAuth
Easily handle success and failure
Supports persistent sessions
Dynamic scope and permissions
Pick and choose the required strategies
Implement custom strategies
Does not mount routes in the application
Lightweight code base
Now, we will examine four strategies provided by PassportJS, which are: local, Open ID, Facebook, and Google.
Username & Password (Local)
The most widely used way for websites to authenticate users is via a username and password. Support for this mechanism is provided by the passport-local module.
OpenID
OpenID
OpenID is an open standard for federated authentication. When visiting a website, users present their OpenID to sign in. The user then authenticates with their chosen OpenID provider, which issues an assertion to confirm the user’s identity. The website verifies this assertion in order to sign the user in.
The Facebook strategy allows users to log in to a web application using their Facebook account. Internally, Facebook authentication works using OAuth 2.0.
n order to use Facebook authentication, you must first create an app at Facebook Developers
The Google strategy allows users to sign in to a web application using their Google account. Google used to support OpenID internally, but it now works based on OpenID Connect and supports oAuth 1.0 and oAuth 2.0.
Cloud Storage
Moving their data to the cloud is one option to make it easier for developers to build scalable and pervasive applications. Regardless of the weak point of being less secure, cloud storage has better flexibility and reliability. Many cloud vendors offer cloud storage, such as:
Google Firebase
Google Firebase
Cloud Storage for Firebase stores your data in Google Cloud Storage, an exabyte-scale object storage solution with high availability and global redundancy.
AWS Amazon Rekognition
Amazon Rekognition makes adding image and video analysis to your applications easy. You just provide an image or video to the Rekognition API, and the service can identify the objects, people, text, scenes, and activities and detect any inappropriate content. Amazon Rekognition also provides highly accurate facial analysis and facial recognition on images and videos that you provide. You can detect, analyze, and compare faces for various user verification, people counting, and public safety use cases.
Key Features
Object, scene, and activity detection
recognition, analysis, text nin images
