·
35 commits
to main
since this release
05d8055
This commit was signed with the committer’s verified signature.
The key has expired.
gregoriodelasheras
Francisco Gregorio de las Heras
- Implement CORS
- Add password hashing to the user schema (Mongoose ODM) and integrate it into the login and registration HTTP handlers to ensure that passwords aren't stored in the database without first being hashed.
- Add data validation to any endpoint that's expecting data in the request body (only validate data that’s been formatted as expected). If entered data doesn't meet the requirements, an error message should be sent as an HTTP response back to the client.
- Deploy the application to Heroku.
- Upload the database to MongoDB Atlas.
- The Heroku application connects to the database in MongoDB Atlas via an URI protected in an environment variable.
- Application tested in Postman to check data security at endpoints (authentication, authorization and data validation).