Server clients

Asked 2 years ago, Updated 2 years ago, 48 views

Conceptually, the client asked and the server answered.

For example, in the case of membership registration, if the client hands over the ID/password to the server, the server will be configured in the form of answering the client in the form of true/false, but is this the right method and the sending format should be post or get?

Then can't we just implement the server as a function in JavaScript instead of using nodejs?

Also, in the case of servers, I think they are almost similar to functions, is this concept?

server node.js

2022-09-21 17:27

1 Answers

Q1. Is this the right way?

A1. It's> Yes. Because now this is about a scenario called authorization.

Q2. Is it okay to send it in a post or get way?

A2. If you include the password in the GET request variable and send it, the password will be exposed to the URI itself, so it is better to send the request to the server in the POST method.

Q3. Then can't we just implement the server as a function in JavaScript instead of using nodejs?

A3. No. Because now this is about a scenario called authorization.

Q4. In the case of servers, I think they are almost similar to functions, but is it correct?

A4. The server code also uses functions, and the client code also uses functions. The essence is the same because it's the same JS. However, there is a difference in whether the function can properly authenticate users.

You're wondering what the authentication scenario is, right? Let's think of a very extreme case. Let's say there's a web page like this.

<h1>Log in to access operations and the computer network.</h1>
<p>Identical ID/password, <span class="red">Enemy</span> prey!</p>
<form class="form-horizontal pt-3" id="loginForm">
  <div class="form-group row">
    <label class="col-md-3col-form-label" for="username">ID</label>
    <div class="col-md-9">
      <input type="text" name="username" class="form-control" />
    </div>
  </div>
  <div class="form-group row">
    <label class="col-md-3col-form-label" for="password">password</label>
    <div class="col-md-9">
      <input type="password" name="password" class="form-control" />
    </div>
  </div>
  <div class="form-group row">
    <div class="offset-md-3 col-md-9">
      <Button type="submit" class="btn btn-primary">Login</Button>
    </div>
  </div>
</form>
<script>
var login = function (form) {
  var username = form.username.value;
  var password = form.password.value;
  If (username == 'Operation' &&Password == 'Operation 12!') {
    alert ('Operation and Login Successful');
    window.location.href = 'http://6.9.20.145/Army 20th Division 145th Regiment/Operation/Index.jsp';
  } } else {
    alert ('Operation and Login Failed');
    return false;
  }
  return false;
};
var loginForm = document.getElementById('loginForm');
loginForm.addEventListener('submit', function (e) {
    e.preventDefault();
  login(e.target);
});
</script>

On the surface, this web page seems to be tight security.

But as soon as you open the source by pressing F12, you can immediately see that the operation and ID are operation and and the password is operation 12!. Certification becomes meaningless.

But if you request the input values of username and password to a particular server and change it to see if you can operate and log in with only that server's response, wouldn't that be ridiculous?

So in the user authentication scenario, the authentication logic is inevitably assigned to the server end.

Well, in other scenarios, you don't have to go all the way to the server. For example, a global calculator. It's all about just entering the date of enlistment and calculating it according to the formula, so the server doesn't have to receive data and perform independent logic separate from the client. All you have to do is create a function well and input and output it. That's why many military administrative teams across the country don't even have an Internet connection, let alone a server, but they still work well.

I don't know if it was answered.


2022-09-21 17:27

If you have any answers or tips


© 2024 OneMinuteCode. All rights reserved.