Some of Our Sources
- Slashdot
- Engadget
- TutsPlus - Code
- The Logo Smith
- Fuel Your Creativity
- CSS Globe
- Design Modo
- Web Resource Source
- Android Dissected
- Hashedout
Help Webnuz
Referal links:
FullStack JWT Auth: Diving into SvelteKit - Profile Update
Introduction
From the last article, we concluded user registeration and authentication flow. It was surreal to me and I hope you find it intriguing too. In this article (possibly the last in this series), we'll look at how authenticated users can update their details.
Source code
The overall source code for this project can be accessed here:
Sirneij / django_svelte_jwt_auth
A robust and secure Authentication and Authorization System built with Django and SvelteKit
django_svelte_jwt_auth
This is the codebase that follows the series of tutorials on building a FullStack JWT Authentication and Authorization System with Django and SvelteKit.
This project was deployed on heroku (backend) and vercel (frontend) and its live version can be accessed here.
To run this application locally, you need to run both the backend and frontend projects. While the latter has some instructions already for spinning it up, the former can be spinned up following the instructions below.
Run locally
To run locally
Clone this repo:
git clone https://github.com/Sirneij/django_svelte_jwt_auth.gitChange directory into the
backendfolder:cd backendCreate a virtual environment:
pipenv shellYou might opt for other dependencies management tools such as
virtualenv,poetry, orvenv. It's up to you.Install the dependencies:
pipenv installMake migrations and migrate the database:
python manage.py makemigrations python manage.py migrateFinally, run the application:
python manage.py runserver
Live version
This project was deployed on heroku (backend) and vercel (frontend) and its live version can be accessed here.
Notabene
The project's file structure has considerably been modified from where we left off. Also, most of the scripts have be re-written in TypeScript. The concept of SvelteKit environment variables, TypeScript's interfaces, powerful loader, and a host of others were also implemented. We now have the following file structure for the frontend project:
package.json package-lock.json README.md src app.d.ts app.html components Header Header.svelte john.svg svelte-logo.svg Loader Loader.svelte dist css style.min.css style.min.css.map global.d.ts lib formats formatString.ts helpers buttonText.ts whitespacesHelper.ts interfaces error.interface.ts user.interface.ts variables.interface.ts store loadingStore.ts notificationStore.ts userStore.ts utils constants.ts requestUtils.ts routes accounts login index.svelte register index.svelte user [username]-[id].svelte index.svelte __layout.svelte sass _about.scss _form.scss _globals.scss _header.scss _home.scss style.scss _variables.scss static favicon.png robots.txt svelte-welcome.png svelte-welcome.webp svelte.config.js tsconfig.jsonAccept my apologies for the incoveniences.
Now, let's get right into adding this functionality.
Update user data
It's a very common thing in web applications to allow users alter their initial data. Let's provide this feature our application's users too.
Create a .svelte file in routes/accounts/user/ directory. You are at liberty to give it any name you want. However, I'd like to make it dynamic. To make a dynamic page routing in SvelteKit, you use [](square brackets) with the dynamic field inside and then .svelte. For our purpose, we want the URL to have user's username and ID. Therefore, the name of our dynamic file will be [username]-[id].svelte. Awesome huh! SvelteKit is truly awesome.
Next, let's purpulate this newly created file with the following content:
<script context="module" lang="ts"> import { variables } from '$lib/utils/constants'; import { getCurrentUser } from '$lib/utils/requestUtils'; import type { Load } from '@sveltejs/kit'; import type { User } from '$lib/interfaces/user.interface'; export const load: Load = async ({ fetch }) => { const [userRes, errs] = await getCurrentUser( fetch, `${variables.BASE_API_URI}/token/refresh/`, `${variables.BASE_API_URI}/user/` ); const userResponse: User = userRes; if (errs.length > 0 && !userResponse.id) { return { status: 302, redirect: '/accounts/login' }; } return { props: { userResponse } }; };</script><script lang="ts"> import { notificationData } from '$lib/store/notificationStore'; import { scale } from 'svelte/transition'; import { UpdateField } from '$lib/utils/requestUtils'; import { onMount } from 'svelte'; import { nodeBefore } from '$lib/helpers/whitespacesHelper'; export let userResponse: User; const url = `${variables.BASE_API_URI}/user/`; onMount(() => { const notifyEl = document.getElementById('notification') as HTMLElement; if (notifyEl && $notificationData !== '') { setTimeout(() => { notifyEl.classList.add('disappear'); notificationData.update(() => ''); }, 3000); } }); let triggerUpdate = async (e: Event) => { const sibling = nodeBefore(<HTMLElement>e.target); await UpdateField(sibling.name, sibling.value, url); };</script><div class="container" transition:scale|local={{ start: 0.7, delay: 500 }}> {#if userResponse.id} <h1> {userResponse.full_name ? userResponse.full_name : userResponse.username} profile </h1> {/if} <div class="user" transition:scale|local={{ start: 0.2 }}> <div class="text"> <input aria-label="User's full name" type="text" placeholder="User's full name" name="full_name" value={userResponse.full_name} /> <button class="save" aria-label="Save user's full name" on:click={(e) => triggerUpdate(e)} /> </div> </div> <div class="user" transition:scale|local={{ start: 0.3 }}> <div class="text"> <input aria-label="User's username" type="text" placeholder="User's username" name="username" value={userResponse.username} /> <button class="save" aria-label="Save user's username" on:click={(e) => triggerUpdate(e)} /> </div> </div> <div class="user" transition:scale|local={{ start: 0.4 }}> <div class="text"> <input aria-label="User's email" placeholder="User's email" type="email" name="email" value={userResponse.email} /> <button class="save" aria-label="Save user's email" on:click={(e) => triggerUpdate(e)} /> </div> </div> <div class="user" transition:scale|local={{ start: 0.5 }}> <div class="text"> <input aria-label="User's bio" placeholder="User's bio" type="text" name="bio" value={userResponse.bio} /> <button class="save" aria-label="Save user's bio" on:click={(e) => triggerUpdate(e)} /> </div> </div> <div class="user" transition:scale|local={{ start: 0.6 }}> <div class="text"> <input aria-label="User's date of birth" type="date" name="birth_date" placeholder="User's date of birth" value={userResponse.birth_date} /> <button class="save" aria-label="Save user's date of birth" on:click={(e) => triggerUpdate(e)} /> </div> </div></div>Whoa!!! That's a lot, man! Errm... It's but let's go through it.
Modulescript section: We started the file by creating a scriptmodule. Inside it is the magicalloadfunction which does only one thing: get the current user. Were you successful at that? Yes? Put the response inuserResponsevariable and make it available to the rest of the program usingprops. No? Redirect the user to theloginpage. Pretty simple huh? I think it's.Second script section: This section's snippets are pretty basic. The major things to note are the retrieval of the props made available by our
module, and the definition oftriggerUpdateasynchronous function. To retrieve and then expose props values, we only didexport let userResponse: User;and that's it. What about thetriggerUpdatefunction? Well, it is a very short function with this definition:
let triggerUpdate = async (e: Event) => { const sibling = nodeBefore(<HTMLElement>e.target); await UpdateField(sibling.name, sibling.value, url); };It accepts an Event object, and using it, determines the value and name of the previous sibling (an input) using a custom function, named nodeBefore. Why not use (<HTMLElement>e.target).previousSibling instead? This MDN article, How whitespace is handled by HTML, CSS, and in the DOM, explained it. As a matter of fact, the snippets in $lib/helpers/whitespacesHelper.ts were ported from the JavaScript snippets made available on the article. Then, we called on UpdateField function, having this content:
// lib -> utils -> requestUtils.ts ... export const UpdateField = async ( fieldName: string, fieldValue: string, url: string ): Promise<[object, Array<CustomError>]> => { const userObject: UserResponse = { user: {} }; let formData: UserResponse | any; if (url.includes('/user/')) { formData = userObject; formData['user'][`${fieldName}`] = fieldValue; } else { formData[`${fieldName}`] = fieldValue; } const [response, err] = await handlePostRequestsWithPermissions(fetch, url, formData, 'PATCH'); if (err.length > 0) { console.log(err); return [{}, err]; } console.log(response); notificationData.set(`${formatText(fieldName)} has been updated successfully.`); return [response, []]; };This function just prepares the data to be sent to the server and then calls on the function that really sends it: handlePostRequestsWithPermissions. handlePostRequestsWithPermissions is a multipurpose or maybe generic function that can be used to make any post requests that require some permissions. Though written to work for this project, it can be modified to suit other projects' needs. It's content is:
// lib -> utils -> requestUtils.ts ... export const handlePostRequestsWithPermissions = async ( fetch, targetUrl: string, body: unknown, method = 'POST' ): Promise<[object, Array<CustomError>]> => { const res = await fetch(`${variables.BASE_API_URI}/token/refresh/`, { method: 'POST', mode: 'cors', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify({ refresh: `${browserGet('refreshToken')}` }) }); const accessRefresh = await res.json(); const jres = await fetch(targetUrl, { method: method, mode: 'cors', headers: { Authorization: `Bearer ${accessRefresh.access}`, 'Content-Type': 'application/json' }, body: JSON.stringify(body) }); if (method === 'PATCH') { if (jres.status !== 200) { const data = await jres.json(); console.error(`Data: ${data}`); const errs = data.errors; console.error(errs); return [{}, errs]; } return [jres.json(), []]; } else if (method === 'POST') { if (jres.status !== 201) { const data = await jres.json(); console.error(`Data: ${data}`); const errs = data.errors; console.error(errs); return [{}, errs]; } return [jres.json(), []]; } }; ...It currently handles POST and PATCH requests but as said earlier, it can be extended to accommodate PUT, DELETE, and other "unsafe" HTTP verbs.
The triggerUpdate method was bound to the click event of the button element attached to each input element on the form. When you focus on the input element, a disk-like image pops up at right-most part the the input and clicking it triggers triggerUpdate which in-turn calls on updateField, and then handlePostRequestsWithPermissions.
[Heaves a sigh of relief], that's basically it! If I get less busy, I might still work on this project to make it more than just an authentication system. Contributions are also welcome. Kindly drop comments if there's anything you wanna let me know. See y'all...
Outro
Enjoyed this article, consider contacting me for a job, something worthwhile or buying a coffee . You can also connect with/follow me on LinkedIn.
Original Link: https://dev.to/sirneij/fullstack-jwt-auth-diving-into-sveltekit-profile-update-3f6f
Dev To
An online community for sharing and discovering great ideas, having debates, and making friendsMore About this Source Visit Dev To