Hello everyone this is the code

{"componentChunkName":"component---src-templates-content-template-
js","path":"/en/part5/login_in_frontend","result":{"data":{"markdownRemark":
{"html":"<div class=\"content\">\n<p>In the last two parts, we have mainly
concentrated on the backend, and the frontend does not yet support the user
management we implemented to the backend in part 4.</p>\n<p>At the moment the
frontend shows existing notes, and lets users change the state of a note from
important to not important and vice versa. New notes cannot be added anymore
because of the changes made to the backend in part 4: the backend now expects that
a token verifying a user's identity is sent with the new note. </p>\n<p>We'll now
implement a part of the required user management functionality in the frontend.
Let's begin with user login. Throughout this part we will assume that new users
will not be added from the frontend. </p>\n<h3>Handling login</h3>\n<p>A login form
has now been added to the top of the page. The form for adding new notes has also
been moved to the bottom of the list of notes. </p>\n<picture><img
src=\"/static/f735fe7db5ad5bbc1413d3ff617c6daa/5a190/1e.png\"
srcset=\"/static/f735fe7db5ad5bbc1413d3ff617c6daa/772e8/1e.png
200w,\n/static/f735fe7db5ad5bbc1413d3ff617c6daa/e17e5/1e.png
400w,\n/static/f735fe7db5ad5bbc1413d3ff617c6daa/5a190/1e.png
800w,\n/static/f735fe7db5ad5bbc1413d3ff617c6daa/c1b63/1e.png
1200w,\n/static/f735fe7db5ad5bbc1413d3ff617c6daa/c4451/1e.png 1450w\" sizes=\"(max-
width: 800px) 100vw, 800px\"></picture>\n<p>The code of the <i>App</i> component
now looks as follows: </p>\n<div class=\"gatsby-highlight\" data-
language=\"js\"><pre class=\"language-js\"><code class=\"language-js\"><span
class=\"token keyword\">const</span> <span class=\"token function-variable
function\">App</span> <span class=\"token operator\">=</span> <span class=\"token
punctuation\">(</span><span class=\"token punctuation\">)</span> <span
class=\"token operator\">=></span> <span class=\"token punctuation\">{</span>\n
<span class=\"token keyword\">const</span> <span class=\"token
punctuation\">[</span>notes<span class=\"token punctuation\">,</span> setNotes<span
class=\"token punctuation\">]</span> <span class=\"token operator\">=</span> <span
class=\"token function\">useState</span><span class=\"token
punctuation\">(</span><span class=\"token punctuation\">[</span><span class=\"token
punctuation\">]</span><span class=\"token punctuation\">)</span> \n <span
class=\"token keyword\">const</span> <span class=\"token
punctuation\">[</span>newNote<span class=\"token punctuation\">,</span>
setNewNote<span class=\"token punctuation\">]</span> <span class=\"token
operator\">=</span> <span class=\"token function\">useState</span><span
class=\"token punctuation\">(</span><span class=\"token string\">''</span><span
class=\"token punctuation\">)</span>\n <span class=\"token keyword\">const</span>
<span class=\"token punctuation\">[</span>showAll<span class=\"token
punctuation\">,</span> setShowAll<span class=\"token punctuation\">]</span> <span
class=\"token operator\">=</span> <span class=\"token
function\">useState</span><span class=\"token punctuation\">(</span><span
class=\"token boolean\">true</span><span class=\"token punctuation\">)</span>\n
<span class=\"token keyword\">const</span> <span class=\"token
punctuation\">[</span>errorMessage<span class=\"token punctuation\">,</span>
setErrorMessage<span class=\"token punctuation\">]</span> <span class=\"token
operator\">=</span> <span class=\"token function\">useState</span><span
class=\"token punctuation\">(</span><span class=\"token keyword\">null</span><span
class=\"token punctuation\">)</span>\n<span class=\"gatsby-highlight-code-line\">
<span class=\"token keyword\">const</span> <span class=\"token
punctuation\">[</span>username<span class=\"token punctuation\">,</span>
setUsername<span class=\"token punctuation\">]</span> <span class=\"token
operator\">=</span> <span class=\"token function\">useState</span><span
class=\"token punctuation\">(</span><span class=\"token string\">''</span><span
class=\"token punctuation\">)</span> </span><span class=\"gatsby-highlight-code-
line\"> <span class=\"token keyword\">const</span> <span class=\"token
punctuation\">[</span>password<span class=\"token punctuation\">,</span>
setPassword<span class=\"token punctuation\">]</span> <span class=\"token
operator\">=</span> <span class=\"token function\">useState</span><span
class=\"token punctuation\">(</span><span class=\"token string\">''</span><span
class=\"token punctuation\">)</span> </span>\n <span class=\"token
function\">useEffect</span><span class=\"token punctuation\">(</span><span
class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>
<span class=\"token operator\">=></span> <span class=\"token
punctuation\">{</span>\n noteService\n <span class=\"token
punctuation\">.</span><span class=\"token function\">getAll</span><span
class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span><span
class=\"token punctuation\">.</span><span class=\"token function\">then</span><span
class=\"token punctuation\">(</span><span class=\"token
parameter\">initialNotes</span> <span class=\"token operator\">=></span> <span
class=\"token punctuation\">{</span>\n <span class=\"token
function\">setNotes</span><span class=\"token
punctuation\">(</span>initialNotes<span class=\"token punctuation\">)</span>\n
<span class=\"token punctuation\">}</span><span class=\"token
punctuation\">)</span>\n <span class=\"token punctuation\">}</span><span
class=\"token punctuation\">,</span> <span class=\"token
punctuation\">[</span><span class=\"token punctuation\">]</span><span class=\"token
punctuation\">)</span>\n\n <span class=\"token comment\">// ...</span>\n\n<span
class=\"gatsby-highlight-code-line\"> <span class=\"token keyword\">const</span>
<span class=\"token function-variable function\">handleLogin</span> <span
class=\"token operator\">=</span> <span class=\"token punctuation\">(</span><span
class=\"token parameter\">event</span><span class=\"token punctuation\">)</span>
<span class=\"token operator\">=></span> <span class=\"token
punctuation\">{</span></span><span class=\"gatsby-highlight-code-line\">
event<span class=\"token punctuation\">.</span><span class=\"token
function\">preventDefault</span><span class=\"token punctuation\">(</span><span
class=\"token punctuation\">)</span></span><span class=\"gatsby-highlight-code-
line\"> console<span class=\"token punctuation\">.</span><span class=\"token
function\">log</span><span class=\"token punctuation\">(</span><span class=\"token
string\">'logging in with'</span><span class=\"token punctuation\">,</span>
username<span class=\"token punctuation\">,</span> password<span class=\"token
punctuation\">)</span></span><span class=\"gatsby-highlight-code-line\"> <span
class=\"token punctuation\">}</span></span>\n <span class=\"token
keyword\">return</span> <span class=\"token punctuation\">(</span>\n <span
class=\"token operator\">&lt;</span>div<span class=\"token operator\">></span>\n
<span class=\"token operator\">&lt;</span>h1<span class=\"token
operator\">></span>Notes<span class=\"token operator\">&lt;</span><span
class=\"token operator\">/</span>h1<span class=\"token operator\">></span>\n\n
<span class=\"token operator\">&lt;</span>Notification message<span class=\"token
operator\">=</span><span class=\"token punctuation\">{</span>errorMessage<span
class=\"token punctuation\">}</span> <span class=\"token operator\">/</span><span
class=\"token operator\">></span>\n\n<span class=\"gatsby-highlight-code-line\">
<span class=\"token operator\">&lt;</span>form onSubmit<span class=\"token
operator\">=</span><span class=\"token punctuation\">{</span>handleLogin<span
class=\"token punctuation\">}</span><span class=\"token
operator\">></span></span><span class=\"gatsby-highlight-code-line\"> <span
class=\"token operator\">&lt;</span>div<span class=\"token
operator\">></span></span><span class=\"gatsby-highlight-code-line\">
username</span><span class=\"gatsby-highlight-code-line\"> <span
class=\"token operator\">&lt;</span>input</span><span class=\"gatsby-highlight-
code-line\"> type<span class=\"token operator\">=</span><span
class=\"token string\">\"text\"</span></span><span class=\"gatsby-highlight-code-
line\"> value<span class=\"token operator\">=</span><span class=\"token
punctuation\">{</span>username<span class=\"token
punctuation\">}</span></span><span class=\"gatsby-highlight-code-line\">
name<span class=\"token operator\">=</span><span class=\"token
string\">\"Username\"</span></span><span class=\"gatsby-highlight-code-line\">
onChange<span class=\"token operator\">=</span><span class=\"token
punctuation\">{</span><span class=\"token punctuation\">(</span><span class=\"token
parameter\"><span class=\"token punctuation\">{</span> target <span class=\"token
punctuation\">}</span></span><span class=\"token punctuation\">)</span> <span
class=\"token operator\">=></span> <span class=\"token
function\">setUsername</span><span class=\"token punctuation\">(</span>target<span
class=\"token punctuation\">.</span>value<span class=\"token
punctuation\">)</span><span class=\"token punctuation\">}</span></span><span
class=\"gatsby-highlight-code-line\"> <span class=\"token
operator\">/</span><span class=\"token operator\">></span></span><span
class=\"gatsby-highlight-code-line\"> <span class=\"token
operator\">&lt;</span><span class=\"token operator\">/</span>div<span class=\"token
operator\">></span></span><span class=\"gatsby-highlight-code-line\"> <span
class=\"token operator\">&lt;</span>div<span class=\"token
operator\">></span></span><span class=\"gatsby-highlight-code-line\">
password</span><span class=\"gatsby-highlight-code-line\">
<span class=\"token operator\">&lt;</span>input</span><span
class=\"gatsby-highlight-code-line\"> type<span class=\"token
operator\">=</span><span class=\"token string\">\"password\"</span></span><span
class=\"gatsby-highlight-code-line\"> value<span class=\"token
operator\">=</span><span class=\"token punctuation\">{</span>password<span
class=\"token punctuation\">}</span></span><span class=\"gatsby-highlight-code-
line\"> name<span class=\"token operator\">=</span><span class=\"token
string\">\"Password\"</span></span><span class=\"gatsby-highlight-code-line\">
onChange<span class=\"token operator\">=</span><span class=\"token
punctuation\">{</span><span class=\"token punctuation\">(</span><span class=\"token
parameter\"><span class=\"token punctuation\">{</span> target <span class=\"token
punctuation\">}</span></span><span class=\"token punctuation\">)</span> <span
class=\"token operator\">=></span> <span class=\"token
function\">setPassword</span><span class=\"token punctuation\">(</span>target<span
class=\"token punctuation\">.</span>value<span class=\"token
punctuation\">)</span><span class=\"token punctuation\">}</span></span><span
class=\"gatsby-highlight-code-line\"> <span class=\"token
operator\">/</span><span class=\"token operator\">></span></span><span
class=\"gatsby-highlight-code-line\"> <span class=\"token
operator\">&lt;</span><span class=\"token operator\">/</span>div<span class=\"token
operator\">></span></span><span class=\"gatsby-highlight-code-line\"> <span
class=\"token operator\">&lt;</span>button type<span class=\"token
operator\">=</span><span class=\"token string\">\"submit\"</span><span
class=\"token operator\">></span>login<span class=\"token
operator\">&lt;</span><span class=\"token operator\">/</span>button<span
class=\"token operator\">></span></span><span class=\"gatsby-highlight-code-line\">
<span class=\"token operator\">&lt;</span><span class=\"token
operator\">/</span>form<span class=\"token operator\">></span></span>\n <span
class=\"token comment\">// ...</span>\n <span class=\"token
operator\">&lt;</span><span class=\"token operator\">/</span>div<span class=\"token
operator\">></span>\n <span class=\"token punctuation\">)</span>\n<span
class=\"token punctuation\">}</span>\n\n<span class=\"token keyword\">export</span>
<span class=\"token keyword\">default</span> App</code></pre></div>\n<p>Current
application code can be found on <a href=\"https://github.com/fullstack-hy/part2-
notes/tree/part5-1\">Github</a>, branch <i>part5-1</i>. If you clone the repo,
don't forget to run <code class=\"language-text\">npm install</code> before
attempting to run the frontend.</p>\n<p>The frontend will not display any notes if
it's not connected to the backend. You can start the backend with <code
class=\"language-text\">npm run dev</code> in its folder from Part 4. This will run
the backend on port 3001. While that is active, in a separate terminal window you
can start the frontend with <code class=\"language-text\">npm start</code>, and now
you can see the notes that are saved in your MongoDB database from Part
4.</p>\n<p>Keep this in mind from now on.</p>\n<p>The login form is handled the
same way we handled forms in\n<a href=\"/en/part2/forms\">part 2</a>. The app state
has fields for <i>username</i> and <i>password</i> to store the data from the
form. The form fields have event handlers, which synchronize changes in the field
to the state of the <i>App</i> component. The event handlers are simple: An object
is given to them as a parameter, and they destructure the field <i>target</i> from
the object and save its value to the state.</p>\n<div class=\"gatsby-highlight\"
data-language=\"js\"><pre class=\"language-js\"><code class=\"language-js\"><span
class=\"token punctuation\">(</span><span class=\"token parameter\"><span
class=\"token punctuation\">{</span> target <span class=\"token
punctuation\">}</span></span><span class=\"token punctuation\">)</span> <span
class=\"token operator\">=></span> <span class=\"token
function\">setUsername</span><span class=\"token punctuation\">(</span>target<span
class=\"token punctuation\">.</span>value<span class=\"token
punctuation\">)</span></code></pre></div>\n<p>The method <em>handleLogin</em>,
which is responsible for handling the data in the form, is yet to be implemented.
</p>\n<p>Logging in is done by sending an HTTP POST request to server address
<i>api/login</i>. Let's separate the code responsible for this request to its own
module, to file <i>services/login.js</i>.</p>\n<p>We'll use <i>async/await</i>
syntax instead of promises for the HTTP request: </p>\n<div class=\"gatsby-
highlight\" data-language=\"js\"><pre class=\"language-js\"><code class=\"language-
js\"><span class=\"token keyword\">import</span> axios <span class=\"token
keyword\">from</span> <span class=\"token string\">'axios'</span>\n<span
class=\"token keyword\">const</span> baseUrl <span class=\"token
operator\">=</span> <span class=\"token string\">'/api/login'</span>\n\n<span
class=\"token keyword\">const</span> <span class=\"token function-variable
function\">login</span> <span class=\"token operator\">=</span> <span class=\"token
keyword\">async</span> <span class=\"token parameter\">credentials</span> <span
class=\"token operator\">=></span> <span class=\"token punctuation\">{</span>\n
<span class=\"token keyword\">const</span> response <span class=\"token
operator\">=</span> <span class=\"token keyword\">await</span> axios<span
class=\"token punctuation\">.</span><span class=\"token function\">post</span><span
class=\"token punctuation\">(</span>baseUrl<span class=\"token
punctuation\">,</span> credentials<span class=\"token punctuation\">)</span>\n
<span class=\"token keyword\">return</span> response<span class=\"token
punctuation\">.</span>data\n<span class=\"token punctuation\">}</span>\n\n<span
class=\"token keyword\">export</span> <span class=\"token keyword\">default</span>
<span class=\"token punctuation\">{</span> login <span class=\"token
punctuation\">}</span></code></pre></div>\n<p>The method for handling the login can
be implemented as follows: </p>\n<div class=\"gatsby-highlight\" data-
language=\"js\"><pre class=\"language-js\"><code class=\"language-js\"><span
class=\"token keyword\">import</span> loginService <span class=\"token
keyword\">from</span> <span class=\"token string\">'./services/login'</span>
\n\n<span class=\"token keyword\">const</span> <span class=\"token function-
variable function\">App</span> <span class=\"token operator\">=</span> <span
class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>
<span class=\"token operator\">=></span> <span class=\"token
punctuation\">{</span>\n <span class=\"token comment\">// ...</span>\n <span
class=\"token keyword\">const</span> <span class=\"token
punctuation\">[</span>username<span class=\"token punctuation\">,</span>
setUsername<span class=\"token punctuation\">]</span> <span class=\"token
operator\">=</span> <span class=\"token function\">useState</span><span
class=\"token punctuation\">(</span><span class=\"token string\">''</span><span
class=\"token punctuation\">)</span> \n <span class=\"token keyword\">const</span>
<span class=\"token punctuation\">[</span>password<span class=\"token
punctuation\">,</span> setPassword<span class=\"token punctuation\">]</span> <span
class=\"token operator\">=</span> <span class=\"token
function\">useState</span><span class=\"token punctuation\">(</span><span
class=\"token string\">''</span><span class=\"token punctuation\">)</span> \n<span
class=\"gatsby-highlight-code-line\"> <span class=\"token keyword\">const</span>
<span class=\"token punctuation\">[</span>user<span class=\"token
punctuation\">,</span> setUser<span class=\"token punctuation\">]</span> <span
class=\"token operator\">=</span> <span class=\"token
function\">useState</span><span class=\"token punctuation\">(</span><span
class=\"token keyword\">null</span><span class=\"token
punctuation\">)</span></span>\n <span class=\"token keyword\">const</span> <span
class=\"token function-variable function\">handleLogin</span> <span class=\"token
operator\">=</span> <span class=\"token keyword\">async</span> <span class=\"token
punctuation\">(</span><span class=\"token parameter\">event</span><span
class=\"token punctuation\">)</span> <span class=\"token operator\">=></span> <span
class=\"token punctuation\">{</span>\n event<span class=\"token
punctuation\">.</span><span class=\"token function\">preventDefault</span><span
class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>\n
\n<span class=\"gatsby-highlight-code-line\"> <span class=\"token
keyword\">try</span> <span class=\"token punctuation\">{</span></span><span
class=\"gatsby-highlight-code-line\"> <span class=\"token
keyword\">const</span> user <span class=\"token operator\">=</span> <span
class=\"token keyword\">await</span> loginService<span class=\"token
punctuation\">.</span><span class=\"token function\">login</span><span
class=\"token punctuation\">(</span><span class=\"token
punctuation\">{</span></span><span class=\"gatsby-highlight-code-line\">
username<span class=\"token punctuation\">,</span> password<span class=\"token
punctuation\">,</span></span><span class=\"gatsby-highlight-code-line\"> <span
class=\"token punctuation\">}</span><span class=\"token
punctuation\">)</span></span><span class=\"gatsby-highlight-code-
line\"></span><span class=\"gatsby-highlight-code-line\"> <span class=\"token
function\">setUser</span><span class=\"token punctuation\">(</span>user<span
class=\"token punctuation\">)</span></span><span class=\"gatsby-highlight-code-
line\"> <span class=\"token function\">setUsername</span><span class=\"token
punctuation\">(</span><span class=\"token
string\">''</span><span class=\"token punctuation\">)</span></span><span
class=\"gatsby-highlight-code-line\"> <span class=\"token
function\">setPassword</span><span class=\"token punctuation\">(</span><span
class=\"token string\">''</span><span class=\"token
punctuation\">)</span></span><span class=\"gatsby-highlight-code-line\"> <span
class=\"token punctuation\">}</span> <span class=\"token keyword\">catch</span>
<span class=\"token punctuation\">(</span>exception<span class=\"token
punctuation\">)</span> <span class=\"token punctuation\">{</span></span><span
class=\"gatsby-highlight-code-line\"> <span class=\"token
function\">setErrorMessage</span><span class=\"token punctuation\">(</span><span
class=\"token string\">'Wrong credentials'</span><span class=\"token
punctuation\">)</span></span><span class=\"gatsby-highlight-code-line\"> <span
class=\"token function\">setTimeout</span><span class=\"token
punctuation\">(</span><span class=\"token punctuation\">(</span><span class=\"token
punctuation\">)</span> <span class=\"token operator\">=></span> <span class=\"token
punctuation\">{</span></span><span class=\"gatsby-highlight-code-line\">
<span class=\"token function\">setErrorMessage</span><span class=\"token
punctuation\">(</span><span class=\"token keyword\">null</span><span class=\"token
punctuation\">)</span></span><span class=\"gatsby-highlight-code-line\"> <span
class=\"token punctuation\">}</span><span class=\"token punctuation\">,</span>
<span class=\"token number\">5000</span><span class=\"token
punctuation\">)</span></span><span class=\"gatsby-highlight-code-line\"> <span
class=\"token punctuation\">}</span></span> <span class=\"token
punctuation\">}</span>\n\n <span class=\"token comment\">// ...</span>\n<span
class=\"token punctuation\">}</span></code></pre></div>\n<p>If the login is
successful, the form fields are emptied <i>and</i> the server response (including a
<i>token</i> and the user details) is saved to the <i>user</i> field of the
application's state.</p>\n<p>If the login fails, or running the function
<em>loginService.login</em> results in an error, the user is notified. </p>\n<p>The
user is not notified about a successful login in any way. Let's modify the
application to show the login form only <i>if the user is not logged-in</i> so when
<em>user === null</em>. The form for adding new notes is shown only if the <i>user
is logged-in</i>, so <i>user</i> contains the user details. </p>\n<p>Let's add two
helper functions to the <i>App</i> component for generating the forms: </p>\n<div
class=\"gatsby-highlight\" data-language=\"js\"><pre class=\"language-js\"><code
class=\"language-js\"><span class=\"token keyword\">const</span> <span
class=\"token function-variable function\">App</span> <span class=\"token
operator\">=</span> <span class=\"token punctuation\">(</span><span class=\"token
punctuation\">)</span> <span class=\"token operator\">=></span> <span class=\"token
punctuation\">{</span>\n <span class=\"token comment\">// ...</span>\n\n <span
class=\"token keyword\">const</span> <span class=\"token function-variable
function\">loginForm</span> <span class=\"token operator\">=</span> <span
class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>
<span class=\"token operator\">=></span> <span class=\"token
punctuation\">(</span>\n <span class=\"token operator\">&lt;</span>form
onSubmit<span class=\"token operator\">=</span><span class=\"token
punctuation\">{</span>handleLogin<span class=\"token punctuation\">}</span><span
class=\"token operator\">></span>\n <span class=\"token
operator\">&lt;</span>div<span class=\"token operator\">></span>\n
username\n <span class=\"token operator\">&lt;</span>input\n
type<span class=\"token operator\">=</span><span class=\"token
string\">\"text\"</span>\n value<span class=\"token
operator\">=</span><span class=\"token punctuation\">{</span>username<span
class=\"token punctuation\">}</span>\n name<span class=\"token
operator\">=</span><span class=\"token string\">\"Username\"</span>\n
onChange<span class=\"token operator\">=</span><span class=\"token
punctuation\">{</span><span class=\"token punctuation\">(</span><span class=\"token
parameter\"><span class=\"token punctuation\">{</span> target <span class=\"token
punctuation\">}</span></span><span class=\"token punctuation\">)</span> <span
class=\"token operator\">=></span> <span class=\"token
function\">setUsername</span><span class=\"token punctuation\">(</span>target<span
class=\"token punctuation\">.</span>value<span class=\"token
punctuation\">)</span><span class=\"token punctuation\">}</span>\n <span
class=\"token operator\">/</span><span class=\"token operator\">></span>\n
<span class=\"token operator\">&lt;</span><span class=\"token
operator\">/</span>div<span class=\"token operator\">></span>\n <span
class=\"token operator\">&lt;</span>div<span class=\"token operator\">></span>\n
password\n <span class=\"token operator\">&lt;</span>input\n
type<span class=\"token operator\">=</span><span class=\"token
string\">\"password\"</span>\n value<span class=\"token
operator\">=</span><span class=\"token punctuation\">{</span>password<span
class=\"token punctuation\">}</span>\n name<span class=\"token
operator\">=</span><span class=\"token string\">\"Password\"</span>\n
onChange<span class=\"token operator\">=</span><span class=\"token
punctuation\">{</span><span class=\"token punctuation\">(</span><span class=\"token
parameter\"><span class=\"token punctuation\">{</span> target <span class=\"token
punctuation\">}</span></span><span class=\"token punctuation\">)</span> <span
class=\"token operator\">=></span> <span class=\"token
function\">setPassword</span><span class=\"token punctuation\">(</span>target<span
class=\"token punctuation\">.</span>value<span class=\"token
punctuation\">)</span><span class=\"token punctuation\">}</span>\n <span
class=\"token operator\">/</span><span class=\"token operator\">></span>\n
<span class=\"token operator\">&lt;</span><span class=\"token
operator\">/</span>div<span class=\"token operator\">></span>\n <span
class=\"token operator\">&lt;</span>button type<span class=\"token
operator\">=</span><span class=\"token string\">\"submit\"</span><span
class=\"token operator\">></span>login<span class=\"token
operator\">&lt;</span><span class=\"token operator\">/</span>button<span
class=\"token operator\">></span>\n <span class=\"token
operator\">&lt;</span><span class=\"token operator\">/</span>form<span
class=\"token operator\">></span> \n <span class=\"token
punctuation\">)</span>\n\n <span class=\"token keyword\">const</span> <span
class=\"token function-variable function\">noteForm</span> <span class=\"token
operator\">=</span> <span class=\"token punctuation\">(</span><span class=\"token
punctuation\">)</span> <span class=\"token operator\">=></span> <span class=\"token
punctuation\">(</span>\n <span class=\"token operator\">&lt;</span>form
onSubmit<span class=\"token operator\">=</span><span class=\"token
punctuation\">{</span>addNote<span class=\"token punctuation\">}</span><span
class=\"token operator\">></span>\n <span class=\"token
operator\">&lt;</span>input\n value<span class=\"token
operator\">=</span><span class=\"token punctuation\">{</span>newNote<span
class=\"token punctuation\">}</span>\n onChange<span class=\"token
operator\">=</span><span class=\"token punctuation\">{</span>handleNoteChange<span
class=\"token punctuation\">}</span>\n <span class=\"token
operator\">/</span><span class=\"token operator\">></span>\n <span
class=\"token operator\">&lt;</span>button type<span class=\"token
operator\">=</span><span class=\"token string\">\"submit\"</span><span
class=\"token operator\">></span>save<span class=\"token
operator\">&lt;</span><span class=\"token operator\">/</span>button<span
class=\"token operator\">></span>\n <span class=\"token
operator\">&lt;</span><span class=\"token operator\">/</span>form<span
class=\"token operator\">></span> \n <span class=\"token
punctuation\">)</span>\n\n <span class=\"token keyword\">return</span> <span
class=\"token punctuation\">(</span>\n <span class=\"token comment\">//
...</span>\n <span class=\"token punctuation\">)</span>\n<span class=\"token
punctuation\">}</span></code></pre></div>\n<p>and conditionally render
them:</p>\n<div class=\"gatsby-highlight\" data-language=\"js\"><pre
class=\"language-js\"><code class=\"language-js\"><span class=\"token
keyword\">const</span> <span class=\"token function-variable function\">App</span>
<span class=\"token operator\">=</span> <span class=\"token
punctuation\">(</span><span class=\"token punctuation\">)</span> <span
class=\"token operator\">=></span> <span class=\"token punctuation\">{</span>\n
<span class=\"token comment\">// ...</span>\n\n <span class=\"token
keyword\">const</span> <span class=\"token function-variable
function\">loginForm</span> <span class=\"token operator\">=</span> <span
class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>
<span class=\"token operator\">=></span> <span class=\"token
punctuation\">(</span>\n <span class=\"token comment\">// ...</span>\n <span
class=\"token punctuation\">)</span>\n\n <span class=\"token
keyword\">const</span> <span class=\"token function-variable
function\">noteForm</span> <span class=\"token operator\">=</span> <span
class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>
<span class=\"token operator\">=></span> <span class=\"token
punctuation\">(</span>\n <span class=\"token comment\">// ...</span>\n <span
class=\"token punctuation\">)</span>\n\n <span class=\"token
keyword\">return</span> <span class=\"token
punctuation\">(</span>\n <span class=\"token operator\">&lt;</span>div<span
class=\"token operator\">></span>\n <span class=\"token
operator\">&lt;</span>h1<span class=\"token operator\">></span>Notes<span
class=\"token operator\">&lt;</span><span class=\"token operator\">/</span>h1<span
class=\"token operator\">></span>\n\n <span class=\"token
operator\">&lt;</span>Notification message<span class=\"token
operator\">=</span><span class=\"token punctuation\">{</span>errorMessage<span
class=\"token punctuation\">}</span> <span class=\"token operator\">/</span><span
class=\"token operator\">></span>\n\n<span class=\"gatsby-highlight-code-line\">
<span class=\"token punctuation\">{</span>user <span class=\"token
operator\">===</span> <span class=\"token keyword\">null</span> <span class=\"token
operator\">&amp;&amp;</span> <span class=\"token function\">loginForm</span><span
class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span><span
class=\"token punctuation\">}</span></span><span class=\"gatsby-highlight-code-
line\"> <span class=\"token punctuation\">{</span>user <span class=\"token
operator\">!==</span> <span class=\"token keyword\">null</span> <span class=\"token
operator\">&amp;&amp;</span> <span class=\"token function\">noteForm</span><span
class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span><span
class=\"token punctuation\">}</span></span>\n <span class=\"token
operator\">&lt;</span>div<span class=\"token operator\">></span>\n <span
class=\"token operator\">&lt;</span>button onClick<span class=\"token
operator\">=</span><span class=\"token punctuation\">{</span><span class=\"token
punctuation\">(</span><span class=\"token punctuation\">)</span> <span
class=\"token operator\">=></span> <span class=\"token
function\">setShowAll</span><span class=\"token punctuation\">(</span><span
class=\"token operator\">!</span>showAll<span class=\"token
punctuation\">)</span><span class=\"token punctuation\">}</span><span class=\"token
operator\">></span>\n show <span class=\"token
punctuation\">{</span>showAll <span class=\"token operator\">?</span> <span
class=\"token string\">'important'</span> <span class=\"token operator\">:</span>
<span class=\"token string\">'all'</span><span class=\"token
punctuation\">}</span>\n <span class=\"token operator\">&lt;</span><span
class=\"token operator\">/</span>button<span class=\"token operator\">></span>\n
<span class=\"token operator\">&lt;</span><span class=\"token
operator\">/</span>div<span class=\"token operator\">></span>\n <span
class=\"token operator\">&lt;</span>ul<span class=\"token operator\">></span>\n
<span class=\"token punctuation\">{</span>notesToShow<span class=\"token
punctuation\">.</span><span class=\"token function\">map</span><span class=\"token
punctuation\">(</span><span class=\"token punctuation\">(</span><span class=\"token
parameter\">note<span class=\"token punctuation\">,</span> i</span><span
class=\"token punctuation\">)</span> <span class=\"token operator\">=></span> \n
<span class=\"token operator\">&lt;</span>Note\n key<span class=\"token
operator\">=</span><span class=\"token punctuation\">{</span>i<span class=\"token
punctuation\">}</span>\n note<span class=\"token
operator\">=</span><span class=\"token punctuation\">{</span>note<span
class=\"token punctuation\">}</span> \n toggleImportance<span
class=\"token operator\">=</span><span class=\"token punctuation\">{</span><span
class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>
<span class=\"token operator\">=></span> <span class=\"token
function\">toggleImportanceOf</span><span class=\"token
punctuation\">(</span>note<span class=\"token punctuation\">.</span>id<span
class=\"token punctuation\">)</span><span class=\"token punctuation\">}</span>\n
<span class=\"token operator\">/</span><span class=\"token operator\">></span>\n
<span class=\"token punctuation\">)</span><span class=\"token
punctuation\">}</span>\n <span class=\"token operator\">&lt;</span><span
class=\"token operator\">/</span>ul<span class=\"token operator\">></span>\n\n
<span class=\"token operator\">&lt;</span>Footer <span class=\"token
operator\">/</span><span class=\"token operator\">></span>\n <span class=\"token
operator\">&lt;</span><span class=\"token operator\">/</span>div<span class=\"token
operator\">></span>\n <span class=\"token punctuation\">)</span>\n<span
class=\"token punctuation\">}</span></code></pre></div>\n<p>A slightly odd looking,
but commonly used <a href=\"https://reactjs.org/docs/conditional-
rendering.html#inline-if-with-logical--operator\">React trick</a> is used to render
the forms conditionally: </p>\n<div class=\"gatsby-highlight\" data-
language=\"js\"><pre class=\"language-js\"><code class=\"language-js\"><span
class=\"token punctuation\">{</span>\n user <span class=\"token
operator\">===</span> <span class=\"token keyword\">null</span> <span class=\"token
operator\">&amp;&amp;</span> <span class=\"token function\">loginForm</span><span
class=\"token punctuation\">(</span><span class=\"token
punctuation\">)</span>\n<span class=\"token
punctuation\">}</span></code></pre></div>\n<p>If the first statement evaluates to
false, or is <a href=\"https://developer.mozilla.org/en-
US/docs/Glossary/Falsy\">falsy</a>, the second statement (generating the form) is
not executed at all. </p>\n<p>We can make this even more straightforward by using
the <a href=\"https://developer.mozilla.org/en-
US/docs/Web/JavaScript/Reference/Operators/Conditional_Operator\">conditional
operator</a>:</p>\n<div class=\"gatsby-highlight\" data-language=\"js\"><pre
class=\"language-js\"><code class=\"language-js\"><span class=\"token
keyword\">return</span> <span class=\"token punctuation\">(</span>\n <span
class=\"token operator\">&lt;</span>div<span class=\"token operator\">></span>\n
<span class=\"token operator\">&lt;</span>h1<span class=\"token
operator\">></span>Notes<span class=\"token operator\">&lt;</span><span
class=\"token operator\">/</span>h1<span class=\"token operator\">></span>\n\n
<span class=\"token operator\">&lt;</span>Notification message<span class=\"token
operator\">=</span><span class=\"token punctuation\">{</span>errorMessage<span
class=\"token punctuation\">}</span><span class=\"token operator\">/</span><span
class=\"token operator\">></span>\n\n <span class=\"token
punctuation\">{</span>user <span class=\"token operator\">===</span> <span
class=\"token keyword\">null</span> <span class=\"token operator\">?</span>\n
<span class=\"token function\">loginForm</span><span class=\"token
punctuation\">(</span><span class=\"token punctuation\">)</span> <span
class=\"token operator\">:</span>\n <span class=\"token
function\">noteForm</span><span class=\"token punctuation\">(</span><span
class=\"token punctuation\">)</span>\n <span class=\"token
punctuation\">}</span>\n\n <span class=\"token operator\">&lt;</span>h2<span
class=\"token operator\">></span>Notes<span class=\"token
operator\">&lt;</span><span class=\"token operator\">/</span>h2<span class=\"token
operator\">></span>\n\n <span class=\"token comment\">// ...</span>\n\n <span
class=\"token operator\">&lt;</span><span class=\"token operator\">/</span>div<span
class=\"token operator\">></span>\n<span class=\"token
punctuation\">)</span></code></pre></div>\n<p>If <em>user === null</em> is <a
href=\"https://developer.mozilla.org/en-US/docs/Glossary/Truthy\">truthy</a>,
<em>loginForm()</em> is executed. If not, <em>noteForm()</em> is.</p>\n<p>Let's do
one more modification. If the user is logged-in, their name is shown on the screen:
</p>\n<div class=\"gatsby-highlight\" data-language=\"js\"><pre class=\"language-
js\"><code class=\"language-js\"><span class=\"token keyword\">return</span> <span
class=\"token punctuation\">(</span>\n <span class=\"token
operator\">&lt;</span>div<span class=\"token operator\">></span>\n <span
class=\"token operator\">&lt;</span>h1<span class=\"token
operator\">></span>Notes<span class=\"token operator\">&lt;</span><span
class=\"token operator\">/</span>h1<span class=\"token operator\">></span>\n\n
<span class=\"token operator\">&lt;</span>Notification message<span class=\"token
operator\">=</span><span class=\"token punctuation\">{</span>errorMessage<span
class=\"token punctuation\">}</span> <span class=\"token operator\">/</span><span
class=\"token operator\">></span>\n\n <span class=\"token
punctuation\">{</span>user <span class=\"token operator\">===</span> <span
class=\"token keyword\">null</span> <span class=\"token operator\">?</span>\n
<span class=\"token function\">loginForm</span><span class=\"token
punctuation\">(</span><span class=\"token punctuation\">)</span> <span
class=\"token operator\">:</span>\n <span class=\"token
operator\">&lt;</span>div<span class=\"token operator\">></span>\n <span
class=\"token operator\">&lt;</span>p<span class=\"token operator\">></span><span
class=\"token punctuation\">{</span>user<span class=\"token
punctuation\">.</span>name<span class=\"token punctuation\">}</span> logged<span
class=\"token operator\">-</span><span class=\"token keyword\">in</span><span
class=\"token operator\">&lt;</span><span class=\"token operator\">/</span>p<span
class=\"token operator\">></span>\n <span class=\"token
punctuation\">{</span><span class=\"token function\">noteForm</span><span
class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span><span
class=\"token punctuation\">}</span>\n <span class=\"token
operator\">&lt;</span><span class=\"token operator\">/</span>div<span class=\"token
operator\">></span>\n <span class=\"token punctuation\">}</span>\n\n <span
class=\"token operator\">&lt;</span>h2<span class=\"token
operator\">></span>Notes<span class=\"token operator\">&lt;</span><span
class=\"token operator\">/</span>h2<span class=\"token operator\">></span>\n\n
<span class=\"token comment\">// ...</span>\n\n <span class=\"token
operator\">&lt;</span><span class=\"token operator\">/</span>div<span class=\"token
operator\">></span>\n<span class=\"token
punctuation\">)</span></code></pre></div>\n<p>The solution isn't perfect, but we'll
leave it for now. </p>\n<p>Our main component <i>App</i> is at the moment way too
large. The changes we did now are a clear sign that the forms should be refactored
into their own components. However, we will leave that for an optional exercise.
</p>\n<p>Current application code can be found on <a
href=\"https://github.com/fullstack-hy/part2-notes/tree/part5-2\">Github</a>,
branch <i>part5-2</i>.</p>\n<h3>Creating new notes</h3>\n<p>The token returned with
a successful login is saved to the application's state - the <i>user</i>'s field
<i>token</i>:</p>\n<div class=\"gatsby-highlight\" data-language=\"js\"><pre
class=\"language-js\"><code class=\"language-js\"><span class=\"token
keyword\">const</span> <span class=\"token function-variable
function\">handleLogin</span> <span class=\"token operator\">=</span> <span
class=\"token keyword\">async</span> <span class=\"token
punctuation\">(</span><span class=\"token parameter\">event</span><span
class=\"token punctuation\">)</span> <span class=\"token operator\">=></span> <span
class=\"token punctuation\">{</span>\n event<span class=\"token
punctuation\">.</span><span class=\"token function\">preventDefault</span><span
class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>\n
<span class=\"token keyword\">try</span> <span class=\"token
punctuation\">{</span>\n <span class=\"token keyword\">const</span> user <span
class=\"token operator\">=</span> <span class=\"token keyword\">await</span>
loginService<span class=\"token punctuation\">.</span><span class=\"token
function\">login</span><span class=\"token punctuation\">(</span><span
class=\"token punctuation\">{</span>\n username<span class=\"token
punctuation\">,</span> password<span class=\"token punctuation\">,</span>\n
<span class=\"token punctuation\">}</span><span class=\"token
punctuation\">)</span>\n\n<span class=\"gatsby-highlight-code-line\"> <span
class=\"token function\">setUser</span><span class=\"token
punctuation\">(</span>user<span class=\"token punctuation\">)</span></span>
<span class=\"token function\">setUsername</span><span class=\"token
punctuation\">(</span><span class=\"token string\">''</span><span class=\"token
punctuation\">)</span>\n <span class=\"token function\">setPassword</span><span
class=\"token punctuation\">(</span><span class=\"token string\">''</span><span
class=\"token punctuation\">)</span>\n <span class=\"token punctuation\">}</span>
<span class=\"token keyword\">catch</span> <span class=\"token
punctuation\">(</span>exception<span class=\"token punctuation\">)</span> <span
class=\"token punctuation\">{</span>\n <span class=\"token comment\">//
...</span>\n <span class=\"token punctuation\">}</span>\n<span class=\"token
punctuation\">}</span></code></pre></div>\n<p>Let's fix creating new notes so it
works with the backend. This means adding the token of the logged-in user to the
Authorization header of the HTTP request. </p>\n<p>The <i>noteService</i> module
changes like so: </p>\n<div class=\"gatsby-highlight\" data-language=\"js\"><pre
class=\"language-js\"><code class=\"language-js\"><span class=\"token
keyword\">import</span> axios <span class=\"token keyword\">from</span> <span
class=\"token string\">'axios'</span>\n<span class=\"token keyword\">const</span>
baseUrl <span class=\"token operator\">=</span> <span class=\"token
string\">'/api/notes'</span>\n\n<span class=\"gatsby-highlight-code-line\"><span
class=\"token keyword\">let</span> token <span class=\"token operator\">=</span>
<span class=\"token keyword\">null</span></span>\n<span class=\"gatsby-highlight-
code-line\"><span class=\"token keyword\">const</span> <span class=\"token
function-variable function\">setToken</span> <span class=\"token
operator\">=</span> <span class=\"token parameter\">newToken</span> <span
class=\"token operator\">=></span> <span class=\"token
punctuation\">{</span></span><span class=\"gatsby-highlight-code-line\"> token
<span class=\"token operator\">=</span> <span class=\"token template-string\"><span
class=\"token template-punctuation string\">`</span><span class=\"token
string\">bearer </span><span class=\"token interpolation\"><span class=\"token
interpolation-punctuation punctuation\">${</span>newToken<span class=\"token
interpolation-punctuation punctuation\">}</span></span><span class=\"token
template-punctuation string\">`</span></span></span><span class=\"gatsby-highlight-
code-line\"><span class=\"token punctuation\">}</span></span>\n<span class=\"token
keyword\">const</span> <span class=\"token function-variable
function\">getAll</span> <span class=\"token operator\">=</span> <span
class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>
<span class=\"token operator\">=></span> <span class=\"token
punctuation\">{</span>\n <span class=\"token keyword\">const</span> request <span
class=\"token operator\">=</span> axios<span class=\"token
punctuation\">.</span><span class=\"token function\">get</span><span class=\"token
punctuation\">(</span>baseUrl<span class=\"token punctuation\">)</span>\n <span
class=\"token keyword\">return</span> request<span class=\"token
punctuation\">.</span><span class=\"token function\">then</span><span class=\"token
punctuation\">(</span><span class=\"token parameter\">response</span> <span
class=\"token operator\">=></span> response<span class=\"token
punctuation\">.</span>data<span class=\"token punctuation\">)</span>\n<span
class=\"token punctuation\">}</span>\n\n<span class=\"token keyword\">const</span>
<span class=\"token function-variable function\">create</span> <span class=\"token
operator\">=</span> <span class=\"token keyword\">async</span> <span class=\"token
parameter\">newObject</span> <span class=\"token operator\">=></span> <span
class=\"token punctuation\">{</span>\n<span class=\"gatsby-highlight-code-line\">
<span class=\"token keyword\">const</span> config <span class=\"token
operator\">=</span> <span class=\"token punctuation\">{</span></span><span
class=\"gatsby-highlight-code-line\"> headers<span class=\"token
operator\">:</span> <span class=\"token punctuation\">{</span> Authorization<span
class=\"token operator\">:</span> token <span class=\"token
punctuation\">}</span><span class=\"token punctuation\">,</span></span><span
class=\"gatsby-highlight-code-line\"> <span class=\"token
punctuation\">}</span></span>\n<span class=\"gatsby-highlight-code-line\"> <span
class=\"token keyword\">const</span> response <span class=\"token
operator\">=</span> <span class=\"token keyword\">await</span> axios<span
class=\"token punctuation\">.</span><span class=\"token function\">post</span><span
class=\"token punctuation\">(</span>baseUrl<span class=\"token
punctuation\">,</span> newObject<span class=\"token punctuation\">,</span>
config<span class=\"token punctuation\">)</span></span> <span class=\"token
keyword\">return</span> response<span class=\"token
punctuation\">.</span>data\n<span class=\"token punctuation\">}</span>\n\n<span
class=\"token keyword\">const</span> <span class=\"token function-variable
function\">update</span> <span class=\"token operator\">=</span> <span
class=\"token punctuation\">(</span><span class=\"token parameter\">id<span
class=\"token punctuation\">,</span> newObject</span><span class=\"token
punctuation\">)</span> <span class=\"token operator\">=></span> <span class=\"token
punctuation\">{</span>\n <span class=\"token keyword\">const</span> request <span
class=\"token operator\">=</span> axios<span class=\"token
punctuation\">.</span><span class=\"token function\">put</span><span class=\"token
punctuation\">(</span><span class=\"token template-string\"><span class=\"token
template-punctuation string\">`</span><span class=\"token interpolation\"><span
class=\"token interpolation-punctuation punctuation\">${</span> baseUrl <span
class=\"token interpolation-punctuation punctuation\">}</span></span><span
class=\"token string\"> /</span><span class=\"token interpolation\"><span
class=\"token interpolation-punctuation punctuation\">${</span>id<span
class=\"token interpolation-punctuation punctuation\">}</span></span><span
class=\"token template-punctuation string\">`</span></span><span class=\"token
punctuation\">,</span> newObject<span class=\"token punctuation\">)</span>\n <span
class=\"token keyword\">return</span> request<span class=\"token
punctuation\">.</span><span class=\"token function\">then</span><span class=\"token
punctuation\">(</span><span class=\"token parameter\">response</span> <span
class=\"token operator\">=></span> response<span class=\"token
punctuation\">.</span>data<span class=\"token punctuation\">)</span>\n<span
class=\"token punctuation\">}</span>\n\n<span class=\"gatsby-highlight-code-
line\"><span class=\"token keyword\">export</span> <span class=\"token
keyword\">default</span> <span class=\"token punctuation\">{</span> getAll<span
class=\"token punctuation\">,</span> create<span class=\"token
punctuation\">,</span> update<span class=\"token punctuation\">,</span> setToken
<span class=\"token punctuation\">}</span></span></code></pre></div>\n<p>The
noteService module contains a private variable <em>token</em>. Its value can be
changed with a function <em>setToken</em>, which is exported by the module.
<em>create</em>, now with async/await syntax, sets the token to the
<i>Authorization</i> header. The header is given to axios as the third parameter of
the <i>post</i> method. </p>\n<p>The
event handler responsible for login must be changed to call the method
<code>noteService.setToken(user.token)</code> with a successful login: </p>\n<div
class=\"gatsby-highlight\" data-language=\"js\"><pre class=\"language-js\"><code
class=\"language-js\"><span class=\"token keyword\">const</span> <span
class=\"token function-variable function\">handleLogin</span> <span class=\"token
operator\">=</span> <span class=\"token keyword\">async</span> <span class=\"token
punctuation\">(</span><span class=\"token parameter\">event</span><span
class=\"token punctuation\">)</span> <span class=\"token operator\">=></span> <span
class=\"token punctuation\">{</span>\n event<span class=\"token
punctuation\">.</span><span class=\"token function\">preventDefault</span><span
class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>\n
<span class=\"token keyword\">try</span> <span class=\"token
punctuation\">{</span>\n <span class=\"token keyword\">const</span> user <span
class=\"token operator\">=</span> <span class=\"token keyword\">await</span>
loginService<span class=\"token punctuation\">.</span><span class=\"token
function\">login</span><span class=\"token punctuation\">(</span><span
class=\"token punctuation\">{</span>\n username<span class=\"token
punctuation\">,</span> password<span class=\"token punctuation\">,</span>\n
<span class=\"token punctuation\">}</span><span class=\"token
punctuation\">)</span>\n\n<span class=\"gatsby-highlight-code-line\">
noteService<span class=\"token punctuation\">.</span><span class=\"token
function\">setToken</span><span class=\"token punctuation\">(</span>user<span
class=\"token punctuation\">.</span>token<span class=\"token
punctuation\">)</span></span> <span class=\"token function\">setUser</span><span
class=\"token punctuation\">(</span>user<span class=\"token
punctuation\">)</span>\n <span class=\"token function\">setUsername</span><span
class=\"token punctuation\">(</span><span class=\"token string\">''</span><span
class=\"token punctuation\">)</span>\n <span class=\"token
function\">setPassword</span><span class=\"token punctuation\">(</span><span
class=\"token string\">''</span><span class=\"token punctuation\">)</span>\n <span
class=\"token punctuation\">}</span> <span class=\"token keyword\">catch</span>
<span class=\"token punctuation\">(</span>exception<span class=\"token
punctuation\">)</span> <span class=\"token punctuation\">{</span>\n <span
class=\"token comment\">// ...</span>\n <span class=\"token
punctuation\">}</span>\n<span class=\"token
punctuation\">}</span></code></pre></div>\n<p>And now adding new notes works again!
</p>\n<h3>Saving the token to the browser's local storage</h3>\n<p>Our application
has a flaw: when the page is rerendered, information of the user's login
disappears. This also slows down development. For example when we test creating new
notes, we have to login again every single time. </p>\n<p>This problem is easily
solved by saving the login details to <a href=\"https://developer.mozilla.org/en-
US/docs/Web/API/Storage\">local storage</a>. Local Storage is a <a
href=\"https://en.wikipedia.org/wiki/Key-value_database\">key-value</a> database in
the browser. </p>\n<p>It is very easy to use. A <i>value</i> corresponding to a
certain <i>key</i> is saved to the database with method <a
href=\"https://developer.mozilla.org/en-
US/docs/Web/API/Storage/setItem\">setItem</a>. For example: </p>\n<div
class=\"gatsby-highlight\" data-language=\"js\"><pre class=\"language-js\"><code
class=\"language-js\">window<span class=\"token
punctuation\">.</span>localStorage<span class=\"token punctuation\">.</span><span
class=\"token function\">setItem</span><span class=\"token
punctuation\">(</span><span class=\"token string\">'name'</span><span class=\"token
punctuation\">,</span> <span class=\"token string\">'juha tauriainen'</span><span
class=\"token punctuation\">)</span></code></pre></div>\n<p>saves the string given
as the second parameter as the value of key <i>name</i>. </p>\n<p>The value of a
key can be found with method <a href=\"https://developer.mozilla.org/en-
US/docs/Web/API/Storage/getItem\">getItem</a>:</p>\n<div class=\"gatsby-highlight\"
data-language=\"js\"><pre class=\"language-js\"><code class=\"language-
js\">window<span class=\"token punctuation\">.</span>localStorage<span
class=\"token punctuation\">.</span><span class=\"token
function\">getItem</span><span class=\"token punctuation\">(</span><span
class=\"token string\">'name'</span><span class=\"token
punctuation\">)</span></code></pre></div>\n<p>and <a
href=\"https://developer.mozilla.org/en-
US/docs/Web/API/Storage/removeItem\">removeItem</a> removes a key. </p>\n<p>Values
in the local storage are persisted even when the page is rerendered. The storage is
<a href=\"https://developer.mozilla.org/en-US/docs/Glossary/Origin\">origin</a>-
specific so each web application has its own storage. </p>\n<p>Let's extend our
application so that it saves the details of a logged-in user to the local storage.
</p>\n<p>Values saved to the storage are <a
href=\"https://developer.mozilla.org/en-US/docs/Web/API/DOMString\">DOMstrings</a>,
so we cannot save a JavaScript object as is. The object has to be parsed to JSON
first, with the method <em>JSON.stringify</em>. Correspondingly, when a JSON object
is read from the local storage, it has to be parsed back to JavaScript with
<em>JSON.parse</em>.</p>\n<p>Changes to the login method are as follows: </p>\n<div
class=\"gatsby-highlight\" data-language=\"js\"><pre class=\"language-js\"><code
class=\"language-js\"> <span class=\"token keyword\">const</span> <span
class=\"token function-variable function\">handleLogin</span> <span class=\"token
operator\">=</span> <span class=\"token keyword\">async</span> <span class=\"token
punctuation\">(</span><span class=\"token parameter\">event</span><span
class=\"token punctuation\">)</span> <span class=\"token operator\">=></span> <span
class=\"token punctuation\">{</span>\n event<span class=\"token
punctuation\">.</span><span class=\"token function\">preventDefault</span><span
class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span>\n
<span class=\"token keyword\">try</span> <span class=\"token
punctuation\">{</span>\n <span class=\"token keyword\">const</span> user <span
class=\"token operator\">=</span> <span class=\"token keyword\">await</span>
loginService<span class=\"token punctuation\">.</span><span class=\"token
function\">login</span><span class=\"token punctuation\">(</span><span
class=\"token punctuation\">{</span>\n username<span class=\"token
punctuation\">,</span> password<span class=\"token punctuation\">,</span>\n
<span class=\"token punctuation\">}</span><span class=\"token
punctuation\">)</span>\n\n<span class=\"gatsby-highlight-code-line\">
window<span class=\"token punctuation\">.</span>localStorage<span class=\"token
punctuation\">.</span><span class=\"token function\">setItem</span><span
class=\"token punctuation\">(</span></span><span class=\"gatsby-highlight-code-
line\"> <span class=\"token string\">'loggedNoteappUser'</span><span
class=\"token punctuation\">,</span> <span class=\"token
constant\">JSON</span><span class=\"token punctuation\">.</span><span class=\"token
function\">stringify</span><span class=\"token punctuation\">(</span>user<span
class=\"token punctuation\">)</span></span><span class=\"gatsby-highlight-code-
line\"> <span class=\"token punctuation\">)</span> </span>
noteService<span class=\"token punctuation\">.</span><span class=\"token
function\">setToken</span><span class=\"token punctuation\">(</span>user<span
class=\"token punctuation\">.</span>token<span class=\"token
punctuation\">)</span>\n <span class=\"token function\">setUser</span><span
class=\"token punctuation\">(</span>user<span class=\"token
punctuation\">)</span>\n <span class=\"token
function\">setUsername</span><span class=\"token punctuation\">(</span><span
class=\"token string\">''</span><span class=\"token punctuation\">)</span>\n
<span class=\"token function\">setPassword</span><span class=\"token
punctuation\">(</span><span class=\"token string\">''</span><span class=\"token
punctuation\">)</span>\n <span class=\"token punctuation\">}</span> <span
class=\"token keyword\">catch</span> <span class=\"token
punctuation\">(</span>exception<span class=\"token punctuation\">)</span> <span
class=\"token punctuation\">{</span>\n <span class=\"token comment\">//
...</span>\n <span class=\"token punctuation\">}</span>\n <span class=\"token
punctuation\">}</span></code></pre></div>\n<p>The details of a logged-in user are
now saved to the local storage, and they can be viewed on the console (by typing
<code class=\"language-text\">window.localStorage</code> to the console):
</p>\n<picture><img src=\"/static/a69b93f2f1d403c968a3118a612a559a/5a190/3e.png\"
srcset=\"/static/a69b93f2f1d403c968a3118a612a559a/772e8/3e.png
200w,\n/static/a69b93f2f1d403c968a3118a612a559a/e17e5/3e.png
400w,\n/static/a69b93f2f1d403c968a3118a612a559a/5a190/3e.png
800w,\n/static/a69b93f2f1d403c968a3118a612a559a/c1b63/3e.png
1200w,\n/static/a69b93f2f1d403c968a3118a612a559a/29007/3e.png
1600w,\n/static/a69b93f2f1d403c968a3118a612a559a/e67a8/3e.png 1740w\" sizes=\"(max-
width: 800px) 100vw, 800px\"></picture>\n<p>You can also inspect the local storage
using the developer tools. On Chrome, go to the <i>Application</i> tab and select
<i>Local Storage</i> (more details <a
href=\"https://developers.google.com/web/tools/chrome-
devtools/storage/localstorage\">here</a>). On Firefox go to the <i>Storage</i> tab
and select <i>Local Storage</i> (details <a
href=\"https://developer.mozilla.org/en-
US/docs/Tools/Storage_Inspector\">here</a>).</p>\n<p>We still have to modify our
application so that when we enter the page, the application
checks if user details of a logged-in user can already be found on the local
storage. If they can, the details are saved to the state of the application and to
<i>noteService</i>.</p>\n<p>The right way to do this is with an <a
href=\"https://reactjs.org/docs/hooks-effect.html\">effect hook</a>: a mechanism we
first encountered in <a href=\"/en/part2/getting_data_from_server#effect-
hooks\">part 2</a>, and used to fetch notes from the server. </p>\n<p>We can have
multiple effect hooks, so let's create a second one to handle the first loading of
the page:</p>\n<div class=\"gatsby-highlight\" data-language=\"js\"><pre
class=\"language-js\"><code class=\"language-js\"><span class=\"token
keyword\">const</span> <span class=\"token function-variable function\">App</span>
<span class=\"token operator\">=</span> <span class=\"token
punctuation\">(</span><span class=\"token punctuation\">)</span> <span
class=\"token operator\">=></span> <span class=\"token punctuation\">{</span>\n
<span class=\"token keyword\">const</span> <span class=\"token
punctuation\">[</span>notes<span class=\"token punctuation\">,</span> setNotes<span
class=\"token punctuation\">]</span> <span class=\"token operator\">=</span> <span
class=\"token function\">useState</span><span class=\"token
punctuation\">(</span><span class=\"token punctuation\">[</span><span class=\"token
punctuation\">]</span><span class=\"token punctuation\">)</span> \n <span
class=\"token keyword\">const</span> <span class=\"token
punctuation\">[</span>newNote<span class=\"token punctuation\">,</span>
setNewNote<span class=\"token punctuation\">]</span> <span class=\"token
operator\">=</span> <span class=\"token function\">useState</span><span
class=\"token punctuation\">(</span><span class=\"token string\">''</span><span
class=\"token punctuation\">)</span>\n <span class=\"token keyword\">const</span>
<span class=\"token punctuation\">[</span>showAll<span class=\"token
punctuation\">,</span> setShowAll<span class=\"token punctuation\">]</span> <span
class=\"token operator\">=</span> <span class=\"token
function\">useState</span><span class=\"token punctuation\">(</span><span
class=\"token boolean\">true</span><span class=\"token punctuation\">)</span>\n
<span class=\"token keyword\">const</span> <span class=\"token
punctuation\">[</span>errorMessage<span class=\"token punctuation\">,</span>
setErrorMessage<span class=\"token punctuation\">]</span> <span class=\"token
operator\">=</span> <span class=\"token function\">useState</span><span
class=\"token punctuation\">(</span><span class=\"token keyword\">null</span><span
class=\"token punctuation\">)</span>\n <span class=\"token keyword\">const</span>
<span class=\"token punctuation\">[</span>username<span class=\"token
punctuation\">,</span> setUsername<span class=\"token punctuation\">]</span> <span
class=\"token operator\">=</span> <span class=\"token
function\">useState</span><span class=\"token punctuation\">(</span><span
class=\"token string\">''</span><span class=\"token punctuation\">)</span> \n
<span class=\"token keyword\">const</span> <span class=\"token
punctuation\">[</span>password<span class=\"token punctuation\">,</span>
setPassword<span class=\"token punctuation\">]</span> <span class=\"token
operator\">=</span> <span class=\"token function\">useState</span><span
class=\"token punctuation\">(</span><span class=\"token string\">''</span><span
class=\"token punctuation\">)</span> \n <span class=\"token keyword\">const</span>
<span class=\"token punctuation\">[</span>user<span class=\"token
punctuation\">,</span> setUser<span class=\"token punctuation\">]</span> <span
class=\"token operator\">=</span> <span class=\"token
function\">useState</span><span class=\"token punctuation\">(</span><span
class=\"token keyword\">null</span><span class=\"token punctuation\">)</span> \n\n
<span class=\"token function\">useEffect</span><span class=\"token
punctuation\">(</span><span class=\"token punctuation\">(</span><span class=\"token
punctuation\">)</span> <span class=\"token operator\">=></span> <span class=\"token
punctuation\">{</span>\n noteService\n <span class=\"token
punctuation\">.</span><span class=\"token function\">getAll</span><span
class=\"token punctuation\">(</span><span class=\"token punctuation\">)</span><span
class=\"token punctuation\">.</span><span class=\"token function\">then</span><span
class=\"token punctuation\">(</span><span class=\"token
parameter\">initialNotes</span> <span class=\"token operator\">=></span> <span
class=\"token punctuation\">{</span>\n <span class=\"token
function\">setNotes</span><span class=\"token
punctuation\">(</span>initialNotes<span class=\"token punctuation\">)</span>\n
<span class=\"token punctuation\">}</span><span class=\"token
punctuation\">)</span>\n <span class=\"token punctuation\">}</span><span
class=\"token punctuation\">,</span> <span class=\"token
punctuation\">[</span><span class=\"token punctuation\">]</span><span class=\"token
punctuation\">)</span>\n\n<span class=\"gatsby-highlight-code-line\"> <span
class=\"token function\">useEffect</span><span class=\"token
punctuation\">(</span><span class=\"token punctuation\">(</span><span class=\"token
punctuation\">)</span> <span class=\"token operator\">=></span> <span class=\"token
punctuation\">{</span></span><span class=\"gatsby-highlight-code-line\"> <span
class=\"token keyword\">const</span> loggedUserJSON <span class=\"token
operator\">=</span> window<span class=\"token
punctuation\">.</span>localStorage<span class=\"token punctuation\">.</span><span
class=\"token function\">getItem</span><span class=\"token
punctuation\">(</span><span class=\"token string\">'loggedNoteappUser'</span><span
class=\"token punctuation\">)</span></span><span class=\"gatsby-highlight-code-
line\"> <span class=\"token keyword\">if</span> <span class=\"token
punctuation\">(</span>loggedUserJSON<span class=\"token punctuation\">)</span>
<span class=\"token punctuation\">{</span></span><span class=\"gatsby-highlight-
code-line\"> <span class=\"token keyword\">const</span> user <span
class=\"token operator\">=</span> <span class=\"token constant\">JSON</span><span
class=\"token punctuation\">.</span><span class=\"token
function\">parse</span><span class=\"token
punctuation\">(</span>loggedUserJSON<span class=\"token
punctuation\">)</span></span><span class=\"gatsby-highlight-code-line\"> <span
class=\"token function\">setUser</span><span class=\"token
punctuation\">(</span>user<span class=\"token punctuation\">)</span></span><span
class=\"gatsby-highlight-code-line\"> noteService<span class=\"token
punctuation\">.</span><span class=\"token function\">setToken</span><span
class=\"token punctuation\">(</span>user<span class=\"token
punctuation\">.</span>token<span class=\"token punctuation\">)</span></span><span
class=\"gatsby-highlight-code-line\"> <span class=\"token
punctuation\">}</span></span><span class=\"gatsby-highlight-code-line\"> <span
class=\"token punctuation\">}</span><span class=\"token punctuation\">,</span>
<span class=\"token punctuation\">[</span><span class=\"token
punctuation\">]</span><span class=\"token punctuation\">)</span></span>\n <span
class=\"token comment\">// ...</span>\n<span class=\"token
punctuation\">}</span></code></pre></div>\n<p>The empty array as the parameter of
the effect ensures that the effect is executed only when the component is rendered
<a href=\"https://reactjs.org/docs/hooks-reference.html#conditionally-firing-an-
effect\">for the first time</a>.</p>\n<p>Now a user stays logged-in in the
application forever. We should probably add a <i>logout</i> functionality which
removes the login details from the local storage. We will however leave it for an
exercise. </p>\n<p>It's possible to log out a user using the console, and that is
enough for now.\nYou can log out with the command:</p>\n<div class=\"gatsby-
highlight\" data-language=\"js\"><pre class=\"language-js\"><code class=\"language-
js\">window<span class=\"token punctuation\">.</span>localStorage<span
class=\"token punctuation\">.</span><span class=\"token
function\">removeItem</span><span class=\"token punctuation\">(</span><span
class=\"token string\">'loggedNoteappUser'</span><span class=\"token
punctuation\">)</span></code></pre></div>\n<p>or with the command which empties
<i>localstorage</i> completely: </p>\n<div class=\"gatsby-highlight\" data-
language=\"js\"><pre class=\"language-js\"><code class=\"language-js\">window<span
class=\"token punctuation\">.</span>localStorage<span class=\"token
punctuation\">.</span><span class=\"token function\">clear</span><span
class=\"token punctuation\">(</span><span class=\"token
punctuation\">)</span></code></pre></div>\n<p>Current application code can be found
on <a href=\"https://github.com/fullstack-hy/part2-notes/tree/part5-3\">Github</a>,
branch <i>part5-3</i>.</p>\n</div>\n<div class=\"tasks\">\n<h3>Exercises 5.1.-
5.4.</h3>\n<p>We will now create a frontend for the bloglist backend we created in
the last part. You can use <a href=\"https://github.com/fullstack-hy/bloglist-
frontend/\">this application</a> from GitHub as the base of your solution. The
application expects your backend to be running on port 3003. </p>\n<p>It is enough
to submit your finished solution. You can do a commit after each exercise, but that
is not necessary. </p>\n<p>The first few exercises revise everything we have
learned about React so far. They can be challenging, especially if your backend is
incomplete.\nIt might be best to use the backend from model answers of part 4.
</p>\n<p>While doing the exercises, remember all of the debugging methods we have
talked about, especially keeping an eye on the console.
</p>\n<p><strong>Warning:</strong> If you notice you are mixing in same function
async/await and <em>then</em> commands, it's 99.9% certain you are doing something
wrong. Use either or, never both. </p>\n<h4>5.1: bloglist frontend,
step1</h4>\n<p>Clone the application from <a href=\"https://github.com/fullstack-
hy/bloglist-frontend\">Github</a> with the command: </p>\n<div class=\"gatsby-
highlight\" data-language=\"bash\"><pre class=\"language-bash\"><code
class=\"language-bash\"><span class=\"token function\">git</span> clone
https://github.com/fullstack-hy/bloglist-frontend</code></pre></div>\n<p><i>remove
the git configuration of the cloned application</i></p>\n<div class=\"gatsby-
highlight\" data-language=\"bash\"><pre class=\"language-bash\"><code
class=\"language-bash\"><span class=\"token builtin class-name\">cd</span>
bloglist-frontend // go to cloned repository\n<span class=\"token
function\">rm</span> -rf .git</code></pre></div>\n<p>The application is started the
usual way, but you have to install its dependencies first: </p>\n<div
class=\"gatsby-highlight\" data-language=\"bash\"><pre class=\"language-
bash\"><code class=\"language-bash\"><span class=\"token function\">npm</span>
<span class=\"token function\">install</span>\n<span class=\"token
function\">npm</span> start</code></pre></div>\n<p>Implement login functionality to
the frontend. The token returned with a successful login is saved to the
application's state <i>user</i>.</p>\n<p>If a user is not logged-in, <i>only</i>
the login form is visible. </p>\n<picture><img
src=\"/static/7974958a48f7a4e873550b1b85bd8cbd/5a190/4e.png\"
srcset=\"/static/7974958a48f7a4e873550b1b85bd8cbd/772e8/4e.png
200w,\n/static/7974958a48f7a4e873550b1b85bd8cbd/e17e5/4e.png
400w,\n/static/7974958a48f7a4e873550b1b85bd8cbd/5a190/4e.png
800w,\n/static/7974958a48f7a4e873550b1b85bd8cbd/c1b63/4e.png
1200w,\n/static/7974958a48f7a4e873550b1b85bd8cbd/cf8e5/4e.png 1402w\" sizes=\"(max-
width: 800px) 100vw, 800px\"></picture>\n<p>If user is logged-in, the name of the
user and a list of blogs is shown. </p>\n<picture><img
src=\"/static/62a606d23ac2c2c96918567b8a8c7b32/5a190/5e.png\"
srcset=\"/static/62a606d23ac2c2c96918567b8a8c7b32/772e8/5e.png
200w,\n/static/62a606d23ac2c2c96918567b8a8c7b32/e17e5/5e.png
400w,\n/static/62a606d23ac2c2c96918567b8a8c7b32/5a190/5e.png
800w,\n/static/62a606d23ac2c2c96918567b8a8c7b32/c1b63/5e.png
1200w,\n/static/62a606d23ac2c2c96918567b8a8c7b32/0e904/5e.png 1384w\" sizes=\"(max-
width: 800px) 100vw, 800px\"></picture>\n<p>User details of the logged-in user do
not have to be saved to the local storage yet. </p>\n<p><strong>NB</strong> You can
implement the conditional rendering of the login form like this for example:
</p>\n<div class=\"gatsby-highlight\" data-language=\"js\"><pre class=\"language-
js\"><code class=\"language-js\"> <span class=\"token keyword\">if</span> <span
class=\"token punctuation\">(</span>user <span class=\"token operator\">===</span>
<span class=\"token keyword\">null</span><span class=\"token punctuation\">)</span>
<span class=\"token punctuation\">{</span>\n <span class=\"token
keyword\">return</span> <span class=\"token punctuation\">(</span>\n <span
class=\"token operator\">&lt;</span>div<span class=\"token operator\">></span>\n
<span class=\"token operator\">&lt;</span>h2<span class=\"token
operator\">></span>Log <span class=\"token keyword\">in</span> to application<span
class=\"token operator\">&lt;</span><span class=\"token operator\">/</span>h2<span
class=\"token operator\">></span>\n <span class=\"token
operator\">&lt;</span>form<span class=\"token operator\">></span>\n <span
class=\"token comment\">//...</span>\n <span class=\"token
operator\">&lt;</span><span class=\"token operator\">/</span>form<span
class=\"token operator\">></span>\n <span class=\"token
operator\">&lt;</span><span class=\"token operator\">/</span>div<span class=\"token
operator\">></span>\n <span class=\"token punctuation\">)</span>\n <span
class=\"token punctuation\">}</span>\n\n <span class=\"token
keyword\">return</span> <span class=\"token punctuation\">(</span>\n <span
class=\"token operator\">&lt;</span>div<span class=\"token operator\">></span>\n
<span class=\"token operator\">&lt;</span>h2<span class=\"token
operator\">></span>blogs<span class=\"token operator\">&lt;</span><span
class=\"token operator\">/</span>h2<span class=\"token operator\">></span>\n
<span class=\"token punctuation\">{</span>blogs<span class=\"token
punctuation\">.</span><span class=\"token function\">map</span><span class=\"token
punctuation\">(</span><span class=\"token parameter\">blog</span> <span
class=\"token operator\">=></span>\n <span class=\"token
operator\">&lt;</span>Blog key<span class=\"token operator\">=</span><span
class=\"token punctuation\">{</span>blog<span class=\"token
punctuation\">.</span>id<span class=\"token punctuation\">}</span> blog<span
class=\"token operator\">=</span><span class=\"token
punctuation\">{</span>blog<span class=\"token punctuation\">}</span> <span
class=\"token operator\">/</span><span class=\"token operator\">></span>\n
<span class=\"token punctuation\">)</span><span class=\"token
punctuation\">}</span>\n <span class=\"token operator\">&lt;</span><span
class=\"token operator\">/</span>div<span class=\"token operator\">></span>\n
<span class=\"token punctuation\">)</span>\n<span class=\"token
punctuation\">}</span></code></pre></div>\n<h4>5.2: bloglist frontend,
step2</h4>\n<p>Make the login 'permanent' by using the local storage. Also
implement a way to log out. </p>\n<picture><img
src=\"/static/fa111e6eccf20340b5258c12553d2ea6/5a190/6e.png\"
srcset=\"/static/fa111e6eccf20340b5258c12553d2ea6/772e8/6e.png
200w,\n/static/fa111e6eccf20340b5258c12553d2ea6/e17e5/6e.png
400w,\n/static/fa111e6eccf20340b5258c12553d2ea6/5a190/6e.png
800w,\n/static/fa111e6eccf20340b5258c12553d2ea6/c1b63/6e.png
1200w,\n/static/fa111e6eccf20340b5258c12553d2ea6/d0c2f/6e.png 1362w\" sizes=\"(max-
width: 800px) 100vw, 800px\"></picture>\n<p>Ensure the browser does not remember
the details of the user after logging out. </p>\n<h4>5.3: bloglist frontend,
step3</h4>\n<p>Expand your application to allow a logged-in user to add new blogs:
</p>\n<picture><img src=\"/static/b9f4cf7f481e4f1358be610031afe219/5a190/7e.png\"
srcset=\"/static/b9f4cf7f481e4f1358be610031afe219/772e8/7e.png
200w,\n/static/b9f4cf7f481e4f1358be610031afe219/e17e5/7e.png
400w,\n/static/b9f4cf7f481e4f1358be610031afe219/5a190/7e.png
800w,\n/static/b9f4cf7f481e4f1358be610031afe219/c1b63/7e.png
1200w,\n/static/b9f4cf7f481e4f1358be610031afe219/b1584/7e.png 1342w\" sizes=\"(max-
width: 800px) 100vw, 800px\"></picture>\n<h4>5.4*: bloglist frontend,
step4</h4>\n<p>Implement notifications which inform the user about successful and
unsuccessful operations at the top of the page. For example, when a new blog is
added, the following notification can be shown: </p>\n<picture><img
src=\"/static/58838a80180d9d94fb4bc3673a8a67c0/5a190/8e.png\"
srcset=\"/static/58838a80180d9d94fb4bc3673a8a67c0/772e8/8e.png
200w,\n/static/58838a80180d9d94fb4bc3673a8a67c0/e17e5/8e.png
400w,\n/static/58838a80180d9d94fb4bc3673a8a67c0/5a190/8e.png
800w,\n/static/58838a80180d9d94fb4bc3673a8a67c0/c1b63/8e.png
1200w,\n/static/58838a80180d9d94fb4bc3673a8a67c0/8b640/8e.png 1454w\" sizes=\"(max-
width: 800px) 100vw, 800px\"></picture>\n<p>Failed login can show the following
notification: </p>\n<picture><img
src=\"/static/5f30f6f454735133b39d706a3fa7f9c1/5a190/9e.png\"
srcset=\"/static/5f30f6f454735133b39d706a3fa7f9c1/772e8/9e.png
200w,\n/static/5f30f6f454735133b39d706a3fa7f9c1/e17e5/9e.png
400w,\n/static/5f30f6f454735133b39d706a3fa7f9c1/5a190/9e.png
800w,\n/static/5f30f6f454735133b39d706a3fa7f9c1/c1b63/9e.png
1200w,\n/static/5f30f6f454735133b39d706a3fa7f9c1/21b4d/9e.png 1280w\" sizes=\"(max-
width: 800px) 100vw, 800px\"></picture>\n<p>The notifications must be visible for a
few seconds. It is not compulsory to add colors. </p>\n</div>\n<div
class=\"content\">\n<h3>A note on using local storage</h3>\n<p>At the <a
href=\"/en/part4/token_authentication#problems-of-token-based-
authentication\">end</a> of the last part we mentioned that the challenge of the
token based authentication is how to cope with the situation when the API access of
the token holder to the API needs to be revoked.</p>\n<p>There are two solutions to
the problem. The first one is to limit the validity period of a token. This forces
the user to relogin to the app once the token has expired. The other approach is to
save the validity information of each token to the backend database. This solution
is often called a <i>server side session</i>.</p>\n<p>No matter how the validity of
tokens is checked and ensured, saving a token in the local storage might contain a
security risk if the application has a security vulnerability that allows <a
href=\"https://owasp.org/www-community/attacks/xss/\">Cross Site Scripting
(XSS)</a> attacks. A XSS attack is possible if the application would allow a user
to inject arbitrary JavaScript code (e.g. using a form) that the app would then
execute. When using React in a sensible manner it should not be possible since <a
href=\"https://reactjs.org/docs/introducing-jsx.html#jsx-prevents-injection-
attacks\">React sanitizes</a> all text that it renders, meaning that it is not
executing the rendered content as JavaScript.</p>\n<p>If one wants to play safe,
the best option is to not store a token to the local storage. This might be an
option in situations where leaking a token might have tragic
consequences.</p>\n<p>It has been suggested that the identity of a signed in user
should be saved as <a href=\"https://developer.mozilla.org/en-
US/docs/Web/HTTP/Cookies#restrict_access_to_cookies\">httpOnly cookies</a>, so that
JavaScript code could not have any access to the token. The drawback of this
solution is that it would make implementing SPA-applications a bit more complex.
One would need at least to implement a separate page for logging
in.</p>\n<p>However it is good to notice that even the use of a httpOnly cookies
does not guarantee anything. It has even been suggested that httpOnly cookies are
<a href=\"https://academind.com/tutorials/localstorage-vs-cookies-xss/\">not any
safer than</a> the use of local storage. </p>\n<p>So no matter the used solution
the most important thing is to <a
href=\"https://cheatsheetseries.owasp.org/cheatsheets/DOM_based_XSS_Prevention_Chea
t_Sheet.html\">minimize the risk</a> of XSS attacks
altogether.</p>\n</div>","frontmatter":{"mainImage":
{"publicURL":"/static/b92f84fe9702a35b12f10af4588ba4c2/part-
5.svg"},"part":5,"letter":"a","lang":"en"}}},"pageContext":
{"part":5,"letter":"a","lang":"en"}}}