Exam Assignment 2

Examination 2 - Sticky Snippets

In this assignment, you will create a web application for persistent handling of programming code snippets using an application framework and an object data modeling library for MongoDB.

Requirements

The application in Node.js will use Express.js as the application framework and Mongoose as the object modeling library. The application must have full CRUD functionality regarding snippets, whereby a user must be able to create, read, update and delete snippets.

Users must be able to register themselves and must be able to login to the application after entering a user ID and a password. A user cannot register an already existing user ID as user ID is unique for the application. A user must be able to log off from the application it has already logged on to.

Anonymous users will only be able to view snippets. Authenticated users, in addition to view, must also be able to create, edit and delete own snippets. Nobody but the authenticated user should be able to create, edit and delete her/his own snippets. Because of this the application must support some basic authentication and authorization. Only use of the session store, using the express-session module, is allowed for implementation of authentication and authorization. You must not use any modules like Passport, etc., to authenticate or authorize. When writing and presenting snippets the application must support multiline text, meaning the user should be able to write real code snippet, not just a one line text string. The application should be easy to understand meaning that the users should get clear notification on what is going on in the application (eg. using flash messages)

If a user tries to access a resource which requires the user to be logged in, the application must return the status code 403 (forbidden). Of course, when necessary, the application must also return the status code 404 (not found) as well as 500 (internal error).

As far as possible, the application must be protected from vulnerable attacks. Be prepared to explain and defend your solution at the oral hearing.

As always, we have the following requirements:

  • The application should be written as a Node.js application in Javascript following the JavaScript Standard Style
  • The only command the examinator should do to run your application when cloning it from GitHub is npm install and npm start
  • You should work with GitHub and do several commits to show how your solution has been made.
  • To submit your solution and tell the examinators that you are ready you must do a release of your code on your GitHub repo otherwise will you not be able to book a time for the oral hearing.

Setup

You are free to setup your own development environment. You will need a database connection. You are free to use Docker or a connection-string to mLab (see the database connection text for more information)

Extra features [optional]

For those who wants to expand functionality in the application and get an extra plus on the assignment feel free to do that- Some examples of this could be:

  • Add support for tagging each snippet by one or more tags
  • Add support for just showing snippets thats belongs to one tag or/and one user

Deadline & examination

Wednesday 13/12 : 13:00

To be able to book a time slot for the oral examination you must make a release on Github before the above deadline. Booked time slots without a release made will be cleared without further notice.

Examination

The examination will be a oral hearing, including the theory raised to this point of the course. This means during the examination we will ask you a couple of theoretical questions. You will also defend your solution for the practical assignment. Notes will be taken on how well you answered the the theory questions and how good your application is depending on security, functionality and code quality which will be used when setting the final grade on the course. For this assignment however the grade is F (Fail) and P (Pass).

You can choose between a campus or distance exam. Reexam is Slack only!

Campus – Växjö

A few times for examination on campus will be available. Be sure to note if you booked a campus or distance/slack examination. If you booked a campus examination you will wait in the hallway of the third floor of the B-building 5 minutes before your time slot. We will call you in.

Distance – Slack

If you choose a distance exam it will take part over Slack using screen sharing, microphone and preferably a web camera. At least 10 minutes before your time slot you should go in to slack-channel for the course and write your LNU-username and your booked time. We will contact you on Slack when it is your turn.

Book time for examination

Note!

To be able to register a time slot you need to be an authenticated course participant. You need to be logged in and registered on the course.

Welcome to CoursePress

en utav Linnéuniversitets lärplattformar. Som inloggad student kan du kommunicera, hålla koll på dina kurser och mycket mer. Du som är gäst kan nå de flesta kurser och dess innehåll utan att logga in.

Läs mer lärplattformar vid Linnéuniversitetet

Student account

To log in you need a student account at Linnaeus University.

Read more about collecting your account

Log in LNU