When I started work with Node.js and Express, I was looking for something to store my app settings. Something like env files in many PHP frameworks – central place for configuration, not stored in repository, but only for example when we run app in development or production environment. We can write custom code for that, or use some modules from npm, also directly for env files. Nuxt package also has dedicated env file module. These modules are great, but there is something much, much better – nconf.
Last time I work with Node and Vue.js. It’s very nice and allows to simplify many, many things. And it’s a lot better – for me – than React and its code mess… One of very nice features from Vue is components. We can separate code into small modules and then import and use them in another as blocks. We can also send some data to them, but direct data binding is only in one way – from parents to childs. According to official documentation, we should use events to notify parents about changes in childs and then make changes. But what about nested childs?
Yes it’s something new on this blog – not only PHP, but also Node.js and Vue.js because I work on new project and use these technologies. Many, many things are completly new for me, but some of them are not. Good example is forms security: we must prevent attackers to make CSRF attacks and use tokens. Simple to say and now, in PHP world, very simple in usage – most of frameworks, most of template systems already have build-in solutions. With Express.js and Vue.js we can use available node modules, but we must still remember about some things. This post is about how use CSRF in that connection.