WebFund 2013F: Assignment 2
Please submit your answers as a single zip file called "<username>-comp2406-assign2.zip" (where username is your MyCarletonOne username). This zip file should unpack into a directory of the same name (minus the .zip extension of course). This directory should contain:
- your modified version of session-demo (one version with all code changes) and
- a text file called "answers.txt" at the top level that contains the answers to the all of the questions, with the first four lines formatted similarly to Assignment 1 ("COMP 2406 Assignment 2", your name, student number, and the date as the first four lines of the file).
For questions requiring code changes, indicate what parts of the program were changed in your answers file and made the changes directly to the code.
No other formats will be accepted. Submitting in another format will likely result in your assignment not being graded and you receiving no marks for this assignment.
This assignment has 40 points and is due on October 16th just before the midterm review.
Solutions for this assignment are available here.
Questions
Part A
The following questions are in reference to the session-demo sample node application covered in Tutorial 5.
- (2 points) What happens if you remove the line requiring the http module? The path module?
- (2 points) What is the secret used to help prevent attackers from creating their own fake session identifiers?
- (2 points) How can I change the port node listens on without changing the code?
- (2 points) The user "User" logs in to the application in two web browsers, A and B, simultaneously. "User" then logs out of browser A. After reloading /users in browser B, how many users are shown as being logged in? (Assume no other users.)
- (2 points) Does this application use client-side JavaScript? Explain briefly.
- (5 points) Modify the code so that it keeps track of how many times an individual user is logged in. Output the number of sessions for a user in the /users page beside each username in the list of logged in users. Thus if Anil is logged in twice, it should say "Anil (2 sessions)". Do not include the count if the user is only logged in once.
- (10 points) Modify the code so that sessions are authenticated (with passwords sent and stored in cleartext). Specifically:
- add a "Password" field and a "Register" button to /
- When the register button is pressed:
- If the user has not registered, store their username and password, return to /.
- If the user has registered, generate an error at the top of / similar to that when accessing /users without being logged in. The error should be "Error: User has already registered."
- When the login button is pressed:
- If the user enters the correct password let them proceed to /users as before.
- If the user enters an incorrect password or a username that isn't registered, return an error on / saying "Error: incorrect username/password". (Do not differentiate between an unregistered user and a registered user with an incorrect password.)
Part B
For the following, run node puzzle.js, listed below and included here. At the puzzle> prompt, what are the value(s) of the following expressions? (1 point each)
(Assume that the expressions are entered in to the interpreter as ordered. In other words, the earlier expressions may influence the later ones. If you get an error, report the kind of error, e.g. "reference error" or "type error".)
Note: You will be expected to answer similar questions on the midterm without the aid of a computer. So, you may want to try writing down your answers before running any code.
- p
- q
- y
- f = q
- f("Anil")
- f.g("Anil")
- f.h("Anil")
- f.g("Annie")
- f.j("y = \"boing\"")
- y
- f.j("x = \"goodbye \"")
- f.g("Michael")
- f.h("I recognize you!"); f.g("Michael");
- q.j("s.m = function(n,m,q) {x = n; a = m; b = q;}"); q.m("this", "is", "weird"); q.g("Anil");
- f.g("Anil");
Code
puzzle.js
var repl = require("repl");
y = "Yo";
var f = function(a) {
var x = "hello ";
var s = {};
s.g = function(b) {
return x + b + ", " + a;
}
s.h = function(c) {
return a = c;
}
s.j = function(x) {
return eval(x);
}
return s;
}
var p = f("do I know you?");
repl.start({
prompt: "puzzle> ",
useGlobal: true
}).context.q = p;