Tips Posts
[Best-Practices] Securing NodeJS Express APIs with JWT Authentication and custom AuthorizationNodeJS
![[Best-Practices] Securing NodeJS Express APIs with JWT Authentication and custom Authorization](https://d37y9b4kfek2hl.cloudfront.net/blog/images/posts/231/best-practices-securing-nodejs-express-apis-with-jwt-authentication-and-custom-authorization.gif)
[Best-Practices] Securing NodeJS Express APIs with JWT Authentication and custom AuthorizationNodeJS
Overview
A Node.js library for use as Express middleware to secure endpoints with JWTs. The implementation uses a JWT endpoint of an Authorization Server to get the keys required for verification of the token signature. There is also an example Express app that shows how to use the library.
Package: https://www.npmjs.com/package/jsonwebtoken
Using the JSON web token, we can simply authenticate each and every request on our server. As a standard / best practice, we can use JWT (JSON web token) middleware to validate all requests.
JWT Middleware
const jwt = require('jsonwebtoken')
module.exports = (expectedRole) => (req, res, next) => {
const authHeader = req.get('Authorization')
if (!authHeader) {
const error = new Error('Not authenticated.')
error.statusCode = 401
throw error
}
const token = authHeader.split(' ')[1]
if (!token) {
const error = new Error('Not authenticated.')
error.statusCode = 401
throw error
}
let decodedToken
try {
decodedToken = jwt.verify(token, process.env.SECRET_KEY)
} catch (error) {
error.statusCode = 401
throw error
}
if (!decodedToken) {
const error = new Error('Not authenticated.')
error.statusCode = 401
throw error
}
const role = decodedToken.role
const authorised = expectedRole.includes(role)
if (!authorised) {
const error = new Error('Not authorised.')
error.statusCode = 401
throw error
}
req.user = decodedToken
next()
}
This middleware has been prepared and exported. Therefore, we need to include it in our routes file and pass it to the expected role, so in our JWT middleware, we will validate the request with the JWT token, then verify that the user has access to an expected role (this role saved in the database) to this endpoint.
Routes File
const express = require('express')
const router = express.Router()
const auth = require('./auth/index')
const admin = require('./admin/index')
const common = require('./common/index')
const authorize = require('../middleware/jwtAuth')
router.use('/auth', auth)
router.use('/admin', authorize(['admin']), admin)
router.use('/common', authorize(['admin', 'user']), common)
module.exports = router
Now that we have set up our authentication and authorization middleware in our routes, we are passing the required role to access these routes. These roles will be checked against our user role.
Our middleware simply next() the request if the user has a valid JWT token and is authorized to access this route, otherwise, it will throw the global error that is caught by the express global error handler.
How to Get Leads from LinkedInSales

How to Get Leads from LinkedInSales
Add connections to your network
If you spend a minute or more each workday clicking the "Connect" button on the "People You May Know" list that LinkedIn posts in your feed, you'll expand your network, and you'll be known as a network expander. will, which is equally important.
Remember: Everyone you talk to about business or meet during a business day is a potential LinkedIn connection.
Build your lead list
Spend five minutes a day checking your contacts' connections to see who you don't know personally but would like to meet. Note down who you want to introduce. Start with the "recommendations" first, as those are likely the strongest connections of the LinkedIn user you're looking at.
Ask for recommendations outside of your LinkedIn account via email or phone. You will get a quick reply. (And you'll get a chance to quickly reconnect with your connections.)
Follow up with your current customers and prospects
Spend another two minutes each day searching for your current clients and top prospects. Find out if they have a company page. If they do, follow through and monitor.
Join groups
LinkedIn lets you connect with people who are in groups with you. Use this as a targeted way to add value to others, share insights, and build your network with prospects. Invest five minutes in this every day.
Use LinkedIn to celebrate the achievements of others
When you see a news story or post that provides good news about your client or prospect or any key contact, share the news as a status update. Identify a person with an "@" reply. It will ensure that they receive the mentioned notification. Spend a minute a day on this.
Write a recommendation
Securing LinkedIn recommendations is often difficult, if only because it takes time for the author to log in, write, and post.
Instead of waiting for someone to recommend you, take five minutes a day to write and post (reality-based) recommendations for your customers and key contacts. Once your contact approves the text, the recommendation will appear on his/her LinkedIn account.
How to write an email to a potential clientSales

How to write an email to a potential clientSales
Reaching sales prospects over email is an opportunity to sell and develop a working relationship with a new client.
Write a subject line
The first step in writing a strong email to a prospect is to consider the subject line. The first thing a potential client will see in an email is the subject line, so it's important that it persuades the recipient to open the email. Here are some strategies you can use to write a compelling subject line:
Here's what you should do if you want to write good email subject lines:
- Use personalization.
- Ask an engaging question.
- Use concise and action-oriented language.
- Take advantage of scarcity and exclusivity.
Give information about yourself.
You will more likely gain traction if they already know, like, and trust you. But everyone has to start somewhere, right?
If they've never received a communication from you, tell them a little about yourself in a way that feels warm and authentic. You must convey who you are and why they should listen to you. At the same time, it's essential to make it about them. For example, your email sales introduction could look something like this:
"My name is [name], and I'm contacting you because..."
Close the email with a salutation
You can include a closing salutation that matches the level of formality you used to open the email. Here are a few examples of closing salutations for professional emails:
- Thank You
- Best wishes
- Regards
- Looking forward to hearing from you
- Sincerely
Difference between Eager Loading and Lazy LoadingLaravel

Difference between Eager Loading and Lazy LoadingLaravel
We often listen to the words "Eager Loading" & "Lazy Loading" in Laravel. but maybe some of how still don't know what that actually stands for.
What Lazy Loading means?
I worked with many projects that is developed by some other developers and the common problems in code I found us Lazy Loading queries everywhere.
To understand it more easily let's take one simple example.
Let's say There is Post
model and Comments
Model.
So basically post->hasMany('comments')
So let's say we are fetching 10 posts and now we want the comments of each post. what we will do is :
$post->comments()->get()
(LAZY LOADING)
Lazy loading cause N+1 queries issues as every time we are fetching comments of each post and it will block the execution too for while as its queries from the DB.
What Eager Loading means?
Eager loading is very useful when we are working with large-scale projects. it saves lot's of execution time and even DB queries too :)
Let's take the above example to understand the Eager loading.
$posts = Post::with('comments')->get()
$post->comments
(EAGER LOADING)
here when we retrieve the posts at that time we are fetching its comments too on the same query. so when we do $post->comments
it will not again do query into DB or not even block execution as the comments are already there in model instance.
So this is how Eager loading saves your time and also prevents N+1 Query.
Hope that helps.
Top Laravel packages that you need in 2022Laravel

Top Laravel packages that you need in 2022Laravel
What is Laravel?
Laravel is the most popular PHP framework right now to develop web applications, it offers a very easy environment and services for developers.
In this blog, we are going to know about the packages that we must have to use while developing any laravel application.
Best Laravel Packages
Here we are going to see some best and top laravel packages that will help you to optimize your application performance and it's also very useful while doing the development.
IDE Helper
Github: https://github.com/barryvdh/laravel-ide-helper
It's a very helpful package and saves lots of time for the developer.
It will generate the helper file which enables our IDE to provide accurate autocompletion while doing the development.
Laravel Debugbar
Github : https://github.com/barryvdh/laravel-debugbar
This is very helpful when we have to check the page performance, in sense of how many queries are firing on the specific page? , how many models are loading? etc.
We can show the total processing time of the page, and the query results time too. by using that results we can do some refactor to our code and make our application more optimized.
Spatie Medialibrary
Github : https://github.com/spatie/laravel-medialibrary
This package is very useful when we are doing file uploads. also, it allows us to upload files to the s3 (AWS) very easily by changing just the file system driver.
The main functionality it has is it allows us to associate files with the Eloquent models.
Spatie Role Permission
Github : https://github.com/spatie/laravel-permission
It's 2022 and still, lots of developers are using the custom roles/permissions management. they even didn't familiar that this package have capabilities to manage each role/permissions management with a specific Eloquent model too.
We can assign roles or permissions to the user model or even any model. later we can check it via the middleware that this package is providing.
Ziggy
Github : https://github.com/tighten/ziggy
Before using this package you must need to implement the named routes into your laravel application.
Normally people can just provide a hardcoded URL into the JS file while doing the AJAX calls. But with this package, you can use the route we are using in blade files.
This allows us to use the route()
helper method in the JS files.
How to Make Sales and Marketing Meetings More Effective and ImpactfulSales

How to Make Sales and Marketing Meetings More Effective and ImpactfulSales
When done effectively, regular sales meetings are crucial to your team's success. In addition to sharing important updates and enabling group discussions, they can also help motivate your sales team.
What was supposed to be a way to make your team more successful turns into another series of updates. Before you know it, your sales representatives are starting to get scared by taking time out of their days to attend.
Establish expectations
When it comes to meetings that involve a lot of people, it is good to set some basic rules in advance. If your sales meetings are going overtime, you might want to consider addressing expectations. To save time and make sure you don't get sidetracked, you can:
- Make sure participants know they should be prepared
- All participants are required to participate
- Control the time spent on discussion topics
Set a goal
The tradition of having a sales meeting once a week is not enough reason to hold a meeting. Yes, you want to block time in your calendar so that your sales team can get together, but it's okay to leave it.
At the end of the day, meetings without a specific purpose seem meaningless and just turn into another calendar entry. What’s worse, they can negatively affect your team’s performance for the rest of the day.
Review the results before the sales meeting
Depending on the size of your team, it may take time to review their results. That’s why your best bet is that they deliver the data before the meeting. The most comprehensive way to do this is to have a live document that they can update in advance.
Make your sales meetings exciting
Just because it’s a sales meeting, doesn’t mean it needs all the data and is no fun. Don’t forget that your team will pick up your energy. In other words, if you treat the meeting as a task, your team will not be more excited than you.
Now, that doesn’t mean you should bring out balloons and colorful wigs. It's just as easy to set the right tone from the start - and the best way to do that is to give credit where it's left.
Maintain consistency
Maintain consistency It is helpful to have a meeting at the same time every week so that your sales representatives get into the habit of blocking the same time on a weekly basis.
This will improve attendance, as your team will always know not to book more of that time unless absolutely necessary. If your team only has experienced salespeople, you can scale your sales meeting back and forth to give them more time to close deals.
How to Generate Organic Leads from Your WebsiteSales

How to Generate Organic Leads from Your WebsiteSales
What are Organic Leads?
Organic leads are your potential customers and customers who search for your company by searching for a specific product, service, or query in a search engine like Google.
In this article, we are going to discuss effective strategies for generating leads organically.
Optimize your website for search engines
Search engine optimization is a tried and tested method of generating organic leads. It may take a while for your website to get on the top pages of Google, but once it gets there, most of your problems will be solved. You can either DIY your search engine optimization campaign, or you can hire a professional to do it for you.
Optimize your website for your target audience
The main rule of generating leads for any business is to give visitors what they want. Of course, this is your website, and you want to design it the way you want it.
But you should not forget that it is the interest of the target audience that will help you get it and drive it.
Enter keywords and phrases in the website content
The best way to insert keywords into your website content is to do it naturally. Your site may be penalized if you try to insert too many keywords into your website content.
Research and survey your products/services. Try to figure out which content works best for them.
Start an active email marketing campaign
Grow your email list and give your email subscribers some extra benefits to stay loyal to your brand. Email marketing will help you learn more about your potential customers on an individual level. It boosts the confidence factor and helps you get more potential organically.
Occasionally share advice, brand videos, and newsletters, and interact with your followers. Ask them for their opinion on your new products/services and give them access to services they would not otherwise have. There are numerous ways to increase your email subscriber list.
Add forms to the pages that get the most traffic.
It is important to benchmark your current position in lead generation before you begin so that you can track your success and determine the areas where you need the most improvement. Some of your pages can create excellent lead generators and you may not even realize it.
How to Increase Customer Retention RatesSales

How to Increase Customer Retention RatesSales
Customer retention is the process of attracting repeat customers and preventing them from moving toward competitors. It is an important aspect of business strategy, and it can help businesses gain a competitive advantage.
The following ways to increase customer retention apply to virtually any type of business
Deliver more than you promised
The next step in the process is to deliver more than you promised - which means going beyond and beyond the call of duty and delivering to your customers the things they didn't expect. For example, you could offer a free bonus (such as a product, discount, or value-added) out of the blue, or anticipate a new customer's need and actively address it.
Meet your customers wherever they are
When you really understand your customers - that is, you know who they are, what they want from you, what their challenges are, and where they spend their time - you will reach them wherever they are. You can create the type of content they want and want (eg blog, video, social media) and then share it wherever they are (eg various websites, media channels, social platforms, etc.).
Good values build good relationships
Your company values are important to you. It should reflect your business processes, the quality of your products, and how you treat your customers. These things should make your values clear to your customers, but reminding them occasionally doesn't hurt.
Trust is the good relationship
Creating a brand that is easily relevant is the first step in building trust with your customers. Having something in common parental trust is the key to building a successful business, through a strong relationship and expansion.
Accept feedback
You never know what your customers really want until you ask. Take regular surveys and request feedback from all your customers. You never know what is missing in you - and what areas need improvement.
Follow up with your existing customers
High touch is the key to retaining the customer. The only unusual thing about personal follow-up is how little companies do it. Getting referrals from happy customers is easier than finding and converting a new business.