node.js - How to delete an item in expressJS view -

i building expressjs app , want add delete icon on collection delete individual items.

i bit confused how this.

• one method thought of binding click event icon in express view , doing ajax call server when clicked.

• another method create form around icon , icon button when clicked submits form.

i not confident of 2 approaches, have thought on elegant way express way

i recommend second method because it's more easy understand @ moment.

from words understand delete button vulnerability or security hole if did in wrong way. sure it's delete button on way. easy way more secure use session variable. user can't delete unless authorized (logged in). if open session on server , give user key of session.

in session can store securely data user interact server via providing session key gave him @ login process.

at step user click button delete document guess should authorized delete document. time session key provide inform identity. decision either delete or reject request.

all of above word concept of happen in code. write 2 part 1 part login controller give user authorization. , second delete document controller.

login:

if(var user = isuser(username, password){   //open session   req.session.user_id = user._id }    

delete document controller:

if(req.session.user_id){   //if true means logged in authorized user   //you can check user_id if has privilege delete document    document.delete();//in mongoose model.remove(); 

}

this solution security in deleting document.