Scott Moss
CEO of Tipe
Scott Moss & FrontEnd Masters
tldr; a server that creates an HTTP interface for interacting with some data
tldr; most populare API design pattern, but is not the silver bullet. Very blurry.
tldr; build for high concurrent APIs that are not CPU intensive
tldr; the standard API framework for Node.js
tldr; the go-to non-relational DB, works like a dream in Node.js
In this lesson you'll be creating a simple Express based API in node, just to get your feet wet.
tldr; list of functions that execute, in order, before your controllers
tldr; Express was designed with REST in mind and has all you need
✅ check out to lesson-2 branch
✅ create a router for the Item resource
✅ create full crud routes and create placeholder controllers
✅ mount router on the root server
✅ ensure all tests pass by running test command
This exercise will have you creating routes and sub routers for our soon the be DB resources using Express routing and routers
tldr; You should always use a Schema for models, and mongoose makes it easy
tldr; Schemas are the instructions for the models.
✅ checkout to lesson-3 branch
✅ create a schema for the item resource
✅ add the correct fields (look at test)
✅ add the correct validations (look at test)
✅ extra add a compound index to ensure all tasks in a list have unique names
✅ ensure all tests pass by running test command
In this exercise, you'll be taking what you learned about Mongoose and MongoDB to create a schema and model for the Item resource.
tldr; Controllers are just middleware but with the intent on returning some data.
tldr; Mongoose models work very nicely with CRUD
✅ create generic CRUD resolvers
✅ create controllers for the Item resources using the base crud resolvers
✅ ensure all tests pass by running test command
So far we have routes and models. Now we need to hook our routes up to our models so we can perform CRUD on the models based on the routes + verbs. That's exactly what controllers do.
tldr; You can never truly protect an API, but requiring authentication makes it a bit safer
tldr; tokens passed every request to check auth on the server
✅ checkout to lesson-5 branch
✅ create a signup controller
✅ create a signin controller
✅ create a protect middleware to lock down API routes
✅ ensure all tests pass by running test command
In this exercise you'll be locking down our API using JWT's.
By Scott Moss