API Design in Node.js, v3
This course has been updated! We now recommend you take the API Design in Node.js, v4 course.
Table of Contents
IntroductionScott introduces the course, where to find the repo, and gives several options for databases to use.
APIScott defines an Application Programming Interface, and the basics of what it does.
RESTScott introduces the most popular design pattern that allows applications to describe what action they're performing.
Node.js for APIsScott discusses which types are APIs are best when using Node.js.
ExpressScott introduces the most popular framework for building APIs in Node.js.
MongoDBScott introduces the most popular non-relational document store, and his go-to due to how easy it is to work with it.
Code Repo TourScott walks through the package.json, the Babel configuration, and gives an overview of what the course repository contains.
Setup Code & ExpressScott introduces the goals for the course, as well as how it's structured. Then, a POST and a GET request are live-coded, and the server is started.
Using InsomniaScott demonstrates how to use Insomnia, a GUI tool, to make requests to an API.
Setting Up Express RoutesScott demonstrates how to create GET request routes and respond with JSON.
Routing & MiddlewareScott defines middleware, and explains that it allows the user to modify the request in-flight and add things like logging and authentication to routes at a higher level.
Custom MiddlewareScott codes some middleware, and demonstrates how to pass the middleware to the controllers through the use of the next() method.
REST Routes with ExpressScott demonstrates how to pass in an exact match, a regular expression (regex) match, a parameter match, or a glob match to your REST routes using Express routing.
Route OrderScott demonstrates how Express will respond with multiple route definitions that match the route of the request.
Router & Sub RoutesScott uses Express Router to create a sub route.
Router Verb MethodsScott demonstrates how to use the router route combined with verb method functions to respond to multiple verbs on one route.
Router & Sub Routes ExerciseStudents are instructed to create routes and sub routes such that the tests pass in the exercise.
Router & Sub Routes SolutionScott livecodes the solution to the exercise.
Data Modeling with MongoDBScott discusses why it's important to introduce Schemas to the schemaless database.
Transitioning from Schemas to ModelsScott explains how Schemas relate to models.
Mongoose Schema ExerciseStudents are instructed to write a Schema that ensures that all tests in the suite pass.
Mongoose Schema SolutionScott live codes the solution to the exercise, and fields questions from students.
Controllers & Models
Controllers & Models OverviewScott discusses how controllers fit into the API landscape.
Express Response ObjectScott discusses the usage of the response object.
Refactoring CRUD Routes with ModelsScott discusses how models can be used to refactor CRUD to ensure DRY principles are being followed.
Creating a DocumentScott creates a model that fulfills the "create" aspect of CRUD.
Read, Update & Delete DocumentsScott covers the other letters of CRUD, and live codes examples of how to find and update models.
CRUD Controller Design OverviewScott gives background on controller design, and pseudocodes route combinations in preparation for the next exercise.
CRUD Controller ExerciseStudents are instructed to hook the routes to the models in order to perform CRUD on the models based on the routes and verbs.
Read Documents SolutionScott live codes the solution to the tests where an authenticated user and id must be returned, and a 404 error must result if no document is found.
Read Many Documents SolutionScott live codes the solution to the test where an array of documents, and an authenticated user is found.
Create a Document SolutionScott live codes the solution to the tests where a document is created by an authenticated user.
Update & Delete a Document SolutionScott live codes the solution to the tests where an authenticated user and id must be found to update, and a 400 error must result if no document is found. The first document by a specified authenticated user and id must also be removed, and a 400 error must result if no document is found.
Wiring Up CRUD Controllers SolutionScott live codes the solution to the test where it checks for CRUD controllers.
Authentication in APIs OverviewScott gives an overview of what authentication, or "auth" means when talking in the context of APIs.
JSON Web Token AuthenticationScott introduces JSON Web Tokens, or JWTs, as a method to secure an API.
JSON Web Token ModuleScott explains the code already written to allow a new token to be created and verified by the jsonwebtoken npm package.
Secure An API with JWTs ExerciseStudents are instructed to create signup and signin controllers, and a protect middleware to lockdown API routes.
Sign Up with JWT SolutionScott live codes the solution to the tests where an email and password are required, and creates new user that a token is sent from.
Sign In with JWT SolutionScott live codes the solution to the tests where an email and password are required, the user must be real, the passwords must match, and a new token is created.
Protect Routes with JWT SolutionScott live codes the solution to the tests where it looks for the Bearer token in the headers, the token must have the correct prefix, it must be a real user, and finds the user form token and passes it on.