This course has been updated! We now recommend you take the API Design in Node.js, v4 course.
Table of Contents
Introduction
Introduction
Scott introduces the course, where to find the repo, and gives several options for databases to use.
API
Scott defines an Application Programming Interface, and the basics of what it does.
REST
Scott introduces the most popular design pattern that allows applications to describe what action they're performing.
Node.js for APIs
Scott discusses which types are APIs are best when using Node.js.
Express
Scott introduces the most popular framework for building APIs in Node.js.
MongoDB
Scott introduces the most popular non-relational document store, and his go-to due to how easy it is to work with it.
Code Repo Tour
Scott walks through the package.json, the Babel configuration, and gives an overview of what the course repository contains.
Express
Setup Code & Express
Scott introduces the goals for the course, as well as how it's structured. Then, a POST and a GET request are live-coded, and the server is started.
Using Insomnia
Scott demonstrates how to use Insomnia, a GUI tool, to make requests to an API.
Setting Up Express Routes
Scott demonstrates how to create GET request routes and respond with JSON.
Routing & Middleware
Scott defines middleware, and explains that it allows the user to modify the request in-flight and add things like logging and authentication to routes at a higher level.
Custom Middleware
Scott codes some middleware, and demonstrates how to pass the middleware to the controllers through the use of the next() method.
REST Routes with Express
Scott demonstrates how to pass in an exact match, a regular expression (regex) match, a parameter match, or a glob match to your REST routes using Express routing.
Route Order
Scott demonstrates how Express will respond with multiple route definitions that match the route of the request.
Router & Sub Routes
Scott uses Express Router to create a sub route.
Router Verb Methods
Scott demonstrates how to use the router route combined with verb method functions to respond to multiple verbs on one route.
Router & Sub Routes Exercise
Students are instructed to create routes and sub routes such that the tests pass in the exercise.
Router & Sub Routes Solution
Scott livecodes the solution to the exercise.
Data Modeling
Data Modeling with MongoDB
Scott discusses why it's important to introduce Schemas to the schemaless database.
Transitioning from Schemas to Models
Scott explains how Schemas relate to models.
Mongoose Schema Exercise
Students are instructed to write a Schema that ensures that all tests in the suite pass.
Mongoose Schema Solution
Scott live codes the solution to the exercise, and fields questions from students.
Controllers & Models
Controllers & Models Overview
Scott discusses how controllers fit into the API landscape.
Express Response Object
Scott discusses the usage of the response object.
Refactoring CRUD Routes with Models
Scott discusses how models can be used to refactor CRUD to ensure DRY principles are being followed.
Creating a Document
Scott creates a model that fulfills the "create" aspect of CRUD.
Read, Update & Delete Documents
Scott covers the other letters of CRUD, and live codes examples of how to find and update models.
CRUD Controller Design Overview
Scott gives background on controller design, and pseudocodes route combinations in preparation for the next exercise.
CRUD Controller Exercise
Students are instructed to hook the routes to the models in order to perform CRUD on the models based on the routes and verbs.
Read Documents Solution
Scott live codes the solution to the tests where an authenticated user and id must be returned, and a 404 error must result if no document is found.
Read Many Documents Solution
Scott live codes the solution to the test where an array of documents, and an authenticated user is found.
Create a Document Solution
Scott live codes the solution to the tests where a document is created by an authenticated user.
Update & Delete a Document Solution
Scott live codes the solution to the tests where an authenticated user and id must be found to update, and a 400 error must result if no document is found. The first document by a specified authenticated user and id must also be removed, and a 400 error must result if no document is found.
Wiring Up CRUD Controllers Solution
Scott live codes the solution to the test where it checks for CRUD controllers.
Auth
Authentication in APIs Overview
Scott gives an overview of what authentication, or "auth" means when talking in the context of APIs.
JSON Web Token Authentication
Scott introduces JSON Web Tokens, or JWTs, as a method to secure an API.
JSON Web Token Module
Scott explains the code already written to allow a new token to be created and verified by the jsonwebtoken npm package.
Secure An API with JWTs Exercise
Students are instructed to create signup and signin controllers, and a protect middleware to lockdown API routes.
Sign Up with JWT Solution
Scott live codes the solution to the tests where an email and password are required, and creates new user that a token is sent from.
Sign In with JWT Solution
Scott live codes the solution to the tests where an email and password are required, the user must be real, the passwords must match, and a new token is created.
Protect Routes with JWT Solution
Scott live codes the solution to the tests where it looks for the Bearer token in the headers, the token must have the correct prefix, it must be a real user, and finds the user form token and passes it on.
