API Design in Node.js, v3

API Design in Node.js, v3 Sign Up with JWT Solution

Topics:
Scott Moss
Scott Moss
Initialized

This course has been updated! We now recommend you take the API Design in Node.js, v4 course.

Check out a free preview of the full API Design in Node.js, v3 course:
The "Sign Up with JWT Solution" Lesson is part of the full, API Design in Node.js, v3 course featured in this preview video. Here's what you'd learn in this lesson:

Scott live codes the solution to the tests where an email and password are required, and creates new user that a token is sent from.

Get Unlimited Access Now

Transcript from the "Sign Up with JWT Solution" Lesson

[00:00:00]
>> Scott Moss: Okay, so I'm gonna start with signup. So for signup I know there's gonna be a email and password, or I'm requiring an email and password to be on the request.body. The client should send it. And then I need to create a new user for that. So if we go look at a user model, which is already created for you, there's a few things that a user absolutely needs.

[00:00:22] It needs an email to be unique. It needs a password, and it has this settings object that has some required stuff on it. And they all have defaults, so all those should be good for us. So all we really need is the email and the password. And like I said, the passwords are already gonna be hashed for you and saved.

[00:00:39] So we're not saving passwords in plaintext. And we should be good here. So I'm gonna go ahead and do that signup. So I'm gonna say const user = await User.create(rec.body)
>> Scott Moss: That's it, that should create a user. The problem is, because a user has validations on it as a unique email, this creation might fail.

[00:01:10] So because it might fail, you probably wanna do a try catch, or do promises, or whatever you wanna do, but you should definitely handle that. Because if it fails that means somebody already has this email. All right, if somebody already has this email then you can't sign up.

[00:01:25] So we wanna do something like, first let's just log the error so we can see that it is that error.
>> Scott Moss: And then what we'll do is, we'll say, return res.status
>> Scott Moss: (400).end() ,you can't use that. So that's one thing. So we got the user here. The next thing we wanna do is, so now that we have a user, if it is successful, we want to create a token.

[00:01:59] So let's say const token = newToken. And that just takes in the user object. So we just pass in user like that. So we'll pass in the user object, that should give us a token. And from there we'll just say res.send( token ).
>> Scott Moss: So this may or may not pass all the tests, so we'll run the tests to see what else we're missing here, and we'll go from there.

[00:02:26] So let's run these tests.
>> Speaker 2: What's the difference between .send and .end?
>> Scott Moss: .send sends back some data, .end just ends it without sending anything. That's it. It's the same thing if you did .send with nothing.
>> Scott Moss: End is just explicitly ending the request and stopping it. .send also stops the request with a message.

[00:02:56]
>> Scott Moss: So if we look at that test here for signup, looks like we're still failing, so it requires an email and password. Creates user and sends new token from user. So it requires an email and password. So if I go and look at that test, then I'm guessing that test is testing something that, it's mocking out the email and password to be like, no.

[00:03:20] And it's saying that it should test for that. So if I go look, yep, there's no email and password on that request body and it's expecting it to be a 400 because of it. So I need to test for that. So I need to come here and say, if 0 req.body.email, or if 0 req.body.password, because you need both.

[00:03:49] Then I'm gonna go ahead and I'm not even gonna send this to the database. I'm just gonna go ahead and say, get out of here. Like, you can't do that. And it's looking like it expects some message property here on .send instead of .end. So I'm gonna do a .send here with a message property of Email and password required.

[00:04:23]
>> Scott Moss: So we'll run a test for that.
>> Scott Moss: And if we scroll up here, we're gonna see that passes the requires email and password. And then the next one says, creates user and sends new token from user. So if we look at the test.
>> Scott Moss: It's expecting a .send here, and it's expecting the email to be on, it's expecting the email to be the same as the user that was created by the user ID.

[00:05:05] So if I go here to,
>> Scott Moss: Sorry, signup here. Basically, what it's trying to, actually, let me see, user.email verify token results.
>> Scott Moss: .send.
>> Scott Moss: Start.
>> Scott Moss: Status, so I've gotta do a status here.
>> Scott Moss: Status of 201 for a successful post, .send. There we go.
>> Scott Moss: Okay, so we got res.status.

[00:05:55] And then what else are we missing? Creates user and sends a token from user.
>> Speaker 2: I thought it was 401 there.
>> Scott Moss: All right, it's fine now, I guess I just, I had to put a return statement. [COUGH] So yeah, I was just missing the return statement. So yeah, that was it, just needed to put a return statement here to stop it from going further.