API Design in Node.js, v4

Creating Users

Scott Moss

Scott Moss

Superfilter AI
API Design in Node.js, v4

Check out a free preview of the full API Design in Node.js, v4 course

The "Creating Users" Lesson is part of the full, API Design in Node.js, v4 course featured in this preview video. Here's what you'd learn in this lesson:

Scott implements the createNewUser function, which hashes the password and creates and new user record in the database for that username and hash combination. The function also creates a JWT and returns the token.


Transcript from the "Creating Users" Lesson

>> Now what we wanna do, is we want to move on and we want to create some handlers for our users. So the first thing we need to do is create a folder for handlers inside of the source. And then we'll make one for user Ts and that's where we're gonna put our handlers for our user, so let's do that.

Source, new folder, handlers and inside of their user.ts. Now we're actually gonna start using the Prisma SDK or M thing that we installed a while ago, we're gonna use it. But before that I wanna make another helper file, so we don't have to keep creating a new Prisma client every time we wanna use.

I'm just gonna make it once in one file and import that file wherever we want. So I'm just gonna make a new file on source I'm going to call it db.ts. And it's going to import. So import from @prisma/client like that and I think we wanna import, what is it Prisma?

Maybe it's just client. Why am I why do I have a stringer? Maybe it's just clients. Actually, what is it? Let's see, it's like that I knew something weird, okay all caps stuff always gets me. So we're gonna import it like this, we're just gonna D structure PrismaClient capital P capital C, D structure or named import, that's technically what that's called.

And then I'm just gonna make a new client const I'll just call it prisma = new PrismaClient like that, no options. And I'll just say exports default prisma. I'm doing this in this file, so I had to do this everywhere I need it, I had it at once.

And you could put that db file wherever you want I'm just putting on a source. I guess more appropriately, it would make sense to put it in a modules folder of like DVS is so important that it should just be on the root with the rest of the root stuff.

Cuz it's just that important but you don't have to you can put it wherever you want. Okay, now going back into users, I can import prisma from db like that. Okay, everybody follow me so far? And then now what I wanna do is I wanna create a function that allows me to create a user, and we'll also make a function that allows me to like sign in, so let's do that.

So to create a user, this is going to be a handler for a route, handlers have a request. They have a response, so I'm gonna say exports, oops. Const createNew User = a function that has a request and a response as an object. Because all handlers do, this is gonna be async cuz we have to do some database stuff.

All database queries are always async because talking to a disc is asynchronous, just like talking to a network is asynchronous. The protocol in which a disc operates on is asynchronous and most databases are server too. Which means not only are you talking to a disk, you're talking to a network that's talking to the disk.

So you have service database, you're talking to the network that's talking to the network that's talking to the disk. So all that's asynchronous, so it's not like querying an array in memory. All right so let us create a new user, so what does a user need to be created?

Well we can do this so you can say const user equals a weight, prisma dot and when you hit dot you can see that it already knows about a user. Because this Prisma SDK is aware of all the models that we already created, and we created one called user, so it's aware of it.

So, I can say user.create, I can call that, I can get an object and I can give it a data property which is an object. So, like that and then, you can see this data properties lighting up. This is like a you need to pass some stuff to create a user that you're not passing so yeah this isn't right.

So I know that a user has a username and you can see I start typing it fills it out for me. It's like yeah, you just have a username, cool. But where do I get this username from? Where
>> Whatever we have received the token DWT token claims

>> So for create new user, there is no token necessary cuz this is gonna issue with the token. Yeah, but where do I get the username from?
>> Chats suggesting the request.object, request.body, request.user.
>> Yes, request.body, so create new user is going to be a post request and because we're creating something, so it's a post.

Most POST requests send something to the server, typically that's attached to something called the body. So as the author of the server, we're saying you client must send us something called username attached to the body. Otherwise this isn't gonna work and we're saying that by writing the code for it we're assuming that so it's like username is gonna be req dot body dot username Okay, what about the password, where does that come from?

It's not a trick question.
>> Same place request dot body dot password.
>> Exactly, request dot body dot password, yeah but wait we don't wanna store a plain text, password, right? We almost fell into that trap that's not what we wanna do. So what we wanna do instead is we wanna use our hash password function that we had, so hash password takes in that but it's asynchronous so I'm gonna await it.

But you didn't know you can await like that on the property? Yeah, you can that's pretty cool, and you probably shouldn't, but we're gonna handle errors later, so it doesn't matter. Okay, so now we have username, we have our hashPassword. This satisfies all the requests of creating a user, I know that because it's not complaining at me, and I can just check myself.

I know look at the schema and what are the required fields here that don't have defaults? ID has a default is required, created at has a default is required, username is required but doesn't have a default, so I gotta pass that. Password is also required, there's no question mark here, and it doesn't have a default, so I have to pass that.

Products, there's no question mark on it, but it's an array type, so that means it's an empty array, which is fine, it can be an empty array. So that means I have to pass in these two so that's how I know I'm good. These get defaulted and this one is just an empty array with nothing in it so that's how you know, so cool we got that we got our user.

Now we can create a token so I can say token equals create, JWT and I could pass on our user and now I could to say res.json, I'll say token, I'll just say token, there you go you're gonna get back a token. And me doing this shortcut like this, if you haven't seen this before, this is the equivalent of the same token token.

But that's so redundant, I'm just gonna write it once.

Learn Straight from the Experts Who Shape the Modern Web

  • In-depth Courses
  • Industry Leading Experts
  • Learning Paths
  • Live Interactive Workshops
Get Unlimited Access Now