Check out a free preview of the full API Design in Node.js (using Express & Mongo) course:
The "Testing the UI" Lesson is part of the full, API Design in Node.js (using Express & Mongo) course featured in this preview video. Here's what you'd learn in this lesson:

Now that CORS has been added, Scott spends a few minutes testing the new user interface. He demonstrates the admin and sign-up functionality and explains what routes still need to be secured.

Get Unlimited Access Now

Transcript from the "Testing the UI" Lesson

[00:00:00]
>> [MUSIC]

[00:00:03]
>> Scott Moss: We'll have that running, and then the important stuff is now, if you try to go to admin, and if you aren't signed in, it'll bring up this form, like, snap, you're not signed in. So you cannot go to admin unless you're logged in. So then, let's log in with one of our, well let's try to log in with one of our scaffolded users.

[00:00:25] And see what happens. So if we go here, and I try to log in with this person. And the password is test. All right, sign in, it goes in.
>> Scott Moss: Everybody see that? It just went in. So that's great but also watch this. So now if I go back and I say user name is that password is this.

[00:01:01] And I enter it. It's like wait, nope. Not gonna authorize. All right, so that's the sign in stuff happening. That's the stuff that we all ready made. That's the thing that we just made, the verify user stuff. So that's sign in, we all ready made that. So this should work for you.

[00:01:16]
>> Scott Moss: The thing that probably not gonna work is sign up. So we go to sign up, and we sign up,
>> Scott Moss: I guess that does work, wait I have a token that's why.
>> Scott Moss: Get rid of this token.
>> Scott Moss: Or actually, did I enable that? Let me look really quick, probably forgot to take it off.

[00:01:46]
>> Scott Moss: User, user controller, and then post. Yeah, yeah I finished this one. So this should work too, I forgot, I was thinking of something else. Yeah so sign ups should totally work for you as well. But you're not really needing a sign up. But if you join me in usercontrol.js, you'll see a difference and then what is was a couple steps ago.

[00:02:09] Cuz user control.js on the post method, it used to just be, let's just create a new user and send it back. But now let's do something little different. What it's actually doing is just creating a new user based on whatever req.body is. That this is gonna return in instance of the user model Mongo, Mongoose.

[00:02:30] Actually, I don't know why that's even there, this shouldn't. This gets to happen on pre-save, so we don't even really need this here. I think I made it re-factor and forgot to get rid of it. But it won't hurt to have it, but we actually absolutely don't need it.

[00:02:42] So I'll just leave it and then save the user, which we'll call hashedPassword. But for some reason I'm doing it already. And then send the token back. So we also wanna send a token back on sign up. We already did it on sign on. Now we're doing it on sign up.

[00:02:56] And that's all we're doing here. Again, we don't need this, because the pre-hook is going to fire before this. Right, the pre-hook will fire before this. And the pre-hook does this already. Actually we don't even have something called hash password anymore, so that's like a complete re-factor yeah.

[00:03:18] I'm not even using that.
>> Scott Moss: So again, this is the sign up method. So this is the new post for user, you can no longer just create a new user resource like you could before. You actually now have to do this. Right, and that's what you just saw when I signed in.

[00:03:36] So just to demonstrate on the terminal, that's HTTP Localhost,
>> Scott Moss: 3000. Whereas before, we could say API/users and then it was like, yeah, just give your username, and it goes that. And that would create a user. Now it's like, nope, oops, that's not gonna work. You can't do that anymore.

[00:03:58] You actually have to give me a password now too. Okay.
>> Scott Moss: What does that even mean? I don't even know. Let's see what's happening. Looks like we have an error here. Cannot read property, [INAUDIBLE]
>> Scott Moss: I forgot to put a return here.
>> Scott Moss: So that should be an error.

[00:04:39]
>> Scott Moss: Let's try that.
>> Scott Moss: There we go. So now it's like cool, now I created a user.
>> Scott Moss: She gotta give me a password. Whereas before, no password it was yeah, just go ahead and create it. Nope, now it's like,
>> Scott Moss: Have to give it a password. And you get a token.

[00:05:15]
>> Scott Moss: Any questions on that?
>> Scott Moss: I have to put that return there or otherwise it broke. One return key where it broke everything. Because what happened was it called next but there was no return in front of this so it went down to this line anyway, but because there was an error there was no user.

[00:05:37] So that's why I was like can't read ID of user cuz it did call next. Which called next, but the execution in this context can see the flow down here, cuz I forgot to return, or do an else.
>> Scott Moss: And there's either an error, or a user or an absence of a user, so that's why it freaked out.

[00:05:58] Cool. So just make sure you put a return in there.