Working through Academind's Building a RESTful with Node.js lessons.

My personal quick and dirty notes from each lesson.

• Lessons 1-5 (initial files, paths, etc.), initial-set-up
• Lessons 5-9 (MongoDB + Mongoose), adding-databases

Traditional Web App

• Client makes a request to a server.
• That server returns HTML, JS, etc.

RESTful API

• Send data back and forth - not HTML.
• Needed for mobile apps, headless app, etc.
• For single-page-app, only need HTML for the first request, then just data for all subsequent requests. Using JS/Angular to re-render the page.

Official Constrains of a RESTful API

• Stateless
  • Just process requests. Functional logic.
• Layered System
  • Like how I’m planning my Twitter app. The backend will accepts requests from the mobile app, then pull the tweets from Twitter themselves, then process and deliver them to the mobile app.
• Uniform State
  • Comparable to the domain layer I have in my apps.
  • Data stored in an database, for an example, is given to the client is a uniform way - separate from how it is actually being stored.

• Run npm init in the newly created dir - so NPM can manage its packages
• Then git init for Git, duh.

Installing starting dependencies

• npm install —save express
• The —save creates an entry in the package.json file
• Express is a networking framework for NodeJS.

package-lock.json

• Describes the dependency tree - thus, should be committed.

server.js

• This is the config file of the server.
• It specifies what port will be listened to, the middleware, etc.

app.js

• This declares the middleware.
• Where request will be routed.

Modules and exporting them

• Appears to be similar to libraries, or extension functions in Kotlin.
• When I typed const express = required(‘express’) I’m creating a variable for the Express package.
• With modules.exports = app, I am enabling other files to access the app.js module/file.

Node.js notes

• Equality operator (==) VS Strict Equality operator (===)
  • The former attempts to covert and compare each argument.
  • The latter compares as is.

Specifying routes in their own js files

• Each js file is "imported" (not sure what to call it yet) in app.js (the middleware) and then tied to the app itself.

nodemod

• Will automatically reload the project when you change any file.
• Install with npm install --save-dev nodemon
  • The --save-dev will install it as a development dependency.
• After install add "start": "nodemon server.js" to the scripts block in the package.json file.
  • Since nodemon is not system wide, you cannot simply run nodemod server.js from the terminal. Adding the command to package.json ensure when you run node start it will search within the project, not the system.
  • The start command is a special script. Normally, running npm start will run npm server.js. This edit will ensure it uses nodemod.

Morgan

• Logger
• npm install --save morgan
• Since it is middleware as well, we initialize it in app.js (details notes there).

Error handling

• Declared in a similar manner as we did with Routes. Expect no path is supplied so it process any requests to undefined paths and routes that thrown an error (will be 2 separate functions).
• Detailed notes in app.js.

body-parser

• This package extracts the body of the request for access via the req.body const. It's easier to use the what Node.js has out of the box.
• npm install --save body-parser
• As with Morgan in the last lesson, it is middleware thus you need to initialize it in app.js.
• An example of it in-action can be found here.

urlencoded

• Regarding body-parser, once of the types it can parse is urlencoded.
• urlencoded is when symbols are turned into text that can safely be transmitted to an API.
• For more info, and an example, see, https://stackoverflow.com/a/47515823

CORS (Cross-Origin-Resource-Sharing)

• This is very basic permission management.
• When an app makes a request to an API, it's trying to access data that is not stored locally, thus, it needs to be determined whether or not it should have access to the date the API is storing. That is where CORS comes in.
• It's apart of the header the server returns with its response. It specifies which, if any, URLs are allowed to access it.
• Whenever a request is made to an API, a browser first sends a OPTIONS (an HTTP method) request first to check if the web page/browser has the permission to access that API.
  • With apps like Postman, the OPTIONS request is not sent at all. Thus, this is only basic permission management.
• For the tutorial's explanation, see here.
• See app.js for the implementation.