View Code? Open in Web Editor
NEW
This project forked from codefellows-seattle-javascript-401d21/17-bearer-auth
17-bearer-auth's Introduction
17: Bearer Auth
- fork this repository & create a new branch for your work
- write all of your code in a directory named
lab- + <your name> e.g. lab-susan
- push to your repository
- submit a pull request to this repository
- submit a link to your PR in canvas
- write a question and observation on canvas
- students will be able to create bearer authentication middleware
- students will be able to utilize their bearer authentication middleware in their route structures
- students will be able to test against authenticated routes
package.json.eslintrc.json.gitignore.envREADME.md
- create a bearer auth middleware module (feel free to use the one from lecture as a reference point)
- create a new resource (Schema) that has at least three properties
- this resource must have a property of
userID that references the _id of the auth model that created the resource
- the
userID property can only be set from an _id found using your bearer auth middleware module
- as always, use the npm
debug module to log function calls that are used within your application
- using the express
Router, create routes for doing RESTFUL CRUD operations against your resource
POST request- pass data as stringifed JSON in the body of a post request to create a new resource
GET request- pass the id of a resource though the url endpoint to
req.params to fetch a resource
PUT request- pass data as stringifed JSON in the body of a put request to update a resource
DELETE request- pass the id of a resource though the url endpoint (using
req.params) to delete a resource
- create a test to ensure that your API returns a status code of 404 for routes that have not been registered
- create a series of tests to ensure that your
/api/resource-name endpoint responds as described for each condition below:
GET - test 200, for a request made with a valid idGET - test 200, for a request made with no id paramGET - test 401, if no token was providedGET - test 404, for a valid request with an id that was not foundPUT - test 200, for a post request with a valid bodyPUT - test 401, if no token was providedPUT - test 400, if the body was invalidPUT - test 404, for a valid request made with an id that was not foundPOST - test 200, for a post request with a valid bodyPOST - test 401, if no token was providedPOST - test 400, if no body was provided or if the body was invalidDELETE - test 200, for a post request with a valid bodyDELETE - test 401, if no token was providedDELETE - test 404, for a valid request made with an id that was not found
17-bearer-auth's People
Contributors
Watchers
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent