https://github.com/abhishekshrivastav73/backend-domination-with-sheryians-coding-school.
Backend Domination By Sheryians Coding School
https://github.com/abhishekshrivastav73/backend-domination-with-sheryians-coding-school.
bcryptjs express jwt-authentication mongodb mongodbatlas mongoosejs nodejs socket-io webrtc
Last synced: about 1 month ago
JSON representation
Backend Domination By Sheryians Coding School
- Host: GitHub
- URL: https://github.com/abhishekshrivastav73/backend-domination-with-sheryians-coding-school.
- Owner: AbhishekShrivastav73
- Created: 2024-06-13T15:13:18.000Z (12 months ago)
- Default Branch: main
- Last Pushed: 2025-03-29T18:27:47.000Z (2 months ago)
- Last Synced: 2025-04-16T00:57:54.055Z (about 1 month ago)
- Topics: bcryptjs, express, jwt-authentication, mongodb, mongodbatlas, mongoosejs, nodejs, socket-io, webrtc
- Language: EJS
- Homepage:
- Size: 20.9 MB
- Stars: 51
- Watchers: 2
- Forks: 19
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Backend-Domination-With-Sheryians-Coding-Schools.
Getting Start with Back-End Journey with Sheryians Coding Schools (Back-End Domination : Create Efficient Back-End).
# Javascript WarmUp.
In this Section, we'll introduce you to the fascinating world of JavaScript, the language that powers much of the web. You'll learn the basics of JavaScript syntax, data types, and how to write your first lines of code. Get ready to dive into the exciting world of web development with JavaScript as your guide!.
### Basics
Break down of the core concepts of JavaScript in simple terms. You'll learn everything from variables and data types to loops and functions. By the end of this module, you'll have a solid understanding of the basics of JavaScript, setting you up for success as you dive deeper into web development. Let's unleash the power of JavaScript together!!
### Asynchronous Javascript :
In this lesson, we'll introduce you to the concept of asynchronous programming in JavaScript. We'll explore why it's important and how it can make your programs more efficient. Get ready to learn about asynchronous functions, callbacks, promises, and async/await syntax. By understanding asynchronous JavaScript, you'll be able to create dynamic and responsive web applications. Let's dive in and start mastering asynchronous programming!
# How Internet Works.
## Basics.
In this lesson, we'll take a deep dive into the fascinating world of the internet. We'll explore how data travels across the globe, from your device to servers and back again. You'll learn about protocols like TCP/IP, DNS, and HTTP, which form the backbone of the internet. By the end of this lesson, you'll have a clear understanding of the infrastructure that powers the internet and how information is transmitted between devices. Let's unravel the mysteries of the internet together!
### How Internet Works ?
The internet connects devices worldwide through a network of cables and servers. When you request a webpage, your device sends data to your Internet Service Provider (ISP) , which then routes it to the server hosting the page. The server sends the data back, and your device displays the webpage. This happens quickly, enabling global communication.
### Understanding IP Address ?
An IP address is a unique number assigned to each device on the internet. It works like a home address, telling other devices where to send data, such as websites or emails. Each device needs an IP address to communicate and share information online.(IP is provided by the ISP)
### What is MAC Address ?
A MAC address is a unique identifier assigned to a device's network hardware, like a Wi-Fi card or Ethernet adapter. Think of it as a serial number for your device's internet connection hardware. When devices communicate within a local network, the MAC address helps ensure that the information goes to the correct device. Unlike IP addresses, which can change, MAC addresses are usually fixed and assigned by the manufacturer.
#### IP addresses are used to route the data across networks globally, while MAC addresses are used to ensure the data reaches the correct device within a local network. This combination allows data to travel from your laptop to your friend's computer accurately.
### Understanding VPN
A VPN, or Virtual Private Network, creates a secure connection between your device and the internet. It works by routing your internet traffic through a private server, hiding your real IP address and encrypting your data. This makes your online activities more private and secure, protecting you from hackers and allowing you to access content that might be restricted in your location. Essentially, a VPN acts like a secure tunnel for your internet traffic.
### Servers
A server is a powerful computer that provides services and resources to other computers, called clients, over a network. Servers store and manage data, run applications, and handle requests from clients. For example, when you visit a website, your computer sends a request to the server hosting that site. The server processes the request and sends the webpage back to your computer. Servers can manage many tasks simultaneously and are essential for running websites, email, online games, and many other services on the internet.
## A server is a computer system connected to the internet, programmed to process, store, and provide data to other computers.
## More Information
In this lesson, we'll simplify what reverse proxies are and how they work. Think of a reverse proxy as a shield that stands between the internet and your web servers, protecting them from direct access. We'll explore how reverse proxies enhance security, improve performance, and streamline network traffic. By the end of this lesson, you'll have a clear understanding of how reverse proxies can benefit your online infrastructure. Let's dive in and uncover the secrets of reverse proxies together!
### Proxy
A proxy server acts as an intermediary between your device and the internet. When you use a proxy, your internet requests go to the proxy server first, which then forwards them to the target website. The website's response goes back to the proxy, which sends it to you. This process hides your IP address, making your online activity more private and allowing you to access blocked or restricted content. Proxies can also improve security and manage network traffic.
### Reverse Proxy
A reverse proxy sits between the internet and a server, acting as a middleman for incoming requests. When someone tries to access a website, the reverse proxy receives the request first, then forwards it to the appropriate server. It then sends the server's response back to the user. This helps balance the load among multiple servers, improves security by hiding the server's identity, and can cache content to speed up access for users. Essentially, a reverse proxy manages and protects server resources while providing efficient user access.
### Internet Protocols
Internet protocols are rules and standards that allow devices to communicate over the internet. They ensure data is sent and received correctly between devices. Common protocols include HTTP for accessing websites, FTP for transferring files, and TCP/IP, which ensures data is properly routed and reaches its destination. These protocols work together to enable seamless and reliable communication across the global internet.
### ISP (Internet Service Provider)
An ISP, or Internet Service Provider, is a company that provides you with access to the internet. When you connect to the internet from home or on your mobile device, your ISP routes your data to and from websites and online services. They manage your internet connection, handle network traffic, and offer various services like email and web hosting. Without an ISP, you wouldn't be able to connect to the internet.
### TCP/IP
TCP/IP stands for Transmission Control Protocol/Internet Protocol, and it is the foundation of internet communication. TCP ensures that data is sent and received accurately by breaking it into packets and reassembling it at the destination. IP handles addressing and routing these packets to the correct destination. Together, TCP/IP makes sure that data travels efficiently and reliably between devices across networks, enabling everything from web browsing to email to online streaming.
### UDP -(User Datagram Protocol)
UDP, or User Datagram Protocol, is a communication method used on the internet. Unlike TCP, UDP sends data without establishing a connection or checking for errors. This makes it faster but less reliable, as data packets can be lost or arrive out of order. UDP is ideal for applications where speed is crucial and some data loss is acceptable, like live video streaming, online gaming, and voice calls.
### HTTP (Hypertext Transfer Protocol)
HTTP, or Hypertext Transfer Protocol, is the foundation of data communication on the web. It defines how messages are formatted and transmitted, and how web servers and browsers should respond to various commands. When you type a website address into your browser, HTTP is the protocol used to request the web page from the server, and it also defines how the server sends the web page back to your browser.
## Everthing about Node JS
Node.js is a runtime environment that allows you to run JavaScript on the server side, outside of a web browser. It's used to build fast and scalable server-side applications, thanks to its non-blocking, event-driven architecture. This makes it ideal for real-time applications like chat apps and online gaming.
### Non-blocking I/O
Non-blocking I/O is a way of handling input and output operations without making the program wait. Instead of stopping to wait for data to be read or written, the program can continue doing other tasks. When the data is ready, the program gets a notification and processes it. This approach helps make programs faster and more efficient, especially when dealing with many tasks at once.
### Libuv in NodeJs
##### Non-blocking or async nature of the Node js is just because of the Libuv
Libuv is a key component in Node.js that handles the event loop and manages asynchronous operations. It provides the foundation for non-blocking I/O by abstracting the underlying operating system's asynchronous features, such as file system operations, networking, and timers. When Node.js performs an asynchronous task, like reading a file, Libuv takes care of running the task in the background and notifies Node.js when the task is complete. This allows Node.js to keep processing other tasks without waiting, making it efficient and fast for handling multiple operations simultaneously.
### Node JS Single Threaded Architecture
Node.js is single-threaded, which means it uses a single thread to handle all tasks. However, it can handle many tasks at once because of its event-driven, non-blocking nature. Here's an easy-to-understand explanation with an example:
Imagine you are a waiter in a busy restaurant, and you are the only one taking orders (the single thread). Instead of waiting by each table until the food is ready, you quickly take an order from one table, pass it to the kitchen (non-blocking), and move on to the next table to take another order. While you’re taking more orders, the kitchen (event loop) is preparing the food. When the food is ready, the kitchen notifies you, and you deliver it to the table (callback function).
In this way, even though you are just one person (single-threaded), you efficiently handle many tables (tasks) at the same time. Node.js works similarly by using the event loop to manage multiple operations without waiting for each one to finish before starting the next.
# NPM
NPM, or Node Package Manager, is a tool that comes with Node.js. It helps you easily install, share, and manage packages (reusable pieces of code) that other developers have written. With NPM, you can quickly add new features to your project without writing everything from scratch. It also helps you manage project dependencies and keep your code organized.
## File Handling in Node JS
File handling in Node.js involves reading from, writing to, and managing files on your system. Node.js provides the `fs` (file system) module to perform these operations. Here’s a brief overview:
1. **Reading Files**: You can read files using methods like `fs.readFile` for asynchronous reading and `fs.readFileSync` for synchronous reading.
```javascript
const fs = require('fs');
fs.readFile('example.txt', 'utf8', (err, data) => {
if (err) throw err;
console.log(data);
});
```
2. **Writing Files**: You can write to files using methods like `fs.writeFile` for asynchronous writing and `fs.writeFileSync` for synchronous writing.
```javascript
fs.writeFile('example.txt', 'Hello, World!', (err) => {
if (err) throw err;
console.log('File has been written');
});
```
3. **Appending Files**: You can add content to an existing file using `fs.appendFile` for asynchronous appending.
```javascript
fs.appendFile('example.txt', ' More content', (err) => {
if (err) throw err;
console.log('Content added');
});
```
4. **Deleting Files**: You can delete files using `fs.unlink`.
```javascript
fs.unlink('example.txt', (err) => {
if (err) throw err;
console.log('File deleted');
});
```
5. **Other Operations**: The `fs` module also allows you to rename files, read directories, and perform many other file-related operations.
By using these methods, Node.js allows you to handle files efficiently in both synchronous and asynchronous ways.
Handling folders (directories) in Node.js involves operations like creating, reading, renaming, and deleting directories. The `fs` (file system) module in Node.js provides methods for these operations:
1. **Creating Directories**: You can create directories using `fs.mkdir`.
```javascript
const fs = require('fs');
fs.mkdir('newFolder', (err) => {
if (err) throw err;
console.log('Directory created');
});
```
2. **Reading Directories**: You can read the contents of a directory using `fs.readdir`.
```javascript
fs.readdir('.', (err, files) => {
if (err) throw err;
console.log('Files in the current directory:', files);
});
```
3. **Renaming Directories**: You can rename directories using `fs.rename`.
```javascript
fs.rename('newFolder', 'renamedFolder', (err) => {
if (err) throw err;
console.log('Directory renamed');
});
```
4. **Deleting Directories**: You can delete directories using `fs.rmdir`.
```javascript
fs.rmdir('renamedFolder', (err) => {
if (err) throw err;
console.log('Directory deleted');
});
```
These methods allow you to manage directories in your file system, enabling you to organize and manipulate folder structures as needed within your Node.js applications.
## HTTP Module in NODE JS
The `http` module in Node.js allows you to create web servers and handle HTTP requests and responses. It provides a way to build applications that can communicate over the web. Here’s a simple example of how to use the `http` module to create a basic web server:
```javascript
const http = require('http');
// Create a server object
const server = http.createServer((req, res) => {
// Send the response body
res.end('Hello, World!\n');
});
// The server listens on port 3000
server.listen(3000, () => {
console.log('Server is running at http://localhost:3000/');
});
```
In this example:
1. We require the `http` module.
2. We create a server using `http.createServer`, passing a callback function that handles incoming requests (`req`) and sends responses (`res`).
3. The server listens on port 3000, and when accessed, it responds with "Hello, World!".
This basic setup allows you to handle more complex routing and functionality, making the `http` module a powerful tool for building web applications with Node.js.
# Express Domination
Express.js is a web application framework for Node.js that simplifies building web and mobile applications. It provides a set of tools and features to create robust APIs and web servers easily. With Express.js, you can handle routing, manage HTTP requests and responses, and use middleware to add extra functionality. It's lightweight, flexible, and widely used, making it easier for developers to build and manage server-side applications efficiently.
Express.js is built on top of Node.js and simplifies the process of building web applications and APIs. Here are the basic concepts and components of Express:
1. **Routing**: Express uses a routing mechanism to map different URL paths to specific functions. This allows you to define what should happen when a user visits a particular URL.
```javascript
const express = require('express');
const app = express();
app.get('/', (req, res) => {
res.send('Hello, World!');
});
app.get('/about', (req, res) => {
res.send('About Page');
});
app.listen(3000, () => {
console.log('Server is running on http://localhost:3000');
});
```
2. **Middleware**: Middleware functions are functions that have access to the request object (`req`), the response object (`res`), and the next middleware function in the application's request-response cycle. Middleware can execute code, modify the request and response objects, end the request-response cycle, and call the next middleware function.
```javascript
app.use((req, res, next) => {
console.log('A request was made at:', new Date());
next(); // Pass control to the next middleware
});
```
3. **Request and Response Objects**: Express extends the request and response objects from Node.js to provide useful methods for handling HTTP requests and responses. For example, `req.query` to access query string parameters and `res.send` to send a response.
```javascript
app.get('/user', (req, res) => {
res.send(`User ID: ${req.query.id}`);
});
```
4. **Template Engines**: Express can integrate with various template engines like EJS, Pug, or Handlebars to generate dynamic HTML pages.
```javascript
app.set('view engine', 'ejs');
app.get('/profile', (req, res) => {
res.render('profile', { name: 'John Doe' });
});
```
5. **Static Files**: You can serve static files like HTML, CSS, and JavaScript using the `express.static` middleware.
```javascript
app.use(express.static('public'));
```
6. **Handling Form Data**: Express makes it easy to handle form data by parsing request bodies with middleware like `body-parser` or the built-in `express.json()` and `express.urlencoded()`.
```javascript
app.use(express.urlencoded({ extended: true }));
app.post('/submit', (req, res) => {
res.send(`Form Data: ${req.body.name}`);
});
```
These basics allow you to create robust web applications and APIs quickly and efficiently with Express.
## Middlewares
Middleware functions are functions that have access to the request object (`req`), the response object (`res`), and the next middleware function in the application's request-response cycle. Middleware can execute code, modify the request and response objects, end the request-response cycle, and call the next middleware function.
```javascript
app.use((req, res, next) => {
console.log('A request was made at:', new Date());
next(); // Pass control to the next middleware
});
```
### Express-Session Middleware
Express-session is a middleware in Express.js that helps you manage user sessions. A session allows you to store data about a user's interaction with your application across multiple requests. This is useful for keeping users logged in, storing preferences, and tracking user activities. Here's a simple explanation:
1. **Installation**: First, you need to install the `express-session` package.
```bash
npm install express-session
```
2. **Setup**: You need to set up the session middleware in your Express app.
```javascript
const express = require('express');
const session = require('express-session');
const app = express();
app.use(session({
secret: 'yourSecretKey', // A secret key to sign the session ID cookie
resave: false, // Prevents saving the session if it wasn't modified
saveUninitialized: true // Forces a session that is "uninitialized" to be saved
}));
```
3. **Using Sessions**: Once set up, you can use `req.session` to store and retrieve session data.
```javascript
app.get('/', (req, res) => {
if (req.session.views) {
req.session.views++;
res.send(`Number of views: ${req.session.views}`);
} else {
req.session.views = 1;
res.send('Welcome to this page for the first time!');
}
});
app.listen(3000, () => {
console.log('Server is running on http://localhost:3000');
});
```
In this example:
- When a user visits the homepage, the server checks if there is a `views` property in their session.
- If it exists, it increments the view count and displays it.
- If not, it sets the `views` property to 1 and welcomes the user for the first time.
This way, sessions help you keep track of user interactions across multiple requests, making it easier to build features like login systems and user preferences.
## Connect-Flash :
**Connect-Flash** is a middleware for Node.js that allows you to store temporary messages (flash messages) in a session. These messages can be used to display notifications, alerts, or any other messages to the user after they perform an action (e.g., form submission, login, etc.). The messages are cleared after being displayed once.
### Basic Code Example
1. **Install the required packages:**
```bash
npm install express-session connect-flash
```
2. **Set up the middleware in your Express app:**
```javascript
const express = require('express');
const session = require('express-session');
const flash = require('connect-flash');
const app = express();
// Set up session middleware
app.use(session({
secret: 'yourSecretKey',
resave: false,
saveUninitialized: true,
}));
// Set up connect-flash middleware
app.use(flash());
// Example route to set a flash message
app.get('/login', (req, res) => {
req.flash('info', 'Login successful!');
res.redirect('/dashboard');
});
// Example route to display flash message
app.get('/dashboard', (req, res) => {
const message = req.flash('info');
res.send(message); // This will display 'Login successful!'
});
app.listen(3000, () => {
console.log('Server is running on port 3000');
});
```
### How It Works
- When the user visits `/login`, a flash message is stored using `req.flash('info', 'Login successful!')`.
- The user is then redirected to `/dashboard`, where the message is retrieved and displayed using `req.flash('info')`.
- The message is automatically cleared after being retrieved.
This way, flash messages are useful for displaying one-time notifications like success or error messages after form submissions or other actions.
## CORS :
### What is CORS?
**CORS** stands for **Cross-Origin Resource Sharing**. It’s like a security guard for your web server. It controls who (which websites) can talk to your server and ask for data.
### Why Do We Need CORS?
Imagine you're on a website, and that site wants to get some data from another website (like an API). By default, your browser will block this because it doesn't know if the other website is trustworthy. This is where CORS comes in—it allows the server to say, "Hey, it's okay for this website to get my data."
### How Do You Use CORS in an Express App?
1. **Install the CORS package**:
First, you need to install a package called `cors` that helps you handle this security rule in your Express app:
```bash
npm install cors
```
2. **Set Up CORS in Your App**:
Then, you add this `cors` package to your app so your server can decide which websites are allowed to access it:
```javascript
const express = require('express');
const cors = require('cors');
const app = express();
// This line allows any website to access your server's data
app.use(cors());
// Example: A simple route that sends some data
app.get('/data', (req, res) => {
res.json({ message: 'Anyone can access this data!' });
});
app.listen(3000, () => {
console.log('Server is running on port 3000');
});
```
### What Happens Now?
- **Without CORS**: Your browser would block any requests from other websites to your server, like a strict security guard.
- **With CORS**: You’ve told your server, "It’s okay, let other websites ask me for data." Now, those requests will go through.
### Limiting Access
If you want only a specific website (like `http://example.com`) to access your server, you can do this:
```javascript
app.use(cors({ origin: 'http://example.com' }));
```
Now, only `http://example.com` can talk to your server, and all other websites will be blocked.
### In Simple Terms
CORS is like giving permission slips to websites, telling them whether they can talk to your server or not. The `cors` package in Express helps you easily manage these permissions.
## Cookie-Parser :
**Cookie-Parser** is a middleware for Express that helps you manage cookies in your web applications. Cookies are small pieces of data that a server sends to the user's browser, which are stored and sent back to the server on subsequent requests. They are commonly used to track user sessions, remember login information, and store user preferences.
### What Does Cookie-Parser Do?
- **Reading Cookies**: When a request comes in, Cookie-Parser makes it easy to read and use the cookies that the browser sends with the request.
- **Setting Cookies**: It also simplifies the process of sending cookies back to the user's browser.
### How to Use Cookie-Parser in an Express App
1. **Install the `cookie-parser` package**:
First, you need to install the `cookie-parser` package:
```bash
npm install cookie-parser
```
2. **Set Up Cookie-Parser in Your App**:
After installing, you add it to your Express app like this:
```javascript
const express = require('express');
const cookieParser = require('cookie-parser');
const app = express();
// Use the cookie-parser middleware
app.use(cookieParser());
// Example: Set a cookie
app.get('/set-cookie', (req, res) => {
res.cookie('user', 'John Doe'); // Setting a cookie named 'user' with the value 'John Doe'
res.send('Cookie has been set!');
});
// Example: Read a cookie
app.get('/get-cookie', (req, res) => {
const user = req.cookies['user']; // Reading the cookie named 'user'
res.send(`User is: ${user}`);
});
app.listen(3000, () => {
console.log('Server is running on port 3000');
});
```
### What Happens Here?
- **Setting a Cookie**: When the user visits the `/set-cookie` route, the server sends a cookie named `user` with the value `John Doe` to the user's browser. The browser stores this cookie.
- **Reading a Cookie**: When the user visits the `/get-cookie` route, the server reads the `user` cookie from the request (which the browser automatically sends). It then sends back the value stored in the cookie, which in this case is `John Doe`.
### In Simple Terms
- **Cookies** are like small notes that your server can give to a user's browser, saying things like "Remember this user" or "Keep track of this setting."
- **Cookie-Parser** helps you easily write and read these notes in your Express app.
It's useful for things like remembering a user's login status or storing their preferences.
## Morgan:
**Morgan** is a middleware for Express that logs HTTP requests to your server. Think of it as a helpful tool that keeps track of every request made to your server and prints out details like what was requested, by whom, and how the server responded.
### Why Use Morgan?
Morgan is useful because it helps you see what's happening with your server in real-time. It’s like a diary that logs every interaction, which is great for debugging and monitoring your application.
### How to Use Morgan in an Express App
1. **Install the `morgan` package**:
First, you need to install Morgan:
```bash
npm install morgan
```
2. **Set Up Morgan in Your App**:
After installing, you add it to your Express app like this:
```javascript
const express = require('express');
const morgan = require('morgan');
const app = express();
// Use Morgan middleware with the 'tiny' format
app.use(morgan('tiny'));
// Example route
app.get('/', (req, res) => {
res.send('Hello, world!');
});
app.listen(3000, () => {
console.log('Server is running on port 3000');
});
```
### What Happens Here?
- **Logging Requests**: With `app.use(morgan('tiny'));`, Morgan logs basic details about every request to your server. For example, when someone visits your site, Morgan will log something like:
```
GET / 200 9 - 0.080 ms
```
This log entry shows:
- `GET`: The HTTP method (could also be POST, PUT, DELETE, etc.).
- `/`: The URL path requested.
- `200`: The status code (200 means success).
- The time it took to handle the request.
### In Simple Terms
- **Morgan** is like a security camera for your server. It watches every request that comes in and writes down what happened.
- It's great for keeping track of how your server is being used and for spotting any problems.
By using Morgan, you can easily see who is visiting your site, what they're doing, and how your server is handling their requests.
## Request and Response :
In an Express.js application, `req` and `res` are two important objects that represent the **request** and **response** in a web server interaction. They are central to how your server handles incoming requests and sends back responses.
### `req` (Request Object)
The `req` object contains all the information about the incoming HTTP request. It's like a letter that someone sends to your server, and `req` holds all the details of that letter.
#### Key Properties of `req`:
- **`req.method`**: The HTTP method used for the request (e.g., `GET`, `POST`, `PUT`, `DELETE`).
- **`req.url`**: The URL path of the request (e.g., `/about` or `/contact`).
- **`req.headers`**: An object containing the headers of the request (e.g., content type, user-agent).
- **`req.query`**: An object containing the query parameters in the URL (e.g., for `/search?q=term`, `req.query.q` would be `'term'`).
- **`req.body`**: The data sent in the request body (for `POST` or `PUT` requests). This usually contains form data or JSON payloads.
- **`req.params`**: An object containing route parameters (e.g., for `/user/:id`, `req.params.id` would contain the value passed in the URL).
- **`req.cookies`**: An object containing cookies sent by the client (requires middleware like `cookie-parser`).
### Example:
```javascript
app.get('/user/:id', (req, res) => {
const userId = req.params.id; // Get the ID from the URL
res.send(`User ID is ${userId}`);
});
```
Here, if the user visits `/user/123`, `req.params.id` will be `123`, and the server will respond with `User ID is 123`.
### `res` (Response Object)
The `res` object is what your server uses to send a response back to the client. It's like writing a reply letter and sending it back to the person who wrote to you.
#### Key Methods of `res`:
- **`res.send()`**: Sends a response back to the client. You can send text, HTML, JSON, etc.
- **`res.json()`**: Sends a JSON response. It automatically sets the content type to `application/json`.
- **`res.status()`**: Sets the HTTP status code for the response (e.g., `200` for success, `404` for not found).
- **`res.redirect()`**: Redirects the client to a different URL.
- **`res.render()`**: Renders a view template (e.g., using EJS, Pug, etc.).
- **`res.cookie()`**: Sets a cookie in the client’s browser (requires `cookie-parser` or similar middleware).
### Example:
```javascript
app.get('/welcome', (req, res) => {
res.status(200).send('Welcome to our site!');
});
```
Here, when the user visits `/welcome`, the server responds with a `200` status and the message `'Welcome to our site!'`.
### In Simple Terms
- **`req`**: Think of it as the letter or message sent by the user to your server. It contains everything about what the user wants (like what page they want to see or what data they’re sending).
- **`res`**: This is your server's reply to the user. It’s what you send back to the user, like a response message, data, or an error code.
Together, `req` and `res` let you handle all kinds of interactions between the client (user) and your server.
## Dynamic Routing :
---
## **What is Routing in Express.js?**
**Routing** in Express.js refers to how an application’s endpoints (URIs) respond to client requests. It defines the various URLs (or paths) that your application can handle and what should happen when those URLs are accessed.
---
## **Static vs. Dynamic Routing**
- **Static Routing**: The route path is fixed and does not change. For example:
```javascript
app.get('/about', (req, res) => {
res.send('About Us');
});
```
This route always responds to `/about`.
- **Dynamic Routing**: The route path can change dynamically based on parameters. It allows you to handle multiple routes with similar patterns. For example:
```javascript
app.get('/users/:userId', (req, res) => {
res.send(`User ID is ${req.params.userId}`);
});
```
This route can respond to `/users/1`, `/users/2`, etc., extracting the `userId` from the URL.
---
## **Understanding Dynamic Routing**
### **Route Parameters**
- **Route parameters** are parts of the URL that are variable. They are indicated by a colon (`:`) followed by a name.
**Example:**
```javascript
app.get('/products/:productId', (req, res) => {
const productId = req.params.productId;
res.send(`Product ID is ${productId}`);
});
```
- **Accessing Route Parameters**: Use `req.params` to access these parameters.
- In the above example, if the user accesses `/products/123`, `req.params.productId` will be `'123'`.
### **Multiple Parameters**
You can have multiple dynamic segments in a route.
**Example:**
```javascript
app.get('/users/:userId/orders/:orderId', (req, res) => {
const { userId, orderId } = req.params;
res.send(`User ID is ${userId} and Order ID is ${orderId}`);
});
```
- Accessing `/users/5/orders/99` will output: `User ID is 5 and Order ID is 99`.
---
## **Practical Examples**
### **Example 1: User Profile Route**
```javascript
const express = require('express');
const app = express();
app.get('/profile/:username', (req, res) => {
const username = req.params.username;
res.send(`Welcome to ${username}'s profile!`);
});
app.listen(3000, () => {
console.log('Server is running on port 3000');
});
```
**Usage:**
- Visiting `/profile/john` will display: `Welcome to john's profile!`
- Visiting `/profile/jane` will display: `Welcome to jane's profile!`
### **Example 2: Blog Post Route**
```javascript
app.get('/blog/:year/:month/:slug', (req, res) => {
const { year, month, slug } = req.params;
res.send(`Displaying blog post from ${month}/${year}: ${slug}`);
});
```
**Usage:**
- Visiting `/blog/2023/09/express-routing` will display: `Displaying blog post from 09/2023: express-routing`
---
## **Using Query Parameters with Dynamic Routes**
- **Query parameters** are additional data sent in the URL after a `?` symbol.
- They can be used alongside dynamic routes.
**Example:**
```javascript
app.get('/search/:category', (req, res) => {
const category = req.params.category;
const sortBy = req.query.sortBy; // e.g., ?sortBy=price
res.send(`Searching in category: ${category}, sorted by: ${sortBy}`);
});
```
**Usage:**
- Visiting `/search/electronics?sortBy=price` will display: `Searching in category: electronics, sorted by: price`
---
## **Handling Optional Parameters**
- You can make route parameters optional by adding a `?` after the parameter name.
**Example:**
```javascript
app.get('/users/:userId/posts/:postId?', (req, res) => {
const { userId, postId } = req.params;
if (postId) {
res.send(`Displaying post ${postId} for user ${userId}`);
} else {
res.send(`Displaying all posts for user ${userId}`);
}
});
```
**Usage:**
- `/users/10/posts/5` => `Displaying post 5 for user 10`
- `/users/10/posts` => `Displaying all posts for user 10`
---
## **Using Regular Expressions in Routes**
- You can use regular expressions to define more complex route patterns.
**Example:**
```javascript
// Matches paths like /flight/AA123
app.get('/flight/:flightCode([A-Z]{2}[0-9]{3})', (req, res) => {
const flightCode = req.params.flightCode;
res.send(`Flight code is ${flightCode}`);
});
```
**Usage:**
- `/flight/AB123` => `Flight code is AB123`
- `/flight/abc123` => Does not match, results in 404 Not Found
---
## **Benefits of Dynamic Routing**
1. **Flexibility**: Handle a wide range of URLs with similar patterns without defining each one separately.
2. **Scalability**: Easily manage and extend routes as your application grows.
3. **Clean URLs**: Create user-friendly and SEO-friendly URLs.
4. **Simplified Code**: Reduce redundancy by capturing variable parts of the URL.
---
## **Summary**
- **Dynamic routing** allows your Express.js application to handle URLs that include variable data.
- Use **route parameters** (e.g., `:id`) to define parts of the URL that can change.
- Access these parameters via `req.params` inside your route handlers.
- Combine with **query parameters** for additional flexibility.
- You can also define **optional parameters** and use **regular expressions** for more control.
---
## **Complete Example**
Here's a small Express app demonstrating dynamic routing:
```javascript
const express = require('express');
const app = express();
app.get('/products/:category/:productId', (req, res) => {
const { category, productId } = req.params;
res.send(`Category: ${category}, Product ID: ${productId}`);
});
app.get('/users/:userId?', (req, res) => {
const userId = req.params.userId;
if (userId) {
res.send(`User ID is ${userId}`);
} else {
res.send('User ID not provided');
}
});
app.get('/search', (req, res) => {
const { query, page = 1 } = req.query;
res.send(`Searching for: ${query}, Page: ${page}`);
});
app.listen(3000, () => {
console.log('Server is running on port 3000');
});
```
**Testing the Routes:**
- `/products/electronics/123` => `Category: electronics, Product ID: 123`
- `/users/456` => `User ID is 456`
- `/users` => `User ID not provided`
- `/search?query=laptops&page=2` => `Searching for: laptops, Page: 2`
---
I hope this explanation makes dynamic routing in Express.js clear and easy to understand! Let me know if you have any other questions or need further clarification.
## Server side rendering with EJS :
**Server-Side Rendering (SSR)** using **EJS (Embedded JavaScript)** is a technique where the HTML content of a webpage is generated on the server before being sent to the client’s browser. This allows you to create dynamic web pages that can display different content based on the data processed on the server.
### What is Server-Side Rendering?
- **Server-Side Rendering** means that the server generates the full HTML for a webpage before sending it to the client. The browser then receives this HTML and displays it.
- This is different from **Client-Side Rendering** (CSR), where the server sends minimal HTML and JavaScript to the client, and the browser generates the full content dynamically on the client side.
### Why Use EJS for SSR?
**EJS** is a simple templating engine that lets you write HTML with embedded JavaScript. It makes it easy to create dynamic content by mixing HTML with data passed from the server.
### How to Use EJS for Server-Side Rendering
1. **Set Up Express and EJS**:
First, you need to install Express and EJS:
```bash
npm install express ejs
```
Then, set up your Express application to use EJS as the templating engine:
```javascript
const express = require('express');
const app = express();
// Set EJS as the templating engine
app.set('view engine', 'ejs');
// Example route
app.get('/', (req, res) => {
const data = {
title: 'Welcome to My Website',
message: 'Hello, world!'
};
// Render the 'index.ejs' template and pass data to it
res.render('index', data);
});
app.listen(3000, () => {
console.log('Server is running on port 3000');
});
```
2. **Create an EJS Template**:
Inside your project, create a folder called `views` and then create an `index.ejs` file inside it:
```html
<%= title %>
<%= message %>
```
3. **How It Works**:
- **`res.render('index', data)`**: This tells Express to look for a file named `index.ejs` in the `views` folder, render it, and pass the `data` object to it.
- **EJS Syntax**: Inside the EJS file, `<%= title %>` and `<%= message %>` are placeholders that get replaced with the actual data passed from the server.
- **Generated HTML**: When the client requests the homepage (`/`), the server processes the EJS template, replaces the placeholders with the data values, and sends the fully rendered HTML to the client.
4. **Client Receives Rendered HTML**:
When a user visits your website, the server sends the HTML generated from the EJS template. The browser then simply displays this HTML. No further processing or JavaScript is needed to display the content.
### Example Scenario
Suppose you have a blog, and you want to display a list of articles on the homepage. You can use SSR with EJS to dynamically generate the HTML for each article:
```javascript
app.get('/blog', (req, res) => {
const articles = [
{ title: 'First Post', content: 'This is the first post.' },
{ title: 'Second Post', content: 'This is the second post.' }
];
res.render('blog', { articles });
});
```
In your `blog.ejs` file:
```html
My Blog
Blog Articles
-
<%= article.title %>
<%= article.content %>
<% articles.forEach(article => { %>
<% }); %>
```
### In Simple Terms
- **Server-Side Rendering with EJS**: The server generates the HTML for your webpage using EJS templates, fills in the dynamic parts with data, and then sends the complete HTML to the browser.
- **Advantages**:
- **Faster initial load**: Since the HTML is pre-rendered, the page loads faster in the browser.
- **Better SEO**: Search engines can easily crawl and index your content because it’s available in the HTML.
- **Dynamic Content**: You can use EJS to inject dynamic content into your web pages based on the data provided by your server, making your pages more interactive and personalized.
Server-Side Rendering with EJS is a straightforward and powerful way to build dynamic web pages that are fast and SEO-friendly.
## Form-Handling With EJS :
Form handling in EJS (Embedded JavaScript) involves creating forms in your HTML templates, processing the data submitted by the user, and then responding based on that data. Here’s how you can handle forms using EJS with Express.js in the simplest way possible.
### Steps for Form Handling in EJS
1. **Create a Form in EJS**:
2. **Set Up Express to Handle Form Submissions**:
3. **Process the Form Data on the Server**:
4. **Respond Back to the Client**:
### Example: A Simple Contact Form
#### 1. Create a Form in EJS
First, create a simple form in your EJS template. Let’s assume you have a `contact.ejs` file where you ask the user for their name and message.
```html
Contact Form
Contact Us
Name:
Message:
Submit
```
#### 2. Set Up Express to Handle Form Submissions
In your Express server, you need to set up routes to handle the form submission. Also, you need to parse the form data, which is usually done using the `express.urlencoded()` middleware.
```javascript
const express = require('express');
const app = express();
// Middleware to parse form data
app.use(express.urlencoded({ extended: true }));
// Route to display the contact form
app.get('/contact', (req, res) => {
res.render('contact'); // Renders the contact.ejs form
});
// Route to handle form submission
app.post('/submit-form', (req, res) => {
const { name, message } = req.body; // Extract the form data
res.send(`Thank you, ${name}. Your message: "${message}" has been received.`);
});
app.listen(3000, () => {
console.log('Server is running on port 3000');
});
```
#### 3. Process the Form Data on the Server
- When the form is submitted, the data is sent to the `/submit-form` route using the POST method.
- `req.body` contains the form data (`name` and `message`) because of the `express.urlencoded()` middleware, which parses the incoming form data.
#### 4. Respond Back to the Client
- After processing the form data, you can send a response back to the client.
- In this example, the server sends a thank you message back to the user, displaying the name and message they submitted.
### What Happens Step by Step:
1. **User Visits Form**: The user visits the `/contact` page, and the `contact.ejs` form is rendered and displayed.
2. **User Submits Form**: The user fills in their name and message and clicks "Submit".
3. **Form Data is Sent**: The form data is sent to the server via a POST request to the `/submit-form` route.
4. **Server Processes Data**: The server extracts the data using `req.body`, processes it (if needed), and then sends a response back to the user.
### In Simple Terms
- **EJS Form**: You create an HTML form in an EJS file that sends data to the server when the user submits it.
- **Express Server**: The server listens for this data, processes it, and then responds based on the input.
- **Form Data**: The submitted form data is easily accessible in `req.body` and can be used to perform various actions, like saving to a database or simply responding with a message.
Form handling in EJS is a straightforward process where you combine your server-side logic with dynamic HTML templates to create interactive and user-friendly web pages.
## API (Application Programming Interface) :
An **API (Application Programming Interface)** allows different software applications to communicate with each other. It defines how requests are made (like asking for data) and how responses are given (like sending data back).
For web apps, APIs use **HTTP methods**:
- **GET**: To fetch data.
- **POST**: To send new data.
- **PUT**: To update data.
- **DELETE**: To remove data.
APIs make it easier for different systems (like websites or apps) to interact and exchange information efficiently.
## Basic Error Handling in Express :
**Error handling** is the process of managing errors in a program to prevent it from crashing and to provide meaningful feedback. In web development, you handle errors by catching them, logging them, and responding with appropriate messages or status codes.
In **Express.js**, a common way to handle errors is using middleware:
[Error Handler ko hamesha last me bnao]
```javascript
app.use((err, req, res, next) => {
res.status(500).send('Something went wrong!');
});
```
This catches any errors in the app and returns a response like "Something went wrong!" with a 500 status code.
## POSTMAN
**Postman** is a popular tool used by developers to test APIs. It allows you to send HTTP requests (like GET, POST, PUT, DELETE) to APIs and see the responses, making it easier to debug and test your backend services.
### Key Features of Postman:
- **Send Requests**: You can send requests to API endpoints and see the responses directly (in formats like JSON or XML).
- **Test API Endpoints**: You can check if an API is working correctly by sending data (like in POST requests) or fetching data (in GET requests).
- **Headers and Body**: You can add headers, authentication tokens, or data in the request body to simulate real API calls.
- **Save Requests**: Postman lets you save and organize requests into collections for easy re-use.
Postman is widely used to ensure APIs are functioning properly during development.
# File Based Project - Khatabook
# MongoDB
**MongoDB** is a NoSQL database that stores data in a flexible, JSON-like format called **documents** instead of traditional tables like in SQL databases. It’s designed for handling large volumes of data and allows developers to store, query, and manage data easily.
### Key Features:
1. **Document-based**: Data is stored in collections of documents (similar to JSON objects). Each document can have different fields and structures, making it very flexible.
2. **Schema-less**: You don’t need to define a strict structure for your data, allowing for flexibility in how data is stored.
3. **Scalability**: MongoDB can handle large amounts of data and scale across multiple servers easily (horizontal scaling).
4. **High Performance**: It is optimized for fast querying and can handle large, complex datasets.
5. **Rich Query Language**: Supports advanced queries, indexing, and aggregation to efficiently retrieve and manipulate data.
### Example of a MongoDB Document:
```json
{
"name": "John Doe",
"age": 30,
"email": "[email protected]",
"address": {
"city": "New York",
"zip": "10001"
}
}
```
In MongoDB, collections store documents, and each document can have different fields, making it very flexible for dynamic data.
## Mongoose
**Mongoose** is an **ODM (Object Data Modeling)** library for **MongoDB** and **Node.js**. It provides a way to define schemas for your MongoDB documents and interact with the database using models, making it easier to work with MongoDB in a structured way.
### Key Features of Mongoose:
1. **Schema Definition**: You can define strict schemas (structure) for your MongoDB collections, ensuring data consistency.
2. **Models**: Mongoose models are based on schemas and allow you to interact with MongoDB collections (e.g., create, read, update, and delete documents).
3. **Validation**: Mongoose provides built-in validation to ensure the data follows the schema rules before it’s saved to the database.
4. **Middleware**: You can use middleware (hooks) to perform actions before or after certain operations, like saving data.
5. **Query Building**: Mongoose allows complex query building and chaining methods for database operations.
### Example of Mongoose Usage:
1. **Define a Schema**:
```javascript
const mongoose = require('mongoose');
// Define a schema for a user
const userSchema = new mongoose.Schema({
name: String,
age: Number,
email: String
});
// Create a model based on the schema
const User = mongoose.model('User', userSchema);
```
2. **Save Data to MongoDB**:
```javascript
const newUser = new User({
name: 'John Doe',
age: 30,
email: '[email protected]'
});
newUser.save()
.then(() => console.log('User saved!'))
.catch(err => console.log(err));
```
Mongoose simplifies working with MongoDB by providing structure and useful features like validation, middleware, and easier querying.
# CRUD Operation in MongoDB
**CRUD** operations in MongoDB stand for **Create, Read, Update, and Delete**, which are the basic operations you perform on a database. Here’s how these operations work in MongoDB, with examples:
### 1. **Create (Insert)**
This operation adds new data (documents) to a collection.
#### Example:
Using Mongoose, you can create (insert) a new document like this:
```javascript
const mongoose = require('mongoose');
// Define a schema for users
const userSchema = new mongoose.Schema({
name: String,
age: Number,
email: String
});
const User = mongoose.model('User', userSchema);
// Create and save a new user
const newUser = new User({
name: 'John Doe',
age: 30,
email: '[email protected]'
});
newUser.save()
.then(() => console.log('User created'))
.catch(err => console.log(err));
```
In MongoDB, the `insertOne()` method can also be used directly to add documents to a collection.
### 2. **Read (Retrieve)**
This operation fetches data from the database. You can retrieve one document or many documents.
#### Example:
To retrieve (read) data from a MongoDB collection:
```javascript
// Find all users
User.find()
.then(users => console.log(users))
.catch(err => console.log(err));
// Find a user by name
User.findOne({ name: 'John Doe' })
.then(user => console.log(user))
.catch(err => console.log(err));
```
In MongoDB, `find()` retrieves all documents, while `findOne()` retrieves just one.
### 3. **Update**
This operation modifies existing data. You can update one or multiple documents.
#### Example:
To update a document, you can use `updateOne()` or `updateMany()` in MongoDB, or `findByIdAndUpdate()` in Mongoose:
```javascript
// Update the age of a specific user
User.findByIdAndUpdate('userId', { age: 35 })
.then(() => console.log('User updated'))
.catch(err => console.log(err));
```
This updates the user's `age` field to `35` based on their ID.
### 4. **Delete (Remove)**
This operation removes documents from a collection.
#### Example:
To delete data from MongoDB, use `deleteOne()` or `deleteMany()`:
```javascript
// Delete a specific user
User.findByIdAndDelete('userId')
.then(() => console.log('User deleted'))
.catch(err => console.log(err));
```
This removes the document with the specified ID from the collection.
### Summary of CRUD Operations:
- **Create**: Add new documents to the collection (e.g., `insertOne`, `save()`).
- **Read**: Fetch documents from the collection (e.g., `find()`, `findOne()`).
- **Update**: Modify existing documents (e.g., `updateOne()`, `findByIdAndUpdate()`).
- **Delete**: Remove documents from the collection (e.g., `deleteOne()`, `findByIdAndDelete()`).
These basic operations allow you to manage data in MongoDB efficiently.
# Advanced MongoDB Queries
### 1. **`insertMany()`**
- **Purpose**: Adds multiple documents to a collection at once.
- **Usage**: Instead of inserting one document at a time, you can insert many documents in a single query, which improves performance.
#### Example:
```javascript
const users = [
{ name: 'Alice', age: 25 },
{ name: 'Bob', age: 30 },
{ name: 'Charlie', age: 35 }
];
await User.insertMany(users);
console.log('Documents inserted!');
```
### 2. **Comparison Operators**
These operators are used to compare values in MongoDB queries.
#### **`$eq`**: Equal
- **Purpose**: Finds documents where a field matches a specific value.
#### Example: Find users who are 25 years old
```javascript
await User.find({ age: { $eq: 25 } });
```
#### **`$ne`**: Not Equal
- **Purpose**: Finds documents where a field **does not** match a specific value.
#### Example: Find users who are **not** 25 years old
```javascript
await User.find({ age: { $ne: 25 } });
```
#### **`$gt`**: Greater Than
- **Purpose**: Finds documents where a field's value is **greater than** the specified value.
#### Example: Find users older than 30
```javascript
await User.find({ age: { $gt: 30 } });
```
#### **`$gte`**: Greater Than or Equal To
- **Purpose**: Finds documents where a field's value is **greater than or equal to** the specified value.
#### Example: Find users who are 30 or older
```javascript
await User.find({ age: { $gte: 30 } });
```
#### **`$lt`**: Less Than
- **Purpose**: Finds documents where a field's value is **less than** the specified value.
#### Example: Find users younger than 30
```javascript
await User.find({ age: { $lt: 30 } });
```
#### **`$lte`**: Less Than or Equal To
- **Purpose**: Finds documents where a field's value is **less than or equal to** the specified value.
#### Example: Find users who are 30 or younger
```javascript
await User.find({ age: { $lte: 30 } });
```
### 3. **Array Operators**
These operators help you query documents with array fields.
#### **`$in`**: Matches Any Value in Array
- **Purpose**: Finds documents where a field's value is present in an array of values.
#### Example: Find users whose age is either 25, 30, or 35
```javascript
await User.find({ age: { $in: [25, 30, 35] } });
```
#### **`$nin`**: Not in Array
- **Purpose**: Finds documents where a field's value is **not** present in an array of values.
#### Example: Find users whose age is **not** 25, 30, or 35
```javascript
await User.find({ age: { $nin: [25, 30, 35] } });
```
### 4. **Field Operators**
These are operators that deal with field existence and other field-related conditions.
#### **`$exists`**: Field Exists or Not
- **Purpose**: Finds documents where a field either exists or does not exist.
#### Example: Find users who have an `email` field
```javascript
await User.find({ email: { $exists: true } });
```
#### Example: Find users who **do not** have an `email` field
```javascript
await User.find({ email: { $exists: false } });
```
### 5. **Logical Operators**
Logical operators combine multiple conditions.
#### **`$and`**: Combine Multiple Conditions (All Must Match)
- **Purpose**: Finds documents where **all** conditions are true.
#### Example: Find users who are older than 25 **and** younger than 35
```javascript
await User.find({
$and: [
{ age: { $gt: 25 } },
{ age: { $lt: 35 } }
]
});
```
#### **`$or`**: Combine Multiple Conditions (Any Can Match)
- **Purpose**: Finds documents where **any** of the conditions are true.
#### Example: Find users who are 25 **or** 35 years old
```javascript
await User.find({
$or: [
{ age: 25 },
{ age: 35 }
]
});
```
### 6. **Regular Expression (`$regex`)**
- **Purpose**: Finds documents where a string field matches a regular expression pattern. Useful for pattern matching and partial string searches.
#### Example: Find users whose name starts with "Jo"
```javascript
await User.find({ name: { $regex: '^Jo', $options: 'i' } });
```
- `^Jo`: Finds names that start with "Jo".
- `$options: 'i'`: Makes the search case-insensitive (so it matches both "Jo" and "jo").
---
### Summary:
- **`insertMany()`**: Insert multiple documents at once.
- **`$eq`**, **`$ne`**, **`$gt`**, **`$gte`**, **`$lt`**, **`$lte`**: Compare values (equals, not equals, greater/less than).
- **`$in`**, **`$nin`**: Match values within arrays.
- **`$exists`**: Check if a field exists.
- **`$and`**, **`$or`**: Combine multiple conditions.
- **`$regex`**: Search by pattern (regular expressions).
These operators make it easy to write powerful queries that filter and find exactly the data you need in MongoDB.
# JOI
**Joi** is a popular validation library for JavaScript that helps you validate and ensure the correctness of data in your applications, especially when working with forms or APIs. It's often used in frameworks like Express.js to validate data being sent to the server.
### Why Use Joi?
- **Data Validation**: Joi helps you ensure that the data follows the rules you define (e.g., an email should be in the correct format, age should be a number).
- **Error Handling**: If data doesn’t match the rules, Joi returns clear error messages, making it easy to handle invalid input.
- **Simplifies Validation**: Instead of writing custom validation logic for each field, you can use Joi to define schemas.
### Basic Concepts of Joi
1. **Schema Definition**: You define a "schema" that describes the structure and rules for your data (e.g., type, required fields, format).
2. **Validation**: You pass the data to the schema, and Joi checks if the data is valid.
### Example: Basic Joi Validation
#### Installation:
First, you need to install Joi via npm:
```bash
npm install joi
```
#### Basic Usage:
```javascript
const Joi = require('joi');
// Define a schema for user validation
const userSchema = Joi.object({
name: Joi.string().min(3).required(), // 'name' must be a string with a minimum length of 3, and it's required
email: Joi.string().email().required(), // 'email' must be a valid email address and required
age: Joi.number().min(18).max(65).required(), // 'age' must be a number between 18 and 65
});
// Example data to validate
const userData = {
name: "John",
email: "[email protected]",
age: 25
};
// Validate the data
const { error, value } = userSchema.validate(userData);
if (error) {
console.error('Validation error:', error.details);
} else {
console.log('Validation success:', value);
}
```
### Explanation:
- **Schema**: `userSchema` defines the structure of a valid user object.
- `name` must be a string of at least 3 characters and is required.
- `email` must be a valid email and is required.
- `age` must be a number between 18 and 65 and is required.
- **Validation**: `userSchema.validate(userData)` checks the `userData` object against the schema.
- If validation passes, `value` contains the valid data.
- If validation fails, `error.details` contains information about what went wrong.
### Common Joi Validation Rules:
- **String**: `Joi.string()`
- `.min(n)`: Minimum length.
- `.max(n)`: Maximum length.
- `.email()`: Validate email format.
- `.regex(pattern)`: Match a regular expression pattern.
- **Number**: `Joi.number()`
- `.min(n)`: Minimum value.
- `.max(n)`: Maximum value.
- `.integer()`: Must be an integer.
- **Boolean**: `Joi.boolean()`
- **Array**: `Joi.array()`
- `.items(type)`: Define the type of items inside the array.
- **Date**: `Joi.date()`
- `.greater(date)`: Must be after a certain date.
- `.less(date)`: Must be before a certain date.
### Example: Validating an Array
```javascript
const schema = Joi.object({
hobbies: Joi.array().items(Joi.string()).min(1).required() // Array of strings, at least 1 item required
});
const data = { hobbies: ['reading', 'swimming'] };
const { error } = schema.validate(data);
if (error) {
console.error(error.details);
} else {
console.log('Validation passed!');
}
```
### Joi with Express.js
You can use Joi in Express.js to validate incoming request data (e.g., body, query, or params).
#### Example: Using Joi in Express.js
```javascript
const express = require('express');
const Joi = require('joi');
const app = express();
app.use(express.json()); // Parse incoming JSON data
// Define a schema for validation
const userSchema = Joi.object({
name: Joi.string().min(3).required(),
email: Joi.string().email().required(),
age: Joi.number().min(18).required()
});
// Route that accepts POST requests to create a new user
app.post('/user', (req, res) => {
const { error } = userSchema.validate(req.body);
if (error) {
return res.status(400).send(error.details[0].message); // Send error message if validation fails
}
res.send('User created successfully');
});
app.listen(3000, () => console.log('Server running on port 3000'));
```
In this example, when a user sends a POST request to the `/user` endpoint, Joi validates the request body against the `userSchema`. If the data doesn't meet the requirements, it returns an error.
### Summary:
- **Joi** is a powerful and easy-to-use library for validating data.
- It allows you to define **schemas** to validate objects, arrays, strings, numbers, and more.
- It simplifies error handling by providing clear and structured error messages when validation fails.
- You can use Joi with frameworks like Express.js to ensure data being sent to your server is correct.
# Relationships In MongoDB
In MongoDB, you can manage relationships between documents using two primary methods: **embedding** and **referencing**. Here’s a simple explanation of each:
---
### 1. **Embedding Documents**
In **embedding**, related data is stored **within the same document**. This is useful when the data is closely related and often accessed together.
#### Example: One-to-Many (User and their Posts)
Instead of creating a separate collection for posts, you embed the posts inside the user document:
```javascript
const userSchema = new mongoose.Schema({
name: String,
email: String,
posts: [
{
title: String,
content: String,
date: Date
}
]
});
const User = mongoose.model('User', userSchema);
// Example document:
{
name: "John",
email: "[email protected]",
posts: [
{ title: "First Post", content: "Hello!", date: "2023-09-12" },
{ title: "Second Post", content: "MongoDB is great!", date: "2023-09-13" }
]
}
```
#### When to Use:
- When the related data is often accessed together.
- When the size of the embedded data is manageable (not too large).
#### Pros:
- **Fast retrieval**: All related data is in one document, requiring only one query.
- **Simplicity**: Easy to manage related data in one place.
#### Cons:
- **Document size**: If the embedded data grows (e.g., many posts), the document may become too large.
- **Redundancy**: Duplicating the same data in multiple places can lead to inconsistencies.
---
### 2. **Referencing Documents**
In **referencing**, related data is stored in **separate collections**, and the documents reference each other by using unique identifiers (like ObjectIDs). This is useful when data grows large or is frequently accessed independently.
#### Example: One-to-Many (User and their Posts)
Instead of embedding posts, we store them in a separate collection and reference them using their `ObjectId`.
```javascript
const userSchema = new mongoose.Schema({
name: String,
email: String,
postIds: [{ type: mongoose.Schema.Types.ObjectId, ref: 'Post' }] // Array of post references
});
const postSchema = new mongoose.Schema({
title: String,
content: String,
date: Date
});
const User = mongoose.model('User', userSchema);
const Post = mongoose.model('Post', postSchema);
// Example user document:
{
name: "John",
email: "[email protected]",
postIds: ["613b1f8a6f92c20016d6e4c1", "613b1f8a6f92c20016d6e4c2"]
}
```
#### When to Use:
- When related data can grow large or is accessed separately.
- When you need to reference multiple documents from another collection (e.g., users and their posts).
#### Pros:
- **Scalability**: Can handle large amounts of related data (e.g., many posts).
- **Decoupled data**: Each piece of data (user, posts) can be managed and updated independently.
#### Cons:
- **Multiple queries**: Retrieving all related data (e.g., a user and their posts) requires more queries and `populate()` functions in Mongoose.
- **Slightly slower**: Fetching related data from multiple collections can slow down performance compared to embedded documents.
---
### Summary:
- **Embedding**: Store related data together in one document. Best for small, closely related data.
- **Referencing**: Store related data in separate collections and use references. Best for large or independent data
# Aggregation In MongoDB
In MongoDB, **aggregation** is a powerful way to process and transform data. It allows you to perform operations like filtering, grouping, and calculating on the data stored in collections. The **aggregation framework** uses a pipeline concept, where documents are passed through a series of stages that transform them into a desired result.
### Key Aggregation Concepts:
- **Pipeline**: A series of stages that documents pass through. Each stage transforms the documents in some way.
- **Stages**: Operations like filtering (`$match`), grouping (`$group`), sorting (`$sort`), and more.
---
### Common Aggregation Stages:
1. **$match**: Filters documents based on certain criteria, similar to the `find()` method.
```javascript
{ $match: { status: "active" } }
```
2. **$group**: Groups documents by a field and performs aggregate calculations like `sum`, `count`, `avg`, etc.
```javascript
{
$group: {
_id: "$category", // Group by category field
totalSales: { $sum: "$sales" } // Calculate total sales for each category
}
}
```
3. **$sort**: Sorts documents in ascending or descending order.
```javascript
{ $sort: { sales: -1 } } // Sort by sales in descending order
```
4. **$project**: Selects specific fields to include or exclude in the output documents.
```javascript
{ $project: { name: 1, sales: 1 } } // Include only name and sales fields
```
5. **$limit**: Limits the number of documents returned.
```javascript
{ $limit: 5 } // Return only the top 5 documents
```
6. **$lookup**: Performs a join between two collections, similar to SQL joins.
```javascript
{
$lookup: {
from: "orders", // Collection to join with
localField: "_id", // Field in the current collection
foreignField: "customerId", // Field in the "orders" collection
as: "orderDetails" // Output array field
}
}
```
---
### Example: Aggregation Pipeline
Suppose you have a collection of sales records and you want to find the total sales per product category, sorted by the highest total sales. Here's how the aggregation pipeline might look:
```javascript
db.sales.aggregate([
{ $match: { status: "completed" } }, // Step 1: Filter by completed sales
{ $group: { _id: "$category", totalSales: { $sum: "$amount" } } }, // Step 2: Group by category and calculate total sales
{ $sort: { totalSales: -1 } }, // Step 3: Sort by total sales in descending order
{ $limit: 5 } // Step 4: Limit to top 5 categories
]);
```
### How it Works:
1. **$match** filters documents to include only those where `status` is "completed".
2. **$group** groups the documents by the `category` field and calculates the `totalSales` for each category.
3. **$sort** orders the results by `totalSales` in descending order.
4. **$limit** restricts the result to the top 5 categories.
---
### Use Cases of Aggregation:
- **Data analysis**: Summing up values, calculating averages, counting documents, etc.
- **Reporting**: Generating summaries of sales, orders, or any metrics.
- **Data transformation**: Reshaping documents, renaming fields, or combining data from multiple collections.
Aggregation in MongoDB is very flexible and powerful for handling large datasets and generating complex queries
## JWT (JSON Web Token) Authentication and Authorization
**JWT (JSON Web Token)** is a widely used mechanism for securing APIs and web applications. It is commonly used for **authentication** and **authorization**.
---
### 1. **Authentication vs Authorization**
- **Authentication**: Verifying the identity of a user (i.e., checking if the user is who they say they are).
- **Authorization**: Determining what actions or resources the authenticated user is allowed to access.
---
### 2. **What is JWT?**
JWT is a compact, self-contained token used to securely transmit information between parties. It consists of three parts:
1. **Header**: Contains metadata, such as the type of token and the algorithm used for signing (e.g., HMAC SHA256).
2. **Payload**: Contains the claims, which are statements about the user (e.g., user ID, email, roles).
3. **Signature**: Used to verify the token's integrity and authenticity. It's created by encoding the header and payload and signing it with a secret key or private key.
**JWT Structure**:
```text
header.payload.signature
```
Example JWT:
```text
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VybmFtZSI6ImphbmVkbyIsInJvbGUiOiJ1c2VyIiwiaWF0IjoxNjA5MjQxMzQ4fQ.-9Hmf7Vr0ibTveZYUkpbL2S5F6-Y88YQYbL-Ts2XwL8
```
---
### 3. **How JWT Works in Authentication and Authorization**
#### **Step 1: User Login (Authentication)**
1. The user provides their login credentials (e.g., username and password) to the server.
2. The server validates the credentials.
3. If valid, the server creates a **JWT** that includes information about the user (e.g., user ID, role) and sends it back to the client.
#### **Step 2: Client Stores the JWT**
- The client (usually in a web app) stores the JWT in **localStorage** or **cookies**.
#### **Step 3: Accessing Protected Resources (Authorization)**
1. The client sends the JWT in the **Authorization** header of every request to protected routes.
```http
GET /dashboard HTTP/1.1
Host: myapp.com
Authorization: Bearer
```
2. The server verifies the JWT by checking the signature and the token's validity.
3. If the JWT is valid, the server grants access to the protected resource.
---
### 4. **JWT Example in Node.js with Express**
#### **1. User Login and Token Generation**
When a user successfully logs in, the server generates a JWT and sends it to the client.
```javascript
const jwt = require('jsonwebtoken');
const express = require('express');
const app = express();
app.post('/login', (req, res) => {
const user = { id: 1, username: 'janedoe' }; // Example user
// Generate JWT
const token = jwt.sign(user, 'secretkey', { expiresIn: '1h' });
res.json({ token });
});
```
#### **2. Protecting Routes (Authorization)**
To protect routes, use middleware to verify the JWT.
```javascript
const jwt = require('jsonwebtoken');
// Middleware to verify token
function authenticateToken(req, res, next) {
const authHeader = req.headers['authorization'];
const token = authHeader && authHeader.split(' ')[1];
if (!token) return res.sendStatus(401); // No token, access denied
jwt.verify(token, 'secretkey', (err, user) => {
if (err) return res.sendStatus(403); // Invalid token
req.user = user; // Save user info for later use
next();
});
}
app.get('/protected', authenticateToken, (req, res) => {
res.json({ message: 'This is a protected route', user: req.user });
});
```
In this example:
- The `authenticateToken` middleware checks for the JWT in the `Authorization` header and verifies it.
- If the token is valid, the request proceeds to the protected route.
---
### 5. **JWT Claims**
JWTs contain **claims** in the payload, which are pieces of information about the user. Claims can be:
- **Registered claims**: Predefined claims like `iss` (issuer), `exp` (expiration time), `sub` (subject), and `aud` (audience).
- **Public claims**: Custom claims defined by the developer (e.g., `userId`, `role`).
- **Private claims**: Custom claims that are agreed upon by both parties (e.g., `organizationId`).
Example payload in a JWT:
```json
{
"sub": "1234567890",
"name": "Jane Doe",
"admin": true,
"iat": 1516239022
}
```
---
### 6. **Token Expiration**
JWTs typically include an **expiration** claim (`exp`) to limit the token's validity. This helps prevent issues like replay attacks.
Example of generating a JWT with an expiration:
```javascript
const token = jwt.sign(user, 'secretkey', { expiresIn: '1h' });
```
---
### 7. **Advantages of JWT**
- **Stateless**: No need to store tokens in a database, as the token itself contains all the necessary information.
- **Scalable**: Because the server doesn’t need to store session information, JWTs can be used in microservices and distributed systems.
- **Portable**: JWTs can be used across multiple domains, services, and platforms.
---
### 8. **Security Concerns**
- **Token storage**: Store tokens securely in cookies (with `HttpOnly` and `Secure` flags) rather than `localStorage` to prevent XSS attacks.
- **Token signing**: Always use a strong secret key to sign tokens.
- **Token expiration**: Set an appropriate expiration time for tokens and use **refresh tokens** for extending sessions.
---
### Summary:
- **JWT Authentication**: Verifies the user’s identity via a token.
- **JWT Authorization**: Grants access to resources based on the verified token.
- **How JWT Works**: User logs in, gets a JWT, and uses it in subsequent requests to access protected routes.
## Production Level Setup
## Multer
**Multer** is a middleware for handling file uploads in **Node.js** and **Express.js** applications. It is used to process multipart/form-data, which is primarily used for uploading files.
### Key Features of Multer:
- Handles file uploads by storing files on the disk or in memory.
- Provides control over where and how files are stored.
- Supports file validation and filtering (e.g., allowing only certain file types).
---
### How Multer Works:
When a client uploads a file via a form, the server receives the file as part of the request. Multer helps to parse this file and store it either in memory or on the server's disk.
### Installing Multer:
To use Multer, install it via npm:
```bash
npm install multer
```
### Basic Setup with Multer:
```javascript
const express = require('express');
const multer = require('multer');
const app = express();
// Set up storage location and filename for uploaded files
const storage = multer.diskStorage({
destination: function (req, file, cb) {
cb(null, 'uploads/'); // Directory where files will be stored
},
filename: function (req, file, cb) {
cb(null, Date.now() + '-' + file.originalname); // Naming files with the current timestamp
}
});
// Initialize multer with the storage configuration
const upload = multer({ storage: storage });
// Set up a POST route for file upload
app.post('/upload', upload.single('myFile'), (req, res) => {
res.send('File uploaded successfully!');
});
// Start the server
app.listen(3000, () => {
console.log('Server is running on port 3000');
});
```
### Explanation:
1. **Storage Configuration**:
- `destination`: Defines where the uploaded files will be stored.
- `filename`: Defines how the file should be named (in this case, using the current timestamp to prevent name clashes).
2. **Multer Middleware**:
- `upload.single('myFile')`: Handles a single file upload. The `'myFile'` refers to the name of the file input in the form.
3. **Uploading File**:
- In this setup, the client uploads a file using a form with a file input named `myFile`.
---
### Form Example for File Upload:
On the client-side, you can use an HTML form for uploading a file:
```html
Upload
```
---
### Multer Options:
Multer also provides several options for more advanced use cases:
1. **Limit File Size**:
You can limit the file size during upload:
```javascript
const upload = multer({
storage: storage,
limits: { fileSize: 1000000 } // Limit file size to 1MB
});
```
2. **Filter Files**:
You can filter files by their type (e.g., only allow images):
```javascript
const fileFilter = (req, file, cb) => {
if (file.mimetype === 'image/jpeg' || file.mimetype === 'image/png') {
cb(null, true); // Accept the file
} else {
cb(null, false); // Reject the file
}
};
const upload = multer({
storage: storage,
fileFilter: fileFilter
});
```
---
### Summary:
- **Multer** helps handle file uploads in Node.js apps.
- It stores uploaded files either on the server’s disk or in memory.
- You can configure file size limits and file type validation.
**Caching with Redis** is a common practice to improve the performance of an application by temporarily storing frequently accessed data in memory. Redis is an in-memory data structure store, commonly used as a caching layer to speed up data retrieval and reduce the load on databases.
### What is Redis?
Redis is an open-source, in-memory key-value data store known for its:
- **Speed**: Being in-memory, it is extremely fast.
- **Data Structures**: It supports strings, hashes, lists, sets, sorted sets, and more.
- **Persistence**: Redis can also persist data to disk, though it is primarily used as a cache.
### Why Use Caching?
- **Improve Performance**: By storing frequently accessed data in memory, you avoid making repetitive database calls, which are generally slower.
- **Reduce Load on Database**: Caching reduces the number of database queries, especially for data that doesn't change frequently (e.g., user profile data, popular posts, etc.).
---
### Setting Up Redis with Node.js
1. **Install Redis and Redis Client:**
- Install Redis on your local machine (or use a managed Redis service like AWS ElastiCache, Heroku Redis).
- Install the Redis client for Node.js using npm:
```bash
npm install redis
```
2. **Basic Redis Cache Setup:**
Here’s a simple example of using Redis to cache data in a Node.js application:
```javascript
const express = require('express');
const redis = require('redis');
const fetch = require('node-fetch'); // Example for simulating database or API calls
const app = express();
// Create a Redis client
const redisClient = redis.createClient();
redisClient.on('connect', () => {
console.log('Connected to Redis...');
});
redisClient.on('error', (err) => {
console.log('Redis error: ', err);
});
// Middleware function to check the cache
const checkCache = (req, res, next) => {
const userId = req.params.id;
redisClient.get(userId, (err, data) => {
if (err) throw err;
if (data !== null) {
res.send(JSON.parse(data)); // If cached data is available, return it
} else {
next(); // If no cached data, move to the next middleware or route
}
});
};
// Simulate a database call to get user data
const getUserFromDatabase = async (id) => {
const userData = await fetch(`https://jsonplaceholder.typicode.com/users/${id}`);
return userData.json();
};
// Route to get user data
app.get('/user/:id', checkCache, async (req, res) => {
const userId = req.params.id;
try {
const userData = await getUserFromDatabase(userId); // Simulate fetching user from database
// Store the data in Redis cache for next time (with an expiry time of 600 seconds)
redisClient.setex(userId, 600, JSON.stringify(userData));
res.json(userData);
} catch (error) {
res.status(500).send(error);
}
});
app.listen(3000, () => {
console.log('Server running on port 3000');
});
```
### Explanation of Code:
1. **Redis Client**:
- We create a Redis client using `redis.createClient()`, which connects to the local Redis server.
2. **Caching Logic**:
- **checkCache Middleware**: Before fetching data from the "database," this middleware checks if the data is already in Redis cache.
- If the data is found in the cache, it returns the cached data directly, avoiding the database or API call.
- If no data is found in Redis, the request continues to the next middleware, which fetches the data from the "database" (in this case, a placeholder API) and stores it in Redis.
3. **Redis `setex` Method**:
- The `setex` method stores the key-value pair in Redis with an expiration time (e.g., 600 seconds).
- This ensures that the cache will automatically expire after a certain time, keeping the data fresh.
---
### Redis Commands Used:
- **`get(key)`**: Retrieves the value associated with the key from Redis.
- **`setex(key, expireTime, value)`**: Sets a key with an expiration time (in seconds) and the associated value.
### Benefits of Using Redis for Caching:
- **Improved performance**: By caching frequent queries, response times for common requests are greatly reduced.
- **Reduced database load**: Fewer calls are made to the database since Redis serves repeated requests.
- **Scalability**: Redis can handle large volumes of data in memory, making it ideal for high-traffic applications.
---
### Example Use Cases for Redis Caching:
1. **User Data**: Frequently accessed data like user profiles can be cached to avoid repetitive database lookups.
2. **API Results**: Caching the result of external API requests to avoid hitting rate limits or slow responses.
3. **Session Management**: Redis is often used to store user sessions in web applications for faster retrieval.
---
### Summary:
- **Redis** is a fast, in-memory data store commonly used for caching to improve the performance of Node.js applications.
- Caching with Redis reduces the load on databases by temporarily storing frequently accessed data.
- Redis integrates easily with Node.js to provide a lightweight and efficient caching layer for web applications.
**WebSockets** provide a full-duplex communication channel over a single, long-lived connection between a client (usually a browser) and a server. This means that both the client and server can send and receive messages at any time, without needing to constantly open new connections like in traditional HTTP requests.
**Socket.IO** is a library built on top of WebSockets, and it provides real-time, bi-directional communication between the client and server. It adds features like fallback mechanisms (e.g., long polling for older browsers) and a simplified API.
---
### Why Use WebSockets with Socket.IO?
1. **Real-time updates**: Ideal for real-time applications like chat apps, notifications, live updates, and online games.
2. **Efficiency**: Unlike HTTP requests (which open and close connections repeatedly), WebSockets maintain a persistent connection, making communication faster and more efficient.
3. **Bi-directional**: Both the client and server can push updates at any time.
---
### Basic Setup with Socket.IO
To use **Socket.IO** for real-time communication, you need to install both the **server** and **client** libraries:
#### Installation:
```bash
npm install express socket.io
```
---
### Server-Side Code (Node.js with Express and Socket.IO):
```javascript
const express = require('express');
const http = require('http');
const socketIO = require('socket.io');
const app = express();
const server = http.createServer(app);
const io = socketIO(server); // Socket.IO attaches to the server
// Serve the client files
app.get('/', (req, res) => {
res.sendFile(__dirname + '/index.html');
});
// Listen for client connections
io.on('connection', (socket) => {
console.log('A user connected');
// Listen for a message from the client
socket.on('chat message', (msg) => {
console.log('Message from client: ', msg);
// Send the message back to all connected clients
io.emit('chat message', msg);
});
// Handle disconnection
socket.on('disconnect', () => {
console.log('A user disconnected');
});
});
// Start the server
server.listen(3000, () => {
console.log('Server running on port 3000');
});
```
### Explanation:
1. **`io.on('connection')`**: When a client connects, this event triggers. You can listen for incoming messages from the client and send messages back.
2. **`socket.on('chat message', callback)`**: This listens for a specific event (`chat message`) from the client. When the event is received, it processes the data (message) sent by the client.
3. **`io.emit('chat message')`**: This sends the received message to all connected clients, ensuring everyone gets the chat update.
---
### Client-Side Code (HTML with Socket.IO Client):
```html
Socket.IO Chat
Send
const socket = io(); // Connect to the server
// Send a message to the server when the form is submitted
document.querySelector('#form').addEventListener('submit', (e) => {
e.preventDefault(); // Prevent form from submitting in the traditional way
const input = document.querySelector('#input');
socket.emit('chat message', input.value); // Emit a 'chat message' event to the server
input.value = ''; // Clear the input field
});
// Listen for messages from the server
socket.on('chat message', (msg) => {
const li = document.createElement('li');
li.textContent = msg;
document.querySelector('#messages').appendChild(li);
});
```
### Explanation:
1. **Socket.IO client library**: The client-side library is loaded using ``. This library enables communication with the server.
2. **`socket.emit('chat message', message)`**: When the user submits a message, it sends the message to the server via WebSockets.
3. **`socket.on('chat message', callback)`**: When a new message is received from the server, it's appended to the list of messages (`
- `).
---
### How WebSockets Work with Socket.IO:
1. **Connection**: The client opens a WebSocket connection to the server. If WebSockets aren't supported (older browsers), Socket.IO will fall back to other methods like HTTP long polling.
2. **Real-Time Data**: Both the client and server can send and receive messages in real-time through this persistent connection.
3. **Broadcasting**: Messages can be sent to one client, all clients, or specific rooms (groups of clients).
4. **Event-Driven**: Socket.IO uses events like `connection`, `disconnect`, and custom events (e.g., `chat message`) for communication.
---
### Example Use Case: Real-Time Chat App
- When a user sends a message, the client emits a `chat message` event to the server.
- The server receives the message and broadcasts it to all connected clients.
- All clients (including the sender) receive the message and display it in real-time.
---
### Summary:
- **Socket.IO** allows real-time, bidirectional communication between clients and servers.
- It’s built on top of WebSockets but provides additional features and compatibility across browsers.
- Perfect for chat apps, real-time notifications, online games, and collaborative apps.
**Building and Testing APIs** is a crucial part of web development, especially when creating backend services or working on integrations between systems. Here's a simplified breakdown of the process.
### **1. Building APIs:**
APIs (Application Programming Interfaces) allow communication between different software components. For building APIs, you typically use **HTTP methods** like `GET`, `POST`, `PUT`, `DELETE`, etc., which map to CRUD operations.
#### **Building an API with Express.js (Node.js)**:
**Step 1: Setup the Project**
- Initialize a Node.js project:
```bash
npm init -y
```
- Install necessary packages:
```bash
npm install express mongoose body-parser
```
**Step 2: Basic API Setup with Express**
```javascript
const express = require('express');
const bodyParser = require('body-parser');
const mongoose = require('mongoose');
const app = express();
const PORT = 3000;
app.use(bodyParser.json()); // Middleware to parse incoming JSON
// Define a simple route
app.get('/', (req, res) => {
res.send('Hello, World!');
});
// Start the server
app.listen(PORT, () => {
console.log(`Server is running on port ${PORT}`);
});
```
#### **Step 3: Creating CRUD Endpoints**
**Example Model (User Model using Mongoose):**
```javascript
const mongoose = require('mongoose');
const userSchema = new mongoose.Schema({
name: String,
email: String,
age: Number,
});
const User = mongoose.model('User', userSchema);
```
**CRUD Endpoints:**
- **Create** (POST request):
```javascript
app.post('/users', async (req, res) => {
try {
const user = new User(req.body);
await user.save();
res.status(201).send(user);
} catch (err) {
res.status(400).send(err);
}
});
```
- **Read** (GET request):
```javascript
app.get('/users', async (req, res) => {
try {
const users = await User.find();
res.status(200).send(users);
} catch (err) {
res.status(500).send(err);
}
});
```
- **Update** (PUT request):
```javascript
app.put('/users/:id', async (req, res) => {
try {
const user = await User.findByIdAndUpdate(req.params.id, req.body, { new: true });
res.status(200).send(user);
} catch (err) {
res.status(400).send(err);
}
});
```
- **Delete** (DELETE request):
```javascript
app.delete('/users/:id', async (req, res) => {
try {
await User.findByIdAndDelete(req.params.id);
res.status(200).send('User deleted');
} catch (err) {
res.status(500).send(err);
}
});
```
---
### **2. Testing APIs:**
Testing ensures your API behaves as expected. Tools like **Postman** and automated testing libraries like **Jest** or **Mocha** can be used.
#### **Manual Testing with Postman:**
Postman is a widely used tool to manually test APIs.
- **Send Requests**: Using Postman, you can send HTTP requests (GET, POST, PUT, DELETE, etc.) to your API endpoints and inspect the responses.
- **Create Collections**: Group related API requests together for organized testing.
- **Environment Variables**: Postman allows you to set variables for different environments (development, staging, production).
**Example: Testing a POST request in Postman:**
1. Open Postman.
2. Create a new request, select `POST`.
3. Enter the URL `http://localhost:3000/users`.
4. In the "Body" section, select `raw` and `JSON` format, and enter a user object like:
```json
{
"name": "John",
"email": "[email protected]",
"age": 30
}
```
5. Send the request, and observe the response.
---
#### **Automated Testing with Mocha & Chai**:
Automating API testing is useful for large projects. You can use **Mocha** and **Chai** for testing APIs.
- **Install Mocha & Chai**:
```bash
npm install mocha chai chai-http --save-dev
```
**Example Test (Mocha + Chai)**:
```javascript
const chai = require('chai');
const chaiHttp = require('chai-http');
const app = require('../app'); // Assume app.js exports the Express app
chai.use(chaiHttp);
chai.should();
describe('Users API', () => {
// Test for GET all users
it('should get all users', (done) => {
chai.request(app)
.get('/users')
.end((err, res) => {
res.should.have.status(200);
res.body.should.be.a('array');
done();
});
});
// Test for POST a user
it('should create a new user', (done) => {
const user = { name: 'Jane', email: '[email protected]', age: 25 };
chai.request(app)
.post('/users')
.send(user)
.end((err, res) => {
res.should.have.status(201);
res.body.should.be.a('object');
res.body.should.have.property('name').eq('Jane');
done();
});
});
});
```
- **Run the Test**:
```bash
npx mocha
```
---
### **Summary:**
1. **Building APIs**: You build APIs by setting up routes in a framework like Express.js, defining models (like using Mongoose with MongoDB), and implementing CRUD operations (Create, Read, Update, Delete).
2. **Testing APIs**: You can manually test APIs using **Postman** or automate tests using **Mocha**, **Chai**, or other testing libraries to ensure the API behaves as expected.
3. **Best Practices**:
- **Validation**: Always validate incoming data (e.g., using libraries like **Joi**).
- **Error Handling**: Provide proper error messages and status codes for client and server errors.
- **Security**: Implement authentication (JWT) and data sanitization to avoid security risks.
By following these steps, you can effectively build and test APIs for web applications.
**Testing** is a crucial part of the software development process to ensure that the code works as expected and is free of bugs. In web development, testing helps validate both backend and frontend functionality, ensuring that your APIs, services, and UI behave as intended. Testing can be done manually or through automated tools.
There are different types of testing, including unit testing, integration testing, and end-to-end (E2E) testing.
### **Types of Testing:**
1. **Unit Testing**:
- **Definition**: Unit tests check the smallest parts (units) of an application in isolation, such as functions or methods, to ensure they work correctly.
- **Goal**: To verify the functionality of individual components of the code without worrying about external dependencies.
- **Example**: Testing if a function that calculates the sum of two numbers returns the correct result.
**Example in JavaScript:**
```javascript
const sum = (a, b) => a + b;
// Test
console.log(sum(2, 3) === 5); // true
```
**Using a Testing Framework like Jest**:
```javascript
const sum = (a, b) => a + b;
test('adds 2 + 3 to equal 5', () => {
expect(sum(2, 3)).toBe(5);
});
```
2. **Integration Testing**:
- **Definition**: Integration tests check how different units (modules or components) work together. It focuses on the interaction between multiple components, like testing an API and the database together.
- **Goal**: Ensure that the integrated components work as a complete system.
- **Example**: Testing if an API endpoint can successfully fetch data from a database and return it to the client.
**Example of Integration Test using Mocha and Chai:**
```javascript
const chai = require('chai');
const chaiHttp = require('chai-http');
const app = require('../app'); // Your Express app
chai.use(chaiHttp);
chai.should();
describe('API Integration Test', () => {
it('should fetch all users from the database', (done) => {
chai.request(app)
.get('/api/users')
.end((err, res) => {
res.should.have.status(200);
res.body.should.be.a('array');
done();
});
});
});
```
3. **End-to-End (E2E) Testing**:
- **Definition**: E2E tests check the entire workflow of an application from the user's perspective. These tests simulate real user scenarios and verify if the entire system works as expected.
- **Goal**: Test the application in the way a real user would use it, including the UI, backend, and database interactions.
- **Example**: Testing if a user can successfully log in, navigate through pages, and log out.
**Using Cypress for E2E Testing**:
```javascript
describe('Login Page Test', () => {
it('should successfully log in', () => {
cy.visit('/login');
cy.get('input[name="username"]').type('testuser');
cy.get('input[name="password"]').type('password123');
cy.get('button[type="submit"]').click();
cy.url().should('include', '/dashboard');
});
});
```
---
### **Common Testing Tools:**
1. **Jest**:
- **Usage**: Mainly for unit testing in JavaScript/Node.js.
- **Features**: Easy to set up, built-in assertions, supports mocking, and can be extended for integration testing.
- **Example**: Testing a function with `toBe` or `toEqual`.
2. **Mocha & Chai**:
- **Mocha**: A feature-rich JavaScript test framework for Node.js.
- **Chai**: An assertion library that pairs with Mocha for better test readability (`should`, `expect`, `assert`).
- **Usage**: Can be used for both unit and integration testing.
3. **Cypress**:
- **Usage**: For E2E testing, particularly in frontend applications.
- **Features**: Runs directly in the browser and interacts with your web app in real-time.
4. **Supertest**:
- **Usage**: For testing HTTP APIs in Node.js.
- **Features**: Makes testing RESTful APIs easier by simulating HTTP requests.
5. **Postman**:
- **Usage**: For manually testing APIs. Postman can send requests to your server and check if the API responses match the expected results.
- **Features**: Create collections of API requests, automate them, and run tests on the response.
---
### **Testing Workflow:**
1. **Writing Tests**:
- Start by writing simple tests for individual functions (unit testing).
- Write integration tests to check how these functions/modules work together (e.g., testing an API endpoint with database interaction).
- Add end-to-end tests to ensure the entire application works correctly from the user's perspective.
2. **Running Tests**:
- Use testing frameworks like **Jest** or **Mocha** to run the tests.
- Automated tests should be part of your continuous integration (CI) pipeline to ensure that your codebase remains stable with every change.
3. **Test Coverage**:
- **Goal**: To check how much of your codebase is covered by tests.
- Tools like Jest and Mocha provide **test coverage reports** that show which parts of your code were executed during the test run.
**Example of Running Jest with Coverage**:
```bash
jest --coverage
```
4. **Handling Edge Cases**:
- Write tests that check for errors, unexpected inputs, and edge cases.
- For example, in a login form, test how the system behaves when invalid or incomplete data is entered.
---
### **Best Practices in Testing:**
1. **Write Tests Early**: It’s a good habit to write tests as you develop your application (Test-Driven Development - TDD). This ensures that your code is always tested and works as expected.
2. **Isolate Unit Tests**: Ensure that unit tests are isolated and don't depend on external systems (e.g., databases or APIs). Use **mocks** to simulate these dependencies.
3. **Keep Tests Fast**: Unit and integration tests should be fast so they can be run frequently during development.
4. **Test for Errors**: Always write tests for negative scenarios (e.g., testing if an API returns an error when invalid input is provided).
5. **Maintain Readable Tests**: Tests should be easy to read and understand. Use meaningful assertions and proper test descriptions.
---
### **Conclusion**:
- **Unit Testing**: Tests individual components in isolation.
- **Integration Testing**: Ensures that different modules work together.
- **E2E Testing**: Simulates real user interactions with the entire system.
- **Tools**: Postman, Jest, Mocha, Chai, Cypress are common tools used for testing.
By incorporating these testing strategies, you'll have confidence in the reliability and functionality of your application, making it easier to maintain and scale over time.