In these coding notes I'm sharing my learning experiences and things that usually took time to understand and I hope they'll help you save some of your time. Enjoy! (All articles are released under a Creative Commons BY-NC license)
It’s time to take care of a key point on our RESTful API: the security. We have our endpoints to manage users and tasks,
but right now any client that knows where our API is running can access the endpoints. This is not safe, in the real
world you’d want to control who has access to your API and you need to check with every request that it’s coming from
a trusted source.
Now it’s time to play a bit with our express server and start adding some functionality (interesting functionality) to it.
Our first job is to organize the server code, so for that purpose we’ll create two new directories under the server
So in our last post we left our project with the mongoose models ready to be used. All we need to do now is connect to
a real mongo database and start using our models to manipulate the data on it.
Ok, if everything went well, you should have package.json file on your project folder and it should look like the
example one shown to you by the npm init wizard. After this, there are lots of things to be done to have our project
setup and running. So let’s get started by setting up our database.
The web server will be the core of our API. It will handle all the incoming HTTP requests, validate the payload data,
do the necessary security checks, fetch the requested data from the database and finally answer with a valid HTTP
response to the requester.