Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Build your API with Node.js

Avatar for Mot Mot
August 03, 2012
Programming
440
4

Build your API with Node.js

Avatar for Mot

Mot

August 03, 2012

More Decks by Mot

See All by Mot
OSS Capital + Dotenv
Avatar for Mot motdotla
0
100
Airplane + Dotenv
Avatar for Mot motdotla
0
66
Sponsor Dotenv
Avatar for Mot motdotla
0
39
Dotenv + Netlify
Avatar for Mot motdotla
0
37
Dotenv + Auth0
Avatar for Mot motdotla
0
41
Dotenv + WorkOS
Avatar for Mot motdotla
0
73
Dotenv + Mux
Avatar for Mot motdotla
0
41
Dotenv + Strapi
Avatar for Mot motdotla
0
72
Dotenv + Sizzy
Avatar for Mot motdotla
0
30

Other Decks in Programming

See All in Programming
脅威をエンジニアリングの糧にして――現場編 / Turning Threats into Engineering Fuel — Field Edition
Avatar for nrs nrslib
0
260
AI 時代のソフトウェア設計の学び方
Avatar for 増田 亨 masuda220
PRO
29
12k
ユニットテストの先へ:テスト技法で要求・仕様を整理するJava開発実践 / Beyond_Unit_Testing_Practical_Java_Development_Techniques_for_Organizing_Requirements_and_Specifications
Avatar for SHIMANE, Yoshikazu shimashima35
0
360
Hunting Vulnerabilities in Symfony with LLMs
Avatar for Vincent Amstoutz vinceamstoutz
0
300
AIとASP.NET Coreで雑Webアプリを作った話
Avatar for Mayuki Sawatari mayuki
0
410
AI時代の仕事技芸論 — ソフトウェア開発で「遊ぶように働く」職人的熟達のすすめ
Avatar for Yoshihito Kuranuki / 倉貫義人 kuranuki
1
620
Modding RubyKaigi for Myself
Avatar for yui-knk yui_knk
0
900
フロントエンドとバックエンドで「1文字」を揃えよう
Avatar for てきめん tekimen youkidearitai
PRO
0
220
Oxlintのカスタムルールの現況
Avatar for syumai syumai
6
1k
IBM Bobを活用したレガシーアプリの最新化
Avatar for Akira Onishi (IBM) oniak3ibm
PRO
1
170
AIで効率化できた業務・日常
Avatar for Ochtum ochtum
0
110
開発体験を左右するライブラリの API 設計 - GraphQL スキーマ構築ライブラリから考える #tskaigi
Avatar for izumin5210 izumin5210
2
1.6k

Featured

See All Featured
Introduction to Domain-Driven Design and Collaborative software design
Avatar for Kenny Baas-Schwegler baasie
1
820
How GitHub (no longer) Works
Avatar for Zach Holman holman
316
150k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
Avatar for Dan Newman danielanewman
231
23k
Learning to Love Humans: Emotional Interface Design
Avatar for Aarron Walter aarron
275
41k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
Avatar for panda_program panda_program
122
22k
Designing Powerful Visuals for Engaging Learning
Avatar for Mike Taylor tmiket
1
400
Mozcon NYC 2025: Stop Losing SEO Traffic
Avatar for Sam Torres samtorres
1
250
Data-driven link building: lessons from a $708K investment (BrightonSEO talk)
Avatar for Szymon Słowik szymonslowik
1
1.1k
The browser strikes back
Avatar for Jono Alderson jonoalderson
0
1.1k
Darren the Foodie - Storyboard
Avatar for Kevinho.art khoart
PRO
3
3.4k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
38
2.9k
世界の人気アプリ100個を分析して見えたペイウォール設計の心得
Avatar for Akihiro Kokubo akihiro_kokubo
PRO
71
40k

Transcript

  1. Build your API with Node.js Thursday, August 2, 2012

  2. About Me I am a Ruby developer getting more and

    more into Javascript. Find me at http://scottmotte.com I am making http://boxysign.com Find slides at http://speakerdeck.com/u/scottmotte Thursday, August 2, 2012

  3. Download & Installation • Visit http://nodejs.org/#download • Follow the install

    instructions • Open up your command line (Terminal on mac), and type: node -v Thursday, August 2, 2012

  4. Setup API Node.js app • Create a folder called node-api

    • Create node-api/package.json • Create node-api/app.coffee • npm install • coffee app.coffee • open http://localhost:3000 https://gist.github.com/3241615 Thursday, August 2, 2012

  5. package.json { "name": "node-api", "version": "0.0.1", "author": "scottmotte", "main": "app.coffee",

    "dependencies": { "coffee-script" : "latest", "express" : "latest" } } Thursday, August 2, 2012

  6. app.coffee express = require("express") app = express() app.configure -> app.use

    express.bodyParser() app.get "/", (req, res) -> res.send "API" Thursday, August 2, 2012

  7. Add your first API route • Add a GET route

    to app.coffee called: /api/test.json • Restart your server (coffee app.coffee) • Browse to localhost:3000/api/test.json https://gist.github.com/3241676 Thursday, August 2, 2012

  8. app.coffee express = require("express") app = express() app.configure -> app.use

    express.bodyParser() app.get "/", (req, res) -> res.send "API" app.get "/api/test.json", (req, res) -> res.json { success: true } app.listen 3000 Thursday, August 2, 2012

  9. Add testing with Mocha • Update package.json with mocha, request,

    and should • Add test file at node-api/test/app_test.coffee • Restart your server (coffee app.coffee) • Run: mocha --compilers coffee:coffee-script https://gist.github.com/3241806 Thursday, August 2, 2012

  10. package.json { "name": "node-api", "version": "0.0.1", "author": "scottmotte", "main": "app.coffee",

    "dependencies": { "coffee-script" : "latest", "express" : "latest", "mocha" : "latest", "request" : "latest", "should" : "latest" } } Thursday, August 2, 2012

  11. app.coffee request = require 'request' should = require 'should' describe

    "GET /api/test.json", -> url = "http://localhost:3000/api/test.json" it "returns a success response", (done) -> request.get {url: url}, (e, res) -> json = JSON.parse res.body json.success.should.equal(true) done() Thursday, August 2, 2012

  12. HTTP Auth: api_token • Add a POST route to app.coffee

    called: /api/sessions.json • Add some mocha tests to return token on valid email and password combination. • Restart your server (coffee app.coffee) • Run: mocha --compilers coffee:coffee-script https://gist.github.com/3241913 Thursday, August 2, 2012

  13. app.coffee express = require("express") app = express() app.configure -> app.use

    express.bodyParser() VALID_EMAIL = "[email protected]" VALID_PASSWORD = "password" app.get "/", (req, res) -> res.send "API" app.get "/api/test.json", (req, res) -> res.json { success: true } app.post "/api/sessions.json", (req, res) -> if req.body.email == VALID_EMAIL && req.body.password == VALID_PASSWORD res.json { success: true, token: VALID_API_TOKEN } else res.json { success: false, error: { message: "Authentication failed." } } app.listen 3000 Thursday, August 2, 2012

  14. app_test.coffee request = require 'request' should = require 'should' ..

    describe "POST /api/sessions.json", -> url = "http://localhost:3000/api/sessions.json" json = {email: "[email protected]", password: "password"} it "correct email/password combo", (done) -> request.post {url: url, json: json}, (e, res) -> json = res.body json.success.should.equal(true) json.should.have.property('token') done() it "wrong password", (done) -> json.password = "WRONGPASSWORD" request.post {url: url, json: json}, (e, res) -> json = res.body json.success.should.equal(false) done() it "non-existing email", (done) -> json.email = "[email protected]" request.post {url: url, json: json}, (e, res) -> json = res.body json.success.should.equal(false) done() Thursday, August 2, 2012

  15. HTTP Auth: parse and authenticate authorization header • Parse the

    http authorization header • Authenticate person against api token in authorization header • Add a GET route to app.coffee called: /api/test/authentication.json • Restart your server (coffee app.coffee) • Run: mocha --compilers coffee:coffee-script https://gist.github.com/3242082 Thursday, August 2, 2012

  16. app.coffee ... class Helper @req_basic_auth: (req) -> header = req.headers['authorization']

    return unless header token = header.split(/\s+/).pop() auth = new Buffer(token, 'base64').toString() auth.split(/:/)[0] @requireApiPerson = (req, res, next) -> api_token = Helper.req_basic_auth(req) if api_token == VALID_API_TOKEN next() else res.status(401) return res.json { success: false, error: {message: "Please use a working authorization token." }} ... app.get "/api/test/authentication.json", Helper.requireApiPerson, (req, res) -> res.json { success: true } app.post "/api/sessions.json", (req, res) -> if req.body.email == VALID_EMAIL && req.body.password == VALID_PASSWORD res.json { success: true, token: VALID_API_TOKEN } else res.json { success: false, error: { message: "Authentication failed." } } app.listen 3000 Thursday, August 2, 2012

  17. app_test.coffee request = require 'request' should = require 'should' ...

    describe "GET /api/test/authentication.json", -> valid_api_token = "12345" it "authenticates with valid api token", (done) -> request.get {url: "http://#{valid_api_token}:@localhost:3000/api/test/authentication.json"}, (e, res) -> json = JSON.parse res.body json.success.should.equal(true) done() it "does not authenticate with invalid api token", (done) -> request.get {url: "http://INVALIDTOKEN:@localhost:3000/api/test/authentication.json"}, (err, res) -> json = JSON.parse res.body json.success.should.equal(false) done() Thursday, August 2, 2012

  18. Persist to a database • Add a POST route to

    app.coffee called: /api/people/create.json • Add some mocha tests to create the person with email and password (encrypt the password with bcrypt) • Restart your server (coffee app.coffee) • Run: mocha --compilers coffee:coffee-script https://gist.github.com/3243590 Thursday, August 2, 2012

  19. package.json { "name": "node-api", "version": "0.0.1", "author": "scottmotte", "main": "app.coffee",

    "dependencies": { "bcrypt" : "latest", "coffee-script" : "latest", "express" : "latest", "mocha" : "latest", "mongoose" : "latest", "request" : "latest", "should" : "latest" } } Thursday, August 2, 2012

  20. app.coffee express = require("express") app = express() Person = require('./app/models/person')

    ... app.post "/api/people/create.json", (req, res) -> person = new Person() person.email = req.body.email person.password = req.body.password person.save (e) -> return res.json { success: false, error: {message: e} } if !!e res.json { success: true } app.listen 3000 Thursday, August 2, 2012

  21. person.coffee bcrypt = require('bcrypt') mongoose = require('mongoose') mongoose.connect('mongodb://localhost/node_api_development') Schema =

    mongoose.Schema ObjectId = Schema.ObjectId class Helpers @encryptPassword: (password) -> salt = bcrypt.genSaltSync(10) hash = bcrypt.hashSync(password, salt) @validatePresenceOf = (value) -> value and value.length PersonSchema = new Schema( email: { type: String, index: { unique: true } } crypted_password: { type: String } ) PersonSchema.virtual("password").set (password) -> if !!password @crypted_password = Helpers.encryptPassword(password) PersonSchema.pre "save", (next) -> if !Helpers.validatePresenceOf(@crypted_password) next new Error("Password required") else if !Helpers.validatePresenceOf(@email) next new Error("Email required") else next() Person = mongoose.model("PersonSchema", PersonSchema) module.exports = Person Thursday, August 2, 2012

  22. app_test.coffee ... describe "POST /api/people/create.json", -> url = "http://localhost:3000/api/people/create.json" json

    = {email: "[email protected]", password: "password"} beforeEach (done) -> Person.collection.remove (e) -> done() it "successfully creates", (done) -> request.post {url: url, json: json}, (e, res) -> json = res.body json.success.should.equal(true) done() it "does not create if missing email", (done) -> json.email = "" request.post {url: url, json: json}, (e, res) -> json = res.body json.success.should.equal(false) done() it "does not create if missing password", (done) -> json.password = "" request.post {url: url, json: json}, (e, res) -> json = res.body json.success.should.equal(false) done() Thursday, August 2, 2012

  23. Next Steps (for another day) • Update requireApiPerson and /api/sessions

    to authenticate against people in the mongoose database • Add more routes and models to do things Thursday, August 2, 2012