The project is based on the given environment variables in the ./client/.env file as below:
REACT_APP_AUTH0_DOMAIN=dev-oery5ndggggtcgox.us.auth0.com
REACT_APP_AUTH0_CLIENT_ID=Ud7HCLmUzcbkPamP6LdX9R8UApAIS8J5
REACT_APP_API_ENDPOINT=https://q59dcyvvgj.execute-api.us-east-1.amazonaws.com/dev
Please copy-paste the above variables to your ./client/.env file
-
The application allows users to create, update, delete TODO items
-
CREATE TODO Item:
- We can see a POST request method to a "REACT_APP_API_ENDPOINT/todos" path.
- Serverless backend' API returned a HTTP 201 status code.
- Client frontend displays a new task
-
UPDATE TODO Item:
- We can see a PATCH request method to a REACT_APP_API_ENDPOINT/todos/{todoId}.
- Serverless backend' API returns a HTTP 200 status code.
- Client frontend shows a check in the box
-
DELETE TODO Item:
- We can see a DELETE request method to a REACT_APP_API_ENDPOINT/todos/{todoId}.
- Serverless backend' API returns a HTTP 200 status code.
- Client frontend doesn't show task#2 anymore
-
-
The application allows users to upload a file.
- We can see a PUT request method to a Pre-signed URL.
- Serverless backend' API returns a HTTP 200 status code.
- Client frontend also shows an image under task#3 item
-
The application only displays TODO items for a logged in user.
Note:
Currently, I logged in with user name: "fakeemail1@gmail.com" as can be seen under "Console" of previous screenshotNow, I will log out & log in with another user: "fakeemail2@gmail.com" & show the differences between each user's todo items as the following:
-
Authentication is implemented and does not allow unauthenticated access.
- We can see a GET request method to a "REACT_APP_API_ENDPOINT/todos" path without Authentication, which results in an access denied
- Serverless backend' API returns a HTTP 401 status code.
- Postman shows a response message with "Unauthorized"
-
The code is split into multiple layers separating business logic from I/O related code.
-
Code is implemented using async/await and Promises without using callbacks.
- All resources in the application are defined in the "serverless.yml" file
- Each function has its own set of permissions.
- Application has sufficient monitoring.
-
Thanks to reviewer's suggestions, I added X-Ray tracing for S3 & DynamoDB as well. Please see my X-Ray traces as below:
-
Application logs are shown under CloudWatch's log groups with Winston's logs for troubleshooting
- HTTP requests are validated
- Thanks to reviewer's comment, I added "minLength" & "pattern" properties in the models to filter out invalid task name.
- In order to create-todo & update-todo, we used APIGateway's validator with the following schemas:
- Data is stored in a table with a composite key.
- Scan operation is not used to read data from a database.
<====================> END-OF-PROJECT RUBRIC <====================>
- Go to the "backend" folder, run the following command to install node_modules:
$ npm install
- Configure the "serverless.yaml":
-
Authentication
-
Client side
-
Backend side
-
-
GetToDos
-
CreateTodo
-
UpdateTodo
- UpdateItem: Plz refer to these links:
-
DeleteTodo
- DeleteItem: Remember to add "cors: true" under function in serverless.yml
-
GenerateUploadURL