- fork this repository & create a new branch for your work
- write all of your code in a directory named
lab-
+<your name>
e.g.lab-susan
- push to your repository
- submit a pull request to this repository
- submit a link to your PR in canvas
- write a question and observation on canvas
- students will be able to create bearer authentication middleware
- students will be able to utilize their bearer authentication middleware in their route structures
- students will be able to test against authenticated routes
package.json
.eslintrc.json
.gitignore
.env
README.md
- create a bearer auth middleware module (feel free to use the one from lecture as a reference point)
- create a new resource (Schema) that has at least three properties
- this resource must have a property of
userID
that references the_id
of the auth model that created the resource - the
userID
property can only be set from an_id
found using your bearer auth middleware module
- this resource must have a property of
- as always, use the npm
debug
module to log function calls that are used within your application - using the express
Router
, create routes for doing RESTFUL CRUD operations against your resource
POST
request- pass data as stringifed JSON in the body of a post request to create a new resource
GET
request- pass the id of a resource though the url endpoint to
req.params
to fetch a resource PUT
request- pass data as stringifed JSON in the body of a put request to update a resource
DELETE
request- pass the id of a resource though the url endpoint (using
req.params
) to delete a resource
- create a test to ensure that your API returns a status code of 404 for routes that have not been registered
- create a series of tests to ensure that your
/api/resource-name
endpoint responds as described for each condition below: GET
- test 200, for a request made with a valid idGET
- test 200, for a request made with no id paramGET
- test 401, if no token was providedGET
- test 404, for a valid request with an id that was not foundPUT
- test 200, for a post request with a valid bodyPUT
- test 401, if no token was providedPUT
- test 400, if the body was invalidPUT
- test 404, for a valid request made with an id that was not foundPOST
- test 200, for a post request with a valid bodyPOST
- test 401, if no token was providedPOST
- test 400, if no body was provided or if the body was invalidDELETE
- test 200, for a post request with a valid bodyDELETE
- test 401, if no token was providedDELETE
- test 404, for a valid request made with an id that was not found