Read these instructions carefully. Understand exactly what is expected before starting this Sprint Challenge.
This challenge allows you to practice the concepts and techniques learned over the past sprint and apply them in a concrete project.
This is an individual assessment. All work must be your own. All projects will be submitted to codegrade for automated review. You will also be given feedback by code reviewers the Monday (Wednesday for PT) after challenge submissions. For more information on the review process click here.
You are not allowed to collaborate during the sprint challenge.
In this challenge you will create a login page and request a token from the server that you'll use to send all other requests to the server. You will then be able to fetch the article data array, update data, and delete data.
[ ] Run npm install to install your dependencies. [ ] Run npm start to run your frontend and backend code automatically. [ ] Note your backend code will run automatically when your run npm start. There is no need to seperately run a server.js file and no means to test the server through postman or the browser. Feel free to ignore any messages related to MSW or mock service workers.
In this project, you will demonstrate your mastery of these skills by creating a login page and basic CRUD application. You will implement basic security using token authentication and build private routes within the application.
-
[POST] * to
http://localhost:5000/api/login: returns a the current authenication information of the user. Pass in the following credentials as thebodyof the request:{ username: 'Lambda', password: 'School' }for a successful login. -
[POST] * to
http://localhost:5000/api/logout: returns the expired authentication information of the user. -
[GET] to
http://localhost:5000/api/articles: returns the all articles currently available. This endpoint can only be accessed by an authenticated user. -
[GET] to
http://localhost:5000/api/articles/:id: returns a single article with the id. This endpoint can only be accessed by an authenticated user. -
[POST] to
http://localhost:5000/api/articles: creates a article object. Returns all available articles. Pass the article as thebodyof the request. This endpoint can only be accessed by an authenticated user. -
[PUT] to
http://localhost:5000/api/articles/:id: updates the article using theidpassed as part of the URL. Returns all available articles. Send the updated article object as thebodyof the request. This endpoint can only be accessed by an authenticated user. -
[DELETE] to
http://localhost:5000/api/articles/:id: removes the article with theidreferenced. Returns all available articles. This endpoint can only be accessed by an authenticated user.
{
id: 'aMqwd', //unique article id
headline: "headline", //title of article
createdOn: '2021-08-09T18:02:38-04:00
', //timestamp of when article was added
summary: "summary", //short summary statement of article
body: "" //paragraph of article text
}
See reference materials at the bottom of the this document for API Reference Details.
Build the needed utilities to restrict access to private routes.
- Build a
Routecomponent that renders renderingLogin.jsto the path/. - Build a
Routecomponent that renders renderingLogin.jsto the path/login. - Build a
Routecomponent that renders renderingView.jsto the path/view. - Build a
Routecomponent that renders renderingLogout.jsto the path/logout.
Build a login form to authenticate your users along with all the components and utilities needed to support authentication.
- In
Login.js, build all UI and state functionality needed to capture a username and password. On a successful login, redirect user to theView.jscomponent. - Make sure that the input for your username and password includes the id="username" and id="password" attributes. Codegrade autotests will fail without them.
- Make sure that the submit button to your login form includes the id="submit" attribute. Codegrade autotests will fail without them.
- In
Login.js, add a p tag that will display an error if one occurs. Add in all state functionality needed to support error display. - Make sure your error p tag has an id="error" attribute attached. Codegrade autotests will fail without them.
- Construct an http request that retrieves an auth token from the server when the username
Lambdaand the passwordSchoolis passed into the request. Complete successful login auth flow and redirect toView.js. - Display an appropriate error message when login is not successful.
- Build a
PrivateRoutecomponent within the components folder. - Use the
PrivateRoutecomponent to build a route renderingView.jsto the path/view. - Use the
PrivateRoutecomponent to build a route renderingLogout.jsto the path/logout.
Complete the requests needed to execute all CRUD functions.
-
Build a
axiosWithAuthmodule within the utils folder to create an instance of axios with the authentication header. -
In
View.js, completehandleDeleteso that a http request is made that deletes the article with the included id. After successfully deleting the article on the api, update local state to reflect these changes. -
In
View.js, completehandleDeleteso that a http request is made that deletes the article with the included id. After successfully deleting the article on the api, update local state to reflect these changes. -
editIdis passed into theEditFormcomponent. InEditForm.js, make a http request on mount to get the article with the ideditId. Save the result in state. -
In
View.js, completehandleEditso that a http request is made that updates the passed in article. Set the editing state to false when the request is complete. After successfully deleting the article on the api, update local state to reflect these changes.
Add in the http requests needed to logout of the application.
- In
Logout.js, execute a http request to logout on mount. When the request is complete, the user's security token should be removed and the browser should redirect to the login page.
Add the following tests within Article.test.js.
- Build a test that shows the
Articlecomponent, given the correct props, can render without errors. - Build a test that shows that when a correctly formatted article is passed into the
Articlecomponent, the correct headline, author, summary and body are displayed. - The
Articlecomponent should display "Associated Press" when an author attribute is not avalible. Build a test that verifies that that is true. - Build a test that show that when the deleteButton is pressed on an Article, the handleDelete functional property is executed.
- You are welcome to create additional files but do not move or rename existing files or folders.
- Do not change your
package.jsonfile except to install additional libraries. - In your solution, it is essential that you follow best practices and produce clean and professional results.
- Schedule time to review, refine, and assess your work and perform basic professional polishing including spell-checking and grammar-checking on your work.
- It is better to submit a challenge that meets MVP than one that attempts too much and does not.
- Submit via Codegrade by commiting and pushing any new changes to your main branch.
- Check Codegrade before the deadline to compare its results against your local tests.
- Check Codegrade on the days following the Sprint Challenge for reviewer feedback. For more information on how to access and read your feedback, check here
- New commits will be evaluated by Codegrade if pushed before the sprint challenge deadline.
Be prepared to demonstrate your understanding of this week's concepts by answering questions on the following topics. Add your answers below.
- Explain what a token is used for.
token is used for authorization
- What steps can you take in your web apps to keep your data secure?
use a protected route or authentication header with out api calls
- Describe how web servers work.
web browser requests a page from the web server and then the web server give the page
-
Which HTTP methods can be mapped to the CRUD acronym that we use when interfacing with APIs/Servers.
C: Post R: Get U: Put D: Delete