The latest articles on DEV Community by Precious Abubakar (@pda). https://dev.to/pda https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F868273%2Ff23ff476-9a14-44a3-9a80-51ee734dc50d.jpeg https://dev.to/pda en Precious Abubakar Sat, 20 Jul 2024 03:15:21 +0000 https://dev.to/pda/future-proofing-your-software-a-beginners-guide-to-compatibility-39mf https://dev.to/pda/future-proofing-your-software-a-beginners-guide-to-compatibility-39mf <p>Have you ever redecorated a room? You might swap out the furniture or repaint the walls. Similarly, software is constantly evolving. Updates are essential to keep your programs running smoothly and securely. They handle bug fixes, patch security vulnerabilities, and introduce new features. However, just like a brand-new rug might not match your existing curtains, software updates can sometimes clash with older versions of the code or data formats. Hence, understanding backward and forward compatibility becomes essential.</p> <h2> What is Compatibility? </h2> <p>In large-scale applications, code changes often cannot happen at once. With server-side applications, you may want to perform a staged rollout (i.e., gradually deploying the new version to a few users before making it available to everyone), reducing the risk of downtime. With client-side applications, you're at the mercy of the user, who may not install the update for some time. As a result, old and new versions of the code may exist in the system at the same time. For the system to continue running smoothly, you need to maintain compatibility in both directions:</p> <ul> <li><p>Backward compatibility</p></li> <li><p>Forward compatibility</p></li> </ul> <h3> Forward Compatibility </h3> <p>When a program attempts to be as compatible as possible with future versions of itself, this is known as forward compatibility. This largely involves the old code ignoring additions by the new code; skipping formats it does not understand, instead of throwing an exception. In the context of dataflow, this means that older code can read data written by newer code.</p> <h3> Backward Compatibility </h3> <p>A program is considered backward compatible if its dependents continue to work the same way, without modification, on its older versions. In the context of dataflow, this means that newer code can read data written by older code.</p> <p>For example, if you have a database and you add a new field to the schema and make it required, when the new code tries to read data written by the old code, the operation will fail because the old code has no knowledge of the required field and thus there is no value for it. This is a common mistake. A simple practice for maintaining backward compatibility in this scenario is to make all fields added after the initial deployment optional or give them a default value. For the same reason, you should not remove a required field.</p> <p>Backward compatibility is usually easier to achieve because- as the author of the new code, you know how the old code works. You may keep the old code to handle its specific use-case/data format.</p> <h2> Why Should You Care About Compatibility? </h2> <ul> <li><p><strong>Reduced Downtime</strong>: In case of issues with a new version, maintaining compatibility allows for a quick rollback to a stable previous version, minimizing downtime.</p></li> <li><p><strong>Improved User Experience</strong>: Backward compatibility enables older and newer versions to coexist. It reduces the pressure to force immediate updates on all users, avoiding disruptions.</p></li> <li><p><strong>Seamless Updates</strong>: New features and bug fixes can be introduced without worrying about breaking functionality for users on older versions (up to a certain point).</p></li> <li><p><strong>Evolvable Codebase</strong>: Compatibility practices such as using modules and interfaces, and loose coupling of components encourage cleaner and maintainable code that can adapt to future changes.</p></li> </ul> <h2> Challenges to Consider </h2> <ul> <li><p><strong>Balancing New Features and Old Code</strong>: Maintaining compatibility can make it harder to introduce radical changes or completely revamp the codebase in future updates.</p></li> <li><p><strong>Increased Testing</strong>: Ensuring compatibility across multiple versions adds complexity to the testing process.</p></li> <li><p><strong>Technical Debt</strong>: Over time, prioritizing backward compatibility can lead to technical debt, where older code becomes cumbersome to maintain alongside newer versions.</p></li> </ul> <h2> Strategies for Maintaining Compatibility </h2> <h3> Versioning </h3> <p>Setting up a versioning system to track the changes made with each update will help everyone understand how the software works over time.</p> <p>The Semantic Versioning Specification (SemVer) is a popular versioning scheme that uses a Major.Minor.Patch (X.Y.Z) format, where you increment Z if only backward compatible bug fixes are introduced, increment Y if any new backward compatible functionality is added, and increment X for any breaking changes (i.e. backward incompatible functionality). Learn more about SemVer at <a href="http://www.semver.org" rel="noopener noreferrer">www.semver.org</a>.</p> <h3> Clear Deprecation Policy </h3> <p>Communicate a plan for phasing out older features or data formats well in advance, giving users time to adapt.</p> <h3> Modular Design </h3> <p>Break down code into smaller, independent modules so that changes in one section will have minimal impact on others. Modules are chunks of code that have specific functions. They can be reused in different parts of the program. The code snippets below are examples of a basic calculator program written in a monolithic approach vs modular approach.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">function</span> <span class="nf">calculate</span><span class="p">(</span><span class="nx">operation</span><span class="p">,</span> <span class="nx">num1</span><span class="p">,</span> <span class="nx">num2</span><span class="p">)</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">operation</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">add</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">num1</span> <span class="o">+</span> <span class="nx">num2</span><span class="p">;</span> <span class="p">}</span> <span class="k">else</span> <span class="k">if </span><span class="p">(</span><span class="nx">operation</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">subtract</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">num1</span> <span class="o">-</span> <span class="nx">num2</span><span class="p">;</span> <span class="p">}</span> <span class="k">else</span> <span class="k">if </span><span class="p">(</span><span class="nx">operation</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">multiply</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">num1</span> <span class="o">*</span> <span class="nx">num2</span><span class="p">;</span> <span class="p">}</span> <span class="k">else</span> <span class="k">if </span><span class="p">(</span><span class="nx">operation</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">divide</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">num1</span> <span class="o">/</span> <span class="nx">num2</span><span class="p">;</span> <span class="p">}</span> <span class="k">return</span> <span class="dl">'</span><span class="s1">Invalid operation</span><span class="dl">'</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p><em>i. Monolithic design: As you can see, all the logic is in one function. This works but can become difficult to maintain if the application grows.</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="c1">// operations.js</span> <span class="kd">function</span> <span class="nf">add</span><span class="p">(</span><span class="nx">x</span><span class="p">,</span> <span class="nx">y</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">x</span> <span class="o">+</span> <span class="nx">y</span><span class="p">;</span> <span class="p">}</span> <span class="kd">function</span> <span class="nf">subtract</span><span class="p">(</span><span class="nx">x</span><span class="p">,</span> <span class="nx">y</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">x</span> <span class="o">-</span> <span class="nx">y</span><span class="p">;</span> <span class="p">}</span> <span class="kd">function</span> <span class="nf">multiply</span><span class="p">(</span><span class="nx">x</span><span class="p">,</span> <span class="nx">y</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">x</span> <span class="o">*</span> <span class="nx">y</span><span class="p">;</span> <span class="p">}</span> <span class="kd">function</span> <span class="nf">divide</span><span class="p">(</span><span class="nx">x</span><span class="p">,</span> <span class="nx">y</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">x</span> <span class="o">/</span> <span class="nx">y</span><span class="p">;</span> <span class="p">}</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="p">{</span><span class="nx">add</span><span class="p">,</span> <span class="nx">subtract</span><span class="p">,</span> <span class="nx">multiply</span><span class="p">,</span> <span class="nx">divide</span><span class="p">}</span> <span class="c1">// calculator.js</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">add</span><span class="p">,</span> <span class="nx">subtract</span><span class="p">,</span> <span class="nx">multiply</span><span class="p">,</span> <span class="nx">divide</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">./operations.js</span><span class="dl">'</span><span class="p">;</span> <span class="kd">function</span> <span class="nf">calculate</span><span class="p">(</span><span class="nx">operation</span><span class="p">,</span> <span class="nx">num1</span><span class="p">,</span> <span class="nx">num2</span><span class="p">)</span> <span class="p">{</span> <span class="kd">let</span> <span class="nx">result</span><span class="p">;</span> <span class="k">switch </span><span class="p">(</span><span class="nx">operation</span><span class="p">)</span> <span class="p">{</span> <span class="k">case</span> <span class="dl">'</span><span class="s1">add</span><span class="dl">'</span><span class="p">:</span> <span class="nx">result</span> <span class="o">=</span> <span class="nf">add</span><span class="p">(</span><span class="nx">num1</span><span class="p">,</span> <span class="nx">num2</span><span class="p">);</span> <span class="k">break</span><span class="p">;</span> <span class="k">case</span> <span class="dl">'</span><span class="s1">subtract</span><span class="dl">'</span><span class="p">:</span> <span class="nx">result</span> <span class="o">=</span> <span class="nf">subtract</span><span class="p">(</span><span class="nx">num1</span><span class="p">,</span> <span class="nx">num2</span><span class="p">);</span> <span class="k">break</span><span class="p">;</span> <span class="k">case</span> <span class="dl">'</span><span class="s1">multiply</span><span class="dl">'</span><span class="p">:</span> <span class="nx">result</span> <span class="o">=</span> <span class="nf">multiply</span><span class="p">(</span><span class="nx">num1</span><span class="p">,</span> <span class="nx">num2</span><span class="p">);</span> <span class="k">break</span><span class="p">;</span> <span class="k">case</span> <span class="dl">'</span><span class="s1">divide</span><span class="dl">'</span><span class="p">:</span> <span class="nx">result</span> <span class="o">=</span> <span class="nf">divide</span><span class="p">(</span><span class="nx">num1</span><span class="p">,</span> <span class="nx">num2</span><span class="p">);</span> <span class="k">break</span><span class="p">;</span> <span class="nl">default</span><span class="p">:</span> <span class="k">return</span> <span class="dl">'</span><span class="s1">Invalid operation</span><span class="dl">'</span><span class="p">;</span> <span class="p">}</span> <span class="k">return</span> <span class="nx">result</span><span class="p">;</span> <span class="p">}</span> </code></pre> </div> <p>ii. <em>Modular Design: Here, the operations have been separated into a different module, making the code more organized and reusable.</em></p> <h4> <strong>Loose Coupling</strong> </h4> <p>To accommodate different versions and functionalities, code components should be loosely coupled. While modular design is about code structure, coupling is about the interaction between the components. The less they know about each other, the more loosely coupled they are. See an example of loosely vs tightly coupled TypeScript code in the snippet below.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">class</span> <span class="nc">CartService</span> <span class="p">{</span> <span class="nf">constructor</span><span class="p">(</span><span class="k">private</span> <span class="nx">cart</span><span class="p">:</span> <span class="nx">ICart</span><span class="p">)</span> <span class="p">{}</span> <span class="nf">addItem</span><span class="p">(</span><span class="nx">item</span><span class="p">:</span> <span class="kr">string</span><span class="p">)</span> <span class="p">{</span> <span class="k">this</span><span class="p">.</span><span class="nx">cart</span><span class="p">.</span><span class="nf">addItem</span><span class="p">(</span><span class="nx">item</span><span class="p">);</span> <span class="p">}</span> <span class="nf">removeItem</span><span class="p">(</span><span class="nx">item</span><span class="p">:</span> <span class="kr">string</span><span class="p">)</span> <span class="p">{</span> <span class="k">this</span><span class="p">.</span><span class="nx">cart</span><span class="p">.</span><span class="nf">removeItem</span><span class="p">(</span><span class="nx">item</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="kr">interface</span> <span class="nx">ICart</span> <span class="p">{</span> <span class="nf">addItem</span><span class="p">(</span><span class="nx">item</span><span class="p">:</span> <span class="kr">string</span><span class="p">):</span> <span class="k">void</span><span class="p">;</span> <span class="nf">removeItem</span><span class="p">(</span><span class="nx">item</span><span class="p">:</span> <span class="kr">string</span><span class="p">):</span> <span class="k">void</span><span class="p">;</span> <span class="p">}</span> <span class="kd">class</span> <span class="nc">CartImpl</span> <span class="k">implements</span> <span class="nx">ICart</span> <span class="p">{</span> <span class="nf">addItem</span><span class="p">(</span><span class="nx">item</span><span class="p">:</span> <span class="kr">string</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">item</span><span class="p">,</span> <span class="dl">'</span><span class="s1"> added</span><span class="dl">'</span><span class="p">)</span> <span class="p">}</span> <span class="nf">removeItem</span><span class="p">(</span><span class="nx">item</span><span class="p">:</span> <span class="kr">string</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">item</span><span class="p">,</span> <span class="dl">'</span><span class="s1"> removed</span><span class="dl">'</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">cartService</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">CartService</span><span class="p">(</span><span class="k">new</span> <span class="nc">CartImpl</span><span class="p">());</span> <span class="nx">cartService</span><span class="p">.</span><span class="nf">addItem</span><span class="p">(</span><span class="dl">'</span><span class="s1">item1</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// result: 'item1 added'</span> <span class="nx">cartService</span><span class="p">.</span><span class="nf">removeItem</span><span class="p">(</span><span class="dl">'</span><span class="s1">item1</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// result: 'item1 removed'</span> </code></pre> </div> <p><em>i. Loosely coupled: The</em> <code>CartService</code> <em>does not care how the item is added, only that it can be added. It relies on the interface</em> <code>ICart</code> <em>rather than specific implementations. This allows for flexibility as you can switch implementations (e.g., applying a discount) without modifying the</em> <code>CartService</code> <em>code.</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">class</span> <span class="nc">CartService</span> <span class="p">{</span> <span class="k">private</span> <span class="nx">cart</span><span class="p">:</span> <span class="kr">any</span><span class="p">[]</span> <span class="o">=</span> <span class="p">[];</span> <span class="nf">addItem</span><span class="p">(</span><span class="nx">item</span><span class="p">:</span> <span class="kr">string</span><span class="p">)</span> <span class="p">{</span> <span class="k">this</span><span class="p">.</span><span class="nx">cart</span><span class="p">.</span><span class="nf">push</span><span class="p">(</span><span class="nx">item</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="k">this</span><span class="p">.</span><span class="nx">cart</span><span class="p">)</span> <span class="p">}</span> <span class="nf">removeItem</span><span class="p">(</span><span class="nx">item</span><span class="p">:</span> <span class="kr">string</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">index</span> <span class="o">=</span> <span class="k">this</span><span class="p">.</span><span class="nx">cart</span><span class="p">.</span><span class="nf">indexOf</span><span class="p">(</span><span class="nx">item</span><span class="p">);</span> <span class="k">if </span><span class="p">(</span><span class="nx">index</span> <span class="o">!==</span> <span class="o">-</span><span class="mi">1</span><span class="p">)</span> <span class="p">{</span> <span class="k">this</span><span class="p">.</span><span class="nx">cart</span><span class="p">.</span><span class="nf">splice</span><span class="p">(</span><span class="nx">index</span><span class="p">,</span> <span class="mi">1</span><span class="p">);</span> <span class="p">}</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="k">this</span><span class="p">.</span><span class="nx">cart</span><span class="p">)</span> <span class="p">}</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">cartService</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">CartService</span><span class="p">();</span> <span class="nx">cartService</span><span class="p">.</span><span class="nf">addItem</span><span class="p">(</span><span class="dl">'</span><span class="s1">item1</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// result: ['item1']</span> <span class="nx">cartService</span><span class="p">.</span><span class="nf">removeItem</span><span class="p">(</span><span class="dl">'</span><span class="s1">item1</span><span class="dl">'</span><span class="p">);</span> <span class="c1">// result: []</span> </code></pre> </div> <p><em>ii. Tightly coupled: This approach can lead to maintainability issues and reduced flexibility. However, tight coupling is not always a bad thing, so one must always consider the trade-offs of both architectures. Learn more about coupling here-</em> <a href="https://www.pragmaticcoding.ca/java/coupling" rel="noopener noreferrer"><em>It’s All About (Loose) Coupling — PragmaticCoding</em></a><em>.</em></p> <h4> Automated Testing </h4> <p>Automated testing frameworks ensure compatibility across different versions during development.</p> <h3> Conclusion </h3> <p>While compatibility should not be overlooked, striking the right balance is key. Maintaining support for older versions can consume valuable resources. For example, continuing to support Node.js v4 might be impractical, given the availability of several newer, more efficient versions. Always weigh the benefits of supporting older versions against the cost and potential risks.</p> <p>By carefully considering these factors and implementing effective compatibility strategies, you can create software that adapts to change while minimizing user disruptions. For a deeper dive into software evolution, compatibility and other system design concepts, check out the resources below.</p> <h4> References </h4> <ul> <li><p><a href="https://www.oreilly.com/library/view/designing-data-intensive-applications/9781491903063/" rel="noopener noreferrer">Designing Data-Intensive Applications [Book] (oreilly.com)</a></p></li> <li><p><a href="https://www.linkedin.com/pulse/thoughts-backward-forward-compatibility-diego-pacheco/" rel="noopener noreferrer">Thoughts on Backward and Forward Compatibility | LinkedIn</a></p></li> <li><p><a href="https://medium.com/ula-engineering/ensuring-backwards-compatibility-in-your-applications-5107591e9968" rel="noopener noreferrer">Ensuring backward compatibility in your applications | by Shubham Gupta | Ula Engineering | Medium</a></p></li> <li><p><a href="https://semver.org/" rel="noopener noreferrer">Semantic Versioning 2.0.0 | Semantic Versioning (semver.org)</a></p></li> <li><p><a href="https://blog.logrocket.com/dependency-inversion-principle-typescript/" rel="noopener noreferrer">Understanding the dependency inversion principle in TypeScript — LogRocket Blog</a></p></li> <li><p><a href="https://www.pragmaticcoding.ca/java/coupling" rel="noopener noreferrer">It’s All About (Loose) Coupling — PragmaticCoding</a></p></li> </ul> systemdesign beginners architecture software Precious Abubakar Sat, 10 Jun 2023 23:38:06 +0000 https://dev.to/pda/understanding-software-licenses-a-developers-guide-4938 https://dev.to/pda/understanding-software-licenses-a-developers-guide-4938 <p>Software licenses are legally binding documents that provide guidelines for the use, modification, and distribution of software. Understanding software licenses is essential for a developer to make informed decisions when it comes to using and contributing to open source projects or creating proprietary software.</p> <p>This article provides an overview of software licenses and the different types of licenses that a developer may encounter.</p> <h3> Types of Software Licenses </h3> <ol> <li><p><strong>Public Domain License</strong><br> A public domain license (CC0) waives all rights to the software. If your project is in the public domain, that means it is not protected by any copyright laws and can be freely used, modified, and distributed.</p></li> <li><p><strong>Proprietary License</strong><br> Proprietary licenses restrict the distribution, modification, and use of software. The software owner usually maintains control over the source code, features, and usage of the software.</p></li> <li><p><strong>Open Source/Permissive License</strong><br> Open source licenses allow software to be used, modified, and shared without restrictions. They align with the specifications of the <a href="https://opensource.org/osd/">Open Source Definition</a>. e.g. MIT license.</p></li> <li><p><strong>Copyleft License</strong><br> Copyleft licenses are designed to promote free software. “Free” in this context refers to the freedom to share and modify works. The most common one is the GNU General Public License (GPL). The GPL is similar to open source licenses, but it requires that any modifications or derived works be released under the same GPL license. This ensures that the software and its derivatives remain open source and accessible to the community.</p></li> </ol> <h3> Benefits of Software Licensing </h3> <ul> <li><p>A license grants permission so that you don’t have to do it for each individual user.</p></li> <li><p>Licenses protect your intellectual property. They control how your software/source code can be used and prevent piracy.</p></li> </ul> <h3> Open Source Licenses </h3> <p>Open Source Initiative (OSI) has an exhaustive list of <a href="https://opensource.org/licenses/">open source licenses</a>. The most commonly used ones are highlighted below.</p> <h4> The MIT License </h4> <p>The <a href="https://mit-license.org/">MIT License</a> grants permission to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the software under certain conditions.</p> <p>The first condition is that the license text must be included in all copies or substantial portions of the software. This ensures that anyone using the software knows that it is licensed under the MIT License and is aware of the license terms.</p> <p>The second condition is a disclaimer of liability, which means that the authors or copyright holders cannot be held responsible for any problems that may arise.</p> <p>In summary, the MIT License is a permissive software license that allows users to do almost anything they want with the software, as long as they include the license text and do not hold the authors or copyright holders liable for any problems that may arise.</p> <h4> GNU General Public License (GPL) </h4> <p>The GNU <a href="https://www.gnu.org/licenses/gpl-3.0.en.html">General Public Licenses</a> grant permission to use, modify or use pieces of the software in new programs, and distribute copies of the software. It requires that the source code is made available to users, and allows for commercial use and distribution of the software.</p> <p>Unlike MIT, the GNU General Public License is a copyleft license, which means that distributed works based on the software are required to use the same license as the original. As a result of this, software licensed under the GPL cannot be used in paid or proprietary software. However, the Lesser General Public License exists for this purpose.</p> <h4> GNU Lesser General Public License (LGPL) </h4> <p>The GNU <a href="https://www.gnu.org/licenses/lgpl-3.0.en.html">Lesser General Public License</a> is similar to the GPL, but without certain restrictions. It allows users to modify and distribute the software without adopting a GNU License, allowing it to be used in proprietary software.</p> <h4> Apache License (Apache-2.0) </h4> <p>The Apache License is a permissive license that grants individuals and organizations permission to freely use, modify, and distribute software.</p> <p>An interesting feature of the Apache License is its patent clause. This clause grants users the right to use any patents that the contributors to the software may hold. This can be helpful if you are using the software for commercial purposes, as it can help protect you from patent infringement claims.</p> <p>Like most open source licenses, The Apache License also contains a disclaimer of warranties and limitations of liability. This means that the software is provided “as is” and that the original creators of the software cannot be held responsible for any damages that may result from using the software</p> <p>If you create a derivative work based on software licensed under the Apache License, you must include a copy of the Apache License in the new work and retain any copyright, patent, and trademark notices that were included in the original software. You must also clearly indicate any modifications that you made to the original work, and include attribution notices to give credit to the original creators of the software.</p> <p>Overall, the Apache License is a flexible and permissive license that allows for broad use of open-source software, while also providing some protections for both users and contributors.</p> <h4> BSD License </h4> <p>The BSD license allows users to modify, distribute, and use the licensed software without any restrictions on the licenses of derivative works.</p> <p>The BSD License comes in two forms: the two-clause BSD license and the three-clause BSD license. The two-clause BSD license only contains a copyright notice and a disclaimer of warranties, while the three-clause BSD license adds an additional clause that requires users to include attribution notices in derivative works.</p> <p>Similar to other open-source licenses, such as the Apache License, the BSD License contains a disclaimer of warranties and limitations of liability.</p> <p>Overall, the BSD License is a popular choice for open-source projects that value flexibility and minimal restrictions on the use and distribution of their software. However, it may not be the best choice for projects that require stronger protections for their intellectual property.</p> <h4> Mozilla Public License (MPL) </h4> <p>The Mozilla Public License (MPL) is a permissive open-source license that allows users to modify, distribute and use the licensed software without any restrictions on the licenses of derivative works. It is also a copyleft license, as it requires that any derivative works include a copy of the MPL and retain any copyright, patent, and trademark notices.</p> <p>The MPL also contains a patent license clause that provides users with the right to use any patents that a contributor to the software may own. The license has a disclaimer of warranties and limitations of liability, similar to other open-source licenses.</p> <p>One drawback of the MPL is that it may be less compatible with other open-source licenses than some of the more permissive licenses, such as the MIT or Apache Licenses. This can limit the potential for collaboration between projects that use different licenses. However, the MPL is still a widely used open-source license and is particularly popular for software projects with a strong focus on community development and collaboration.</p> <h3> Proprietary Licenses </h3> <p>Some common types of proprietary software licenses are highlighted below.</p> <h4> End User License Agreement (EULA) </h4> <p>An End User License Agreement (EULA) is a legally binding contract between the user and the software owner, which defines the terms and conditions under which the software can be used. Lots of companies make use of EULAs. For example, Microsoft uses an EULA for Windows.</p> <p>The EULA restricts the user from modifying the software, distributing it without permission, or using it in certain ways.</p> <p>An EULA must be clear and concise. It must contain the following information:</p> <ul> <li><p>Copyright notice</p></li> <li><p>Infringement acknowledgment</p></li> <li><p>Licensor information</p></li> <li><p>Software information</p></li> <li><p>Relevant laws</p></li> <li><p>Warranty Disclaimer</p></li> <li><p>Restrictions for use</p></li> <li><p>Site licenses</p></li> <li><p>Start date</p></li> <li><p>Termination of licensing</p></li> <li><p>License granting</p></li> </ul> <p>For a sample, try this <a href="https://termly.io/products/eula-generator/">free EULA generator</a>.</p> <h4> Perpetual License </h4> <p>A perpetual license is an old model of licensing that permits users to use the software indefinitely, after a one-time payment. The license holder has access to that specific version of the software indefinitely. This model is being phased out in favor of subscription-based license models because it does not account for updates and patches, just a one-time revenue hit, which makes it problematic for software owners and end users. It was popular in the early days when you purchased a program by buying a disk with a built-in license.</p> <p>AutoCAD (a design software) used to have a perpetual license, but has moved to a subscription license.</p> <h4> Subscription License </h4> <p>Software has evolved from being perceived as products to Software as a Service (SaaS), and the subscription license model has taken over. It involves paying a regular fee (monthly, annually, or otherwise) to use software, as opposed to a one-time purchase.</p> <p>Subscription licenses offer benefits such as updates and flexibility. With a subscription license, you can offer different tiers of service, and users can choose what meets their needs. Your users can also upgrade or downgrade their subscription based on their changing requirements, reflecting the adaptability needed in today’s dynamic world.</p> <p>Subscription-based licenses eliminate the need for a significant upfront investment as opposed to perpetual licenses. Budgeting becomes easier with regular smaller payments compared to a large one-time payment. Maintenance, upgrades, and renewals are typically included in the subscription cost, unlike perpetual licenses which may require additional expenses as warranties expire. A lot of modern software uses subscription licenses, e.g. Adobe Creative Suite.</p> <h4> Floating License </h4> <p>A science club requests to use your library for research, and you approve their request on one condition- only one person can be granted access at any given time. Since all 5 members do not need to use the library at the same time, they have gladly accepted your offer. This is essentially how a floating license works.</p> <p>A floating license grants a group of users shared access to your software. This means that the software can be installed on a network of computers, allowing access to multiple users. The downside for users is that if the floating license is for 2 users and 2 people are currently using the software, a third user would have to wait. Adobe Creative Cloud offers floating licenses for schools.</p> <h3> Choosing a License </h3> <p>Choosing the right license for your project is essential. Here are some factors to consider when navigating this process.</p> <ul> <li><p><strong>Project Goals</strong><br> Examine the goals of your project. Think about how you want it to be If you want to generate revenue from the project and have control over its usage, proprietary licenses might be the way to go. Open source licenses are ideal for fostering community involvement and collaboration.</p></li> <li><p><strong>Community and Support</strong><br> Consider the existing community and support surrounding various licenses. Open source licenses often come with communities offering assistance, comprehensive documentation, and opportunities for collaborative contributions. This support can be invaluable, providing guidance and fostering growth.</p></li> <li><p><strong>Openness</strong><br> When considering a license, contemplate the level of freedom you want to grant your users. Open source licenses encourage collaboration and the sharing of knowledge, while proprietary licenses grant you greater control over your software. Note that Open Source software does not automatically mean free software (”free” in this context is referring to price).</p></li> <li><p><strong>Compatibility</strong><br> Think about any obligations you have, such as licensing requirements from third-party libraries or components governed by specific licenses. Ensure compatibility between licenses to avoid conflicts or legal issues. For example, if you’re using a third-party library with a GNU GPL, your project cannot have a proprietary license.</p></li> <li><p><strong>Legal Requirements</strong><br> While not the most exciting aspect, legal requirements are crucial. Take the time to acquaint yourself with the legal implications and obligations associated with different licenses. Complying with license terms helps avoid legal pitfalls and ensures a smooth development process.</p></li> </ul> <h3> Conclusion </h3> <p>In conclusion, understanding software licenses is vital for developers. It allows you to make informed decisions about how your software can be used, modified, and distributed. It is essential to consider factors like project goals, community support, openness, compatibility, and legal requirements when choosing a license for your project. By navigating the licensing landscape effectively, you can make the best choice for your project.</p> <h3> Resources </h3> <ul> <li><p><a href="https://opensource.org/licenses/">Licenses — Open Source Initiative</a></p></li> <li><p><a href="https://geekflare.com/software-license/">How to Choose the Right Licensing Model for Your Software</a></p></li> <li><p><a href="https://www.privacypolicies.com/blog/sample-eula-template/">Sample End User License Agreement Template</a></p></li> <li><p><a href="https://www.10duke.com/software-licensing-models/perpetual-software-license/">What’s a Perpetual Software License?</a></p></li> <li><p><a href="https://cpl.thalesgroup.com/software-monetization/software-subscription-license">Software Subscription License</a></p></li> <li><p><a href="https://realpars.com/floating-license/">What is a Floating Software License? Not a Standard License</a></p></li> </ul> softwareengineering opensource softwarelicensing webdev Precious Abubakar Wed, 12 Apr 2023 08:33:05 +0000 https://dev.to/pda/how-to-overcome-the-challenges-of-open-source-contribution-3kof https://dev.to/pda/how-to-overcome-the-challenges-of-open-source-contribution-3kof <p>According to <a href="https://opensourceindex.io/">Open Source Contributor Index</a>, 2443 people in the Microsoft community made at least one commit in January. Out of 2443 people, only 795 made 10+ commits. This suggests a gap between joining an open source project and contributing actively.</p> <p>This article highlights some common challenges that open source contributors face and discuss how to tackle them.</p> <h3> What is Open Source Software? </h3> <p><em>Open source software (OSS) refers to software whose source code is accessible to everyone.</em> This means that you can inspect it, alter it and enhance it from anywhere in the world. Some popular examples of open source software are VLC Media Player, Kubernetes, and Linux.</p> <p>You can contribute to open source through code or no-code skills such as community management, UI/UX design, project management, graphic design, writing, discussions, and advocacy.</p> <h3> Benefits of Contributing to Open Source Software </h3> <p>Here are some reasons why you should consider contributing to open source software:</p> <ul> <li><p><strong>Career Growth:</strong> Contributing to OSS is a great way to gain work experience and build your portfolio. It gives you an opportunity to learn on the job, and at your own pace. You get to understand the technology on a deeper level, and you can identify problems and fix them.<br><br> You can improve your technical (or non-technical) skills by interacting and collaborating with more experienced people in your field. You can also learn valuable soft skills, like how to collaborate and work asynchronously.</p></li> <li><p><strong>Networking:</strong> It provides opportunities for you to connect with people from around the world who have similar interests. Meeting interesting people from across the world can improve the quality of your network.</p></li> <li><p><strong>Giving Back:</strong> Through OSS contributions, you can use your skills to make someone’s life easier. It’s a great way to give back to society.</p></li> </ul> <h3> Common Challenges Open Source Contributors Face </h3> <p>People often find it difficult to make meaningful contributions to open source even though they have an interest, owing to many reasons. Some of these reasons are highlighted below.</p> <ul> <li><p>Finding the right project to contribute to</p></li> <li><p>Lack of clear documentation</p></li> <li><p>Difficulty communicating with other contributors or maintainers</p></li> <li><p>Discrimination and lack of inclusion</p></li> <li><p>Balancing contributions with other commitments</p></li> <li><p>Projects could be overwhelming</p></li> </ul> <h3> Overcoming Challenges Faced During OSS Contributions </h3> <p>Here are some things you can do to make your experience smoother:</p> <ul> <li><p><strong>Start Small:</strong> Joining any team midway through the project lifecycle can be overwhelming. You can start by making small contributions like joining discussions, improving documentation, etc. Look out for issues with tags such as <code>good-first-issue</code> because they are usually easy to contribute to. This will allow you to understand the rules for contributing to that project and how to communicate with the maintainers or ask for assistance.</p></li> <li><p><strong>Seek Community-Focused Open Source Organizations/Projects:</strong> It is important for you to have support while contributing to a project, and the best way to get it is via the community. The community forum is a great communication channel and a source of information. You can join discussions, get help, and connect with people.</p></li> <li><p><strong>Look for a DEI Statement:</strong> DEI stands for diversity, equity, and inclusion. A DEI statement is a declaration of commitment to fostering a culture of diversity, equity, and inclusion in the workplace. If there is no visible DEI statement, ask about their DEI policies. If your values do not align with theirs or you do not feel supported or welcome, it is okay to leave and find one where you feel seen and accepted.</p></li> <li><p><strong>Take Advantage of the Available Resources:</strong> Community meetings and mailing lists are helpful sources of information. If you’re just joining, look out for onboarding sessions. If you’re having trouble reaching maintainers or contributors, try joining a community call. More often than not, these calls are recorded, so you can access the recordings at your convenience.</p></li> <li><p><strong>Manage Your Schedule Effectively:</strong> Typically, nobody expects a full-time commitment from you. You can work asynchronously, but communication is key. People need to know that they can depend on you to finish the task that you have taken on, so you should only accept what you can deliver within the agreed time frame. Always ask for clarification on what is expected of you.</p></li> <li><p><strong>Ask for Help:</strong> Your contribution is valuable. If there’s a problem hindering you from making a contribution, use the communication channels available to you to express yourself. They want you to add value to the project, so they are willing to support you and guide you through it. The chances that your concerns will be addressed and your questions answered are pretty high.</p></li> </ul> <h3> Best Practices for Contributing to Open Source Software </h3> <ul> <li><p>Read the contributing guidelines and adhere to them. They are usually available on the website or in a <a href="http://contributing.md"><code>contributing.md</code></a> file on the project repository.</p></li> <li><p>Read the project documentation.</p></li> <li><p>Make quality contributions by following standard practices in the related field.</p></li> <li><p>Keep your interactions with other people respectful by using inclusive language, refraining from insults, etc.</p></li> <li><p>Use the proper communication channels defined in the contributing guidelines. Do not call or email people unless they consent to it.</p></li> <li><p>When in doubt, ask questions.</p></li> </ul> <h3> Conclusion </h3> <p>Contributing to open source software has its challenges, but it also has its benefits. A number of the challenges open source contributors face can be addressed by leveraging the support that communities provide and taking advantage of the available resources. However, the most important thing is to find a project that aligns with your interests and values. You can find open source projects here:</p> <ul> <li><p><a href="https://opensource.google/projects/">Google Open Source</a></p></li> <li><p><a href="https://firstcontributions.github.io/">First Contributions</a></p></li> <li><p><a href="https://codetribute.mozilla.org/">Codetribute</a></p></li> <li><p><a href="https://ovio.org/">Ovio</a></p></li> <li><p><a href="https://up-for-grabs.net/#/">Up For Grabs</a></p></li> </ul> <h3> Resources </h3> <ul> <li><p><a href="https://medium.com/shecodeafrica/open-source-contributions-a-catalyst-for-growth-b823fc5752b1">Open Source Contributions: A Catalyst for Growth</a></p></li> <li><p><a href="https://medium.com/shecodeafrica/building-a-career-in-open-source-e0f77852f44">Building a Career in Open Source</a></p></li> <li><p><a href="https://opensource.guide/">Open Source Guides</a></p></li> <li><p><a href="https://preciousabubakar.hashnode.dev/contributing-to-open-source-software">Open Source Contribution: Why It’s a Great Idea</a></p></li> <li><p><a href="https://genicsblog.com/benny/no-code-ways-to-contribute-to-open-source-projects">No-Code Ways to Contribute to Open Source Projects</a></p></li> </ul> <h3> She Code Africa Contributhon Program </h3> <p><a href="http://shecodeafrica.org">She Code Africa</a> (SCA) promotes diversity in the open source ecosystem through <a href="https://sites.google.com/shecodeafrica.org/contributhon">Contributhon</a>. Contributhon is a virtual open source boot camp where ladies get the opportunity to work with open source organizations on selected projects with dedicated mentorship.</p> <p>This program aims to create a more diverse, inclusive, and innovative culture within the African open source ecosystem by matching African women in technology with sponsors and mentors (open source organizations) to work on projects used by millions of people all over the world.</p> <p>Stay updated on information about the next cohort via SCA’s social media platforms.</p> <ul> <li><p>Twitter: <a href="http://twitter.com/@shecodeafrica">@shecodeafrica</a></p></li> <li><p>Instagram: <a href="http://twitter.com/@shecodeafrica">@shecodeafrica</a></p></li> <li><p>LinkedIn: <a href="https://www.linkedin.com/company/she-code-africa/">She Code Africa</a></p></li> </ul> <p>If you’re not already a member of She Code Africa, you can begin by applying via the website: <a href="http://shecodeafrica.org">shecodeafrica.org</a></p> opensource beginners career Precious Abubakar Mon, 09 Jan 2023 17:55:27 +0000 https://dev.to/pda/building-a-blog-api-with-nodejs-implementing-the-api-routes-part-4-2b0l https://dev.to/pda/building-a-blog-api-with-nodejs-implementing-the-api-routes-part-4-2b0l <p>Now that we have our API design complete, the models set up, the database connection established and the authentication strategies in place, it's time to start building the actual API. In this article, we'll cover the following topics:</p> <ul> <li><p>Implementing the routes for our API</p></li> <li><p>Writing the controllers to handle requests and send responses</p></li> <li><p>Testing the API with Postman</p></li> </ul> <p>Let's get started!</p> <h2> Implementing the Routes </h2> <ol> <li> <p>Create a file called <code>blog.routes.js</code> in the <code>/routes</code> directory and write this code:<br> </p> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">blogController</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">../controllers</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">blogRouter</span> <span class="o">=</span> <span class="nx">express</span><span class="p">.</span><span class="nx">Router</span><span class="p">();</span> <span class="nx">blogRouter</span><span class="p">.</span><span class="kd">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">,</span> <span class="nx">blogController</span><span class="p">.</span><span class="nx">getPublishedArticles</span><span class="p">);</span> <span class="nx">blogRouter</span><span class="p">.</span><span class="kd">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/:articleId</span><span class="dl">"</span><span class="p">,</span> <span class="nx">blogController</span><span class="p">.</span><span class="nx">getArticle</span><span class="p">);</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="nx">blogRouter</span><span class="p">;</span> </code></pre> <p>The <code>express.Router()</code> function creates a new router object that can be used to define routes that will be used to handle HTTP requests to the server.</p> <p>The first route defined is a GET route at the root path of the router. This route will handle HTTP GET requests to the server and will use the <code>getPublishedArticles</code> function from the <code>blogController</code> to return a list of all published articles.</p> <p>The second route is a GET route that includes a parameter <code>:articleId</code> in the path. This route will handle HTTP GET requests to the server with a specific article ID in the path, and will use the <code>getArticle</code> function from the <code>blogController</code> to return the article with the specified ID.</p> </li> <li> <p>Create a file called <code>author.routes.js</code> in the <code>/routes</code> directory and write this code:<br> </p> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">authorController</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">../controllers</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">newArticleValidationMW</span><span class="p">,</span> <span class="nx">updateArticleValidationMW</span><span class="p">,</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">../validators</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">authorRouter</span> <span class="o">=</span> <span class="nx">express</span><span class="p">.</span><span class="nx">Router</span><span class="p">();</span> <span class="c1">// create a new article </span> <span class="nx">authorRouter</span><span class="p">.</span><span class="nx">post</span><span class="p">(</span><span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">,</span> <span class="nx">newArticleValidationMW</span><span class="p">,</span> <span class="nx">authorController</span><span class="p">.</span><span class="nx">createArticle</span><span class="p">);</span> <span class="c1">// change state </span> <span class="nx">authorRouter</span><span class="p">.</span><span class="nx">patch</span><span class="p">(</span> <span class="dl">"</span><span class="s2">/edit/state/:articleId</span><span class="dl">"</span><span class="p">,</span> <span class="nx">updateArticleValidationMW</span><span class="p">,</span> <span class="nx">authorController</span><span class="p">.</span><span class="nx">editState</span> <span class="p">);</span> <span class="c1">// edit article</span> <span class="nx">authorRouter</span><span class="p">.</span><span class="nx">patch</span><span class="p">(</span> <span class="dl">"</span><span class="s2">/edit/:articleId</span><span class="dl">"</span><span class="p">,</span> <span class="nx">updateArticleValidationMW</span><span class="p">,</span> <span class="nx">authorController</span><span class="p">.</span><span class="nx">editArticle</span> <span class="p">);</span> <span class="c1">// delete article </span> <span class="nx">authorRouter</span><span class="p">.</span><span class="k">delete</span><span class="p">(</span><span class="dl">"</span><span class="s2">/delete/:articleId</span><span class="dl">"</span><span class="p">,</span> <span class="nx">authorController</span><span class="p">.</span><span class="nx">deleteArticle</span><span class="p">);</span> <span class="c1">// get all articles created by the author </span> <span class="nx">authorRouter</span><span class="p">.</span><span class="kd">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">,</span> <span class="nx">authorController</span><span class="p">.</span><span class="nx">getArticlesByAuthor</span><span class="p">);</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="nx">authorRouter</span><span class="p">;</span> </code></pre> <p>Here, we've imported the validation middleware we created in the <a href="https://dev.to/pda/building-a-blog-api-with-nodejs-authentication-and-validation-part-3-p4n">previous article</a>:<br> </p> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="p">{</span> <span class="nx">newArticleValidationMW</span><span class="p">,</span> <span class="nx">updateArticleValidationMW</span><span class="p">,</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">../validators</span><span class="dl">"</span><span class="p">);</span> </code></pre> <p>When a POST or PATCH request is made, the validation middleware checks if the request body is in the correct format:<br> </p> <pre class="highlight javascript"><code><span class="nx">authorRouter</span><span class="p">.</span><span class="nx">post</span><span class="p">(</span><span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">,</span> <span class="nx">newArticleValidationMW</span><span class="p">,</span> <span class="nx">authorController</span><span class="p">.</span><span class="nx">createArticle</span><span class="p">);</span> <span class="nx">authorRouter</span><span class="p">.</span><span class="nx">patch</span><span class="p">(</span> <span class="dl">"</span><span class="s2">/edit/state/:articleId</span><span class="dl">"</span><span class="p">,</span> <span class="nx">updateArticleValidationMW</span><span class="p">,</span> <span class="nx">authorController</span><span class="p">.</span><span class="nx">editState</span> <span class="p">);</span> <span class="nx">authorRouter</span><span class="p">.</span><span class="nx">patch</span><span class="p">(</span> <span class="dl">"</span><span class="s2">/edit/:articleId</span><span class="dl">"</span><span class="p">,</span> <span class="nx">updateArticleValidationMW</span><span class="p">,</span> <span class="nx">authorController</span><span class="p">.</span><span class="nx">editArticle</span> <span class="p">);</span> </code></pre> </li> <li> <p>Create a file called <code>auth.routes.js</code> in the <code>/routes</code> directory for the authentication routes:<br> </p> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">passport</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">passport</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">userValidator</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">../validators</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">authController</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">../controllers</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">authRouter</span> <span class="o">=</span> <span class="nx">express</span><span class="p">.</span><span class="nx">Router</span><span class="p">();</span> <span class="nx">authRouter</span><span class="p">.</span><span class="nx">post</span><span class="p">(</span> <span class="dl">"</span><span class="s2">/signup</span><span class="dl">"</span><span class="p">,</span> <span class="nx">passport</span><span class="p">.</span><span class="nx">authenticate</span><span class="p">(</span><span class="dl">"</span><span class="s2">signup</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">session</span><span class="p">:</span> <span class="kc">false</span> <span class="p">}),</span> <span class="nx">userValidator</span><span class="p">,</span> <span class="nx">authController</span><span class="p">.</span><span class="nx">signup</span> <span class="p">);</span> <span class="nx">authRouter</span><span class="p">.</span><span class="nx">post</span><span class="p">(</span><span class="dl">"</span><span class="s2">/login</span><span class="dl">"</span><span class="p">,</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">passport</span><span class="p">.</span><span class="nx">authenticate</span><span class="p">(</span><span class="dl">"</span><span class="s2">login</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">err</span><span class="p">,</span> <span class="nx">user</span><span class="p">,</span> <span class="nx">info</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">authController</span><span class="p">.</span><span class="nx">login</span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="p">{</span> <span class="nx">err</span><span class="p">,</span> <span class="nx">user</span><span class="p">,</span> <span class="nx">info</span> <span class="p">});</span> <span class="p">})(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="p">);</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="nx">authRouter</span><span class="p">;</span> </code></pre> <p>The <code>signup</code> route uses the <code>passport.authenticate()</code> function to authenticate the request using the <code>signup</code> strategy. It also specifies that session management should be disabled using the <code>{ session: false }</code> option. If the request is successfully authenticated, it is passed to the <code>authController.signup</code> function for further processing.</p> <p>The <code>login</code> route is similar, but it uses the <code>login</code> strategy and passes the request to the <code>authController.login</code> function if it is successfully authenticated.</p> <p>Both routes also use the <code>userValidator</code> middleware to validate the request body before it is passed to the controller functions.</p> </li> <li> <p>Create an <code>index.js</code> file in <code>/routes</code> and export the routers:<br> </p> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">blogRouter</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">./blog.routes</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">authorRouter</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">./author.routes</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">authRouter</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">./auth.routes</span><span class="dl">"</span><span class="p">);</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="p">{</span> <span class="nx">blogRouter</span><span class="p">,</span> <span class="nx">authorRouter</span><span class="p">,</span> <span class="nx">authRouter</span> <span class="p">};</span> </code></pre> </li> <li> <p>Import the routers and use them in the <code>app.js</code> file.<br> </p> <pre class="highlight javascript"><code><span class="c1">// {... some code ....}</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">blogRouter</span><span class="p">,</span> <span class="nx">authRouter</span><span class="p">,</span> <span class="nx">authorRouter</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">./src/routes</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// Middleware</span> <span class="c1">// {... some code ....}</span> <span class="c1">// Routes</span> <span class="nx">app</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span><span class="dl">"</span><span class="s2">/blog</span><span class="dl">"</span><span class="p">,</span> <span class="nx">blogRouter</span><span class="p">);</span> <span class="nx">app</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span><span class="dl">"</span><span class="s2">/auth</span><span class="dl">"</span><span class="p">,</span> <span class="nx">authRouter</span><span class="p">);</span> <span class="nx">app</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span> <span class="dl">"</span><span class="s2">/author/blog</span><span class="dl">"</span><span class="p">,</span> <span class="nx">passport</span><span class="p">.</span><span class="nx">authenticate</span><span class="p">(</span><span class="dl">"</span><span class="s2">jwt</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">session</span><span class="p">:</span> <span class="kc">false</span> <span class="p">}),</span> <span class="nx">authorRouter</span> <span class="p">);</span> <span class="c1">// {... some code ....}</span> </code></pre> <p>Remember we separated the routes into blog routes and author routes because we wanted to protect the author routes. We are using passport to protect the <code>/author/blog</code> routes, so that only authenticated users can have access to the resources. Unauthenticated users can only have access to the <code>/blog</code> routes.</p> </li> </ol> <h2> Writing the Controllers </h2> <p>Now that we have the routes defined, we need to write the code to handle the requests and send the appropriate responses. A controller is a function that is called when a route is matched, and it is responsible for handling the request and sending the response.</p> <ol> <li> <p>Create a file called <code>blog.controllers.js</code> in the <code>/controllers</code> directory. In this file, define the functions that will be called by the blog routes:<br> </p> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="p">{</span> <span class="nx">BlogModel</span><span class="p">,</span> <span class="nx">UserModel</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">../models</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// Get all published articles</span> <span class="nx">exports</span><span class="p">.</span><span class="nx">getPublishedArticles</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">author</span><span class="p">,</span> <span class="nx">title</span><span class="p">,</span> <span class="nx">tags</span><span class="p">,</span> <span class="nx">order</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">asc</span><span class="dl">"</span><span class="p">,</span> <span class="nx">order_by</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">timestamp,reading_time,read_count</span><span class="dl">"</span><span class="p">,</span> <span class="nx">page</span> <span class="o">=</span> <span class="mi">1</span><span class="p">,</span> <span class="nx">per_page</span> <span class="o">=</span> <span class="mi">20</span><span class="p">,</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">query</span><span class="p">;</span> <span class="c1">// filter</span> <span class="kd">const</span> <span class="nx">findQuery</span> <span class="o">=</span> <span class="p">{</span> <span class="na">state</span><span class="p">:</span> <span class="dl">"</span><span class="s2">published</span><span class="dl">"</span> <span class="p">};</span> <span class="k">if</span><span class="p">(</span><span class="nx">author</span><span class="p">)</span> <span class="p">{</span> <span class="nx">findQuery</span><span class="p">.</span><span class="nx">author</span> <span class="o">=</span> <span class="nx">author</span><span class="p">;</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="nx">title</span><span class="p">)</span> <span class="p">{</span> <span class="nx">findQuery</span><span class="p">.</span><span class="nx">title</span> <span class="o">=</span> <span class="nx">title</span><span class="p">;</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="nx">tags</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">searchTags</span> <span class="o">=</span> <span class="nx">tags</span><span class="p">.</span><span class="nx">split</span><span class="p">(</span><span class="dl">"</span><span class="s2">,</span><span class="dl">"</span><span class="p">);</span> <span class="nx">findQuery</span><span class="p">.</span><span class="nx">tags</span> <span class="o">=</span> <span class="p">{</span> <span class="na">$in</span><span class="p">:</span> <span class="nx">searchTags</span> <span class="p">};</span> <span class="p">}</span> <span class="c1">// sort</span> <span class="kd">const</span> <span class="nx">sortQuery</span> <span class="o">=</span> <span class="p">{};</span> <span class="kd">const</span> <span class="nx">sortAttributes</span> <span class="o">=</span> <span class="nx">order_by</span><span class="p">.</span><span class="nx">split</span><span class="p">(</span><span class="dl">"</span><span class="s2">,</span><span class="dl">"</span><span class="p">);</span> <span class="k">for</span> <span class="p">(</span><span class="kd">const</span> <span class="nx">attribute</span> <span class="k">of</span> <span class="nx">sortAttributes</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="nx">order</span> <span class="o">===</span> <span class="dl">"</span><span class="s2">asc</span><span class="dl">"</span><span class="p">)</span> <span class="p">{</span> <span class="nx">sortQuery</span><span class="p">[</span><span class="nx">attribute</span><span class="p">]</span> <span class="o">=</span> <span class="mi">1</span><span class="p">;</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="nx">order</span> <span class="o">===</span> <span class="dl">"</span><span class="s2">desc</span><span class="dl">"</span> <span class="o">&amp;&amp;</span> <span class="nx">order_by</span><span class="p">)</span> <span class="p">{</span> <span class="nx">sortQuery</span><span class="p">[</span><span class="nx">attribute</span><span class="p">]</span> <span class="o">=</span> <span class="o">-</span><span class="mi">1</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="c1">// get all published articles from the database</span> <span class="kd">const</span> <span class="nx">articles</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">BlogModel</span><span class="p">.</span><span class="nx">find</span><span class="p">(</span><span class="nx">findQuery</span><span class="p">)</span> <span class="p">.</span><span class="nx">populate</span><span class="p">(</span><span class="dl">"</span><span class="s2">author</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">firstname lastname email</span><span class="dl">"</span><span class="p">)</span> <span class="p">.</span><span class="nx">sort</span><span class="p">(</span><span class="nx">sortQuery</span><span class="p">)</span> <span class="p">.</span><span class="nx">skip</span><span class="p">(</span><span class="nx">page</span><span class="p">)</span> <span class="p">.</span><span class="nx">limit</span><span class="p">(</span><span class="nx">per_page</span><span class="p">);</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nx">status</span><span class="p">(</span><span class="mi">200</span><span class="p">).</span><span class="nx">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Request successful</span><span class="dl">"</span><span class="p">,</span> <span class="na">articles</span><span class="p">:</span> <span class="nx">articles</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">};</span> <span class="c1">// Get article by ID</span> <span class="nx">exports</span><span class="p">.</span><span class="nx">getArticle</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">articleId</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">params</span><span class="p">;</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">article</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">BlogModel</span><span class="p">.</span><span class="nx">findById</span><span class="p">(</span><span class="nx">articleId</span><span class="p">).</span><span class="nx">populate</span><span class="p">(</span> <span class="dl">"</span><span class="s2">author</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">firstname lastname email</span><span class="dl">"</span> <span class="p">);</span> <span class="nx">article</span><span class="p">.</span><span class="nx">readCount</span> <span class="o">+=</span> <span class="mi">1</span><span class="p">;</span> <span class="c1">// increment read count</span> <span class="k">await</span> <span class="nx">article</span><span class="p">.</span><span class="nx">save</span><span class="p">();</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nx">status</span><span class="p">(</span><span class="mi">200</span><span class="p">).</span><span class="nx">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Request successful</span><span class="dl">"</span><span class="p">,</span> <span class="na">article</span><span class="p">:</span> <span class="nx">article</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">};</span> </code></pre> <p>The <code>getPublishedArticles</code> function will be called when the <code>GET /blog</code> route is matched, and it will retrieve a list of all published articles from the database and send the response to the client. It begins by destructuring some query parameters from the <code>req.query</code> object. These query parameters are used to filter and sort the articles that are returned.</p> <p>The sorting in this function is done using the Mongoose <code>.sort()</code> method, which takes an object with the field names as keys and the sort order as values. The field names and sort orders are specified in the <code>sortQuery</code> object, which is constructed based on the <code>order</code> and <code>order_by</code> query parameters.</p> <p>The <code>order_by</code> query parameter is a string that can contain multiple field names, separated by commas. The <code>sortAttributes</code> variable is an array of these field names. For each field name in the array, the <code>sortQuery</code> object is updated with the field name as the key and the sort order as the value. If the <code>order</code> query parameter is <code>"asc"</code>, the sort order is set to 1, and if the order query parameter is <code>"desc"</code>, the sort order is set to -1.</p> <p>The find query is constructed using the <code>findQuery</code> object, which is initialized with a filter to only return published articles. The <code>findQuery</code> object is then updated with additional filters based on the <code>author</code>, <code>title</code>, and <code>tags</code> query parameters, if they are present.</p> <p>For example, if the <code>author</code> query parameter is present, the <code>findQuery.author</code> field is set to the value of the <code>author</code> query parameter. This will filter the results to only include articles whose <code>author</code> field is equal to the value of the <code>author</code> query parameter. Similarly, if the <code>tags</code> query parameter is present, the <code>findQuery.tags</code> field is set to a MongoDB operator that searches for articles with tags that match the search tags. The search tags are specified as a comma-separated string and are split into an array using the split method. The <code>$in</code> operator is used to search for articles with tags that are included in the array of search tags.</p> <p>The <code>findQuery</code> object is passed as an argument to the <code>.find()</code> method of the <code>BlogModel</code> object. This method returns a Mongoose query object that can be used to find documents in the blog collection that match the specified filter. The <code>.populate()</code> method is then called on the query object to populate the author field with the corresponding user document, and <code>.sort()</code> sorts the results using the <code>sortQuery</code> object. <code>.skip()</code> and <code>.limit()</code> are called to paginate the results. <code>skip()</code> specifies the number of documents to skip in the query, and <code>limit()</code> specifies the number of documents to return. The <code>page</code> and <code>per_page</code> query parameters are used to determine the values passed to <code>skip()</code> and <code>limit()</code>. By default, <code>page</code> is set to 1 and <code>per_page</code> is set to 20. This means that if these query parameters are not provided, the default behavior is to retrieve the first page of results with 20 documents per page.</p> <p>The <code>getArticle</code> function retrieves the article with the specified ID from the database and increments the article's read count before returning it to the client.</p> <p>Both functions use the <code>async</code> keyword and include a <code>try/catch</code> block to handle any errors that may occur during the execution of the function. If an error occurs, the <code>next</code> function is called with the error as an argument to pass the error to the error handling middleware which is set up in our <code>app.js</code>.</p> </li> <li> <p>Create a file called <code>author.controllers.js</code> in the <code>/controllers</code> directory and define the functions that will be called by the author routes as follows:<br> </p> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="p">{</span> <span class="nx">BlogModel</span><span class="p">,</span> <span class="nx">UserModel</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">../models</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">blogService</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">../services</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">moment</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">moment</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// create a new article</span> <span class="nx">exports</span><span class="p">.</span><span class="nx">createArticle</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">newArticle</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="c1">// calculate reading time</span> <span class="kd">const</span> <span class="nx">readingTime</span> <span class="o">=</span> <span class="nx">blogService</span><span class="p">.</span><span class="nx">calculateReadingTime</span><span class="p">(</span><span class="nx">newArticle</span><span class="p">.</span><span class="nx">body</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="nx">newArticle</span><span class="p">.</span><span class="nx">tags</span><span class="p">)</span> <span class="p">{</span> <span class="nx">newArticle</span><span class="p">.</span><span class="nx">tags</span> <span class="o">=</span> <span class="nx">newArticle</span><span class="p">.</span><span class="nx">tags</span><span class="p">.</span><span class="nx">split</span><span class="p">(</span><span class="dl">"</span><span class="s2">,</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="nx">req</span><span class="p">.</span><span class="nx">files</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">imageUrl</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">blogService</span><span class="p">.</span><span class="nx">uploadImage</span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">);</span> <span class="nx">newArticle</span><span class="p">.</span><span class="nx">imageUrl</span> <span class="o">=</span> <span class="nx">imageUrl</span><span class="p">;</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">article</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">BlogModel</span><span class="p">({</span> <span class="na">author</span><span class="p">:</span> <span class="nx">req</span><span class="p">.</span><span class="nx">user</span><span class="p">.</span><span class="nx">_id</span><span class="p">,</span> <span class="na">timestamp</span><span class="p">:</span> <span class="nx">moment</span><span class="p">().</span><span class="nx">toDate</span><span class="p">(),</span> <span class="na">readingTime</span><span class="p">:</span> <span class="nx">readingTime</span><span class="p">,</span> <span class="p">...</span><span class="nx">newArticle</span><span class="p">,</span> <span class="p">});</span> <span class="nx">article</span><span class="p">.</span><span class="nx">save</span><span class="p">((</span><span class="nx">err</span><span class="p">,</span> <span class="nx">user</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nx">log</span><span class="p">(</span><span class="s2">`err: </span><span class="p">${</span><span class="nx">err</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="k">return</span> <span class="nx">next</span><span class="p">(</span><span class="nx">err</span><span class="p">);</span> <span class="p">}</span> <span class="p">});</span> <span class="c1">// add article to user's articles array in the database</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">UserModel</span><span class="p">.</span><span class="nx">findById</span><span class="p">(</span><span class="nx">req</span><span class="p">.</span><span class="nx">user</span><span class="p">.</span><span class="nx">_id</span><span class="p">);</span> <span class="nx">user</span><span class="p">.</span><span class="nx">articles</span><span class="p">.</span><span class="nx">push</span><span class="p">(</span><span class="nx">article</span><span class="p">.</span><span class="nx">_id</span><span class="p">);</span> <span class="k">await</span> <span class="nx">user</span><span class="p">.</span><span class="nx">save</span><span class="p">();</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nx">status</span><span class="p">(</span><span class="mi">201</span><span class="p">).</span><span class="nx">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Article created successfully</span><span class="dl">"</span><span class="p">,</span> <span class="na">article</span><span class="p">:</span> <span class="nx">article</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">};</span> <span class="c1">// change state</span> <span class="nx">exports</span><span class="p">.</span><span class="nx">editState</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">articleId</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">params</span><span class="p">;</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">state</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">article</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">BlogModel</span><span class="p">.</span><span class="nx">findById</span><span class="p">(</span><span class="nx">articleId</span><span class="p">);</span> <span class="c1">// check if user is authorised to change state</span> <span class="nx">blogService</span><span class="p">.</span><span class="nx">userAuth</span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">,</span> <span class="nx">article</span><span class="p">.</span><span class="nx">author</span><span class="p">.</span><span class="nx">_id</span><span class="p">);</span> <span class="c1">// validate request</span> <span class="k">if</span> <span class="p">(</span><span class="nx">state</span> <span class="o">!==</span> <span class="dl">"</span><span class="s2">published</span><span class="dl">"</span> <span class="o">&amp;&amp;</span> <span class="nx">state</span> <span class="o">!==</span> <span class="dl">"</span><span class="s2">draft</span><span class="dl">"</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="mi">400</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Invalid state</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="nx">article</span><span class="p">.</span><span class="nx">state</span> <span class="o">===</span> <span class="nx">state</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="mi">400</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="s2">`Article is already in </span><span class="p">${</span><span class="nx">state</span><span class="p">}</span><span class="s2"> state`</span> <span class="p">});</span> <span class="p">}</span> <span class="nx">article</span><span class="p">.</span><span class="nx">state</span> <span class="o">=</span> <span class="nx">state</span><span class="p">;</span> <span class="nx">article</span><span class="p">.</span><span class="nx">timestamp</span> <span class="o">=</span> <span class="nx">moment</span><span class="p">().</span><span class="nx">toDate</span><span class="p">();</span> <span class="nx">article</span><span class="p">.</span><span class="nx">save</span><span class="p">();</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nx">status</span><span class="p">(</span><span class="mi">200</span><span class="p">).</span><span class="nx">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">State successfully updated</span><span class="dl">"</span><span class="p">,</span> <span class="na">article</span><span class="p">:</span> <span class="nx">article</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">};</span> <span class="c1">// edit article</span> <span class="nx">exports</span><span class="p">.</span><span class="nx">editArticle</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">articleId</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">params</span><span class="p">;</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">title</span><span class="p">,</span> <span class="nx">body</span><span class="p">,</span> <span class="nx">tags</span><span class="p">,</span> <span class="nx">description</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="c1">// check if user is authorised to edit article</span> <span class="kd">const</span> <span class="nx">article</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">BlogModel</span><span class="p">.</span><span class="nx">findById</span><span class="p">(</span><span class="nx">articleId</span><span class="p">);</span> <span class="nx">blogService</span><span class="p">.</span><span class="nx">userAuth</span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">,</span> <span class="nx">article</span><span class="p">.</span><span class="nx">author</span><span class="p">.</span><span class="nx">_id</span><span class="p">);</span> <span class="c1">// if params are provided, update them</span> <span class="k">if</span> <span class="p">(</span><span class="nx">req</span><span class="p">.</span><span class="nx">files</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">imageUrl</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">blogService</span><span class="p">.</span><span class="nx">uploadImage</span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">);</span> <span class="nx">article</span><span class="p">.</span><span class="nx">imageUrl</span> <span class="o">=</span> <span class="nx">imageUrl</span><span class="p">;</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="nx">title</span><span class="p">)</span> <span class="p">{</span> <span class="nx">article</span><span class="p">.</span><span class="nx">title</span> <span class="o">=</span> <span class="nx">title</span><span class="p">;</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="nx">body</span><span class="p">)</span> <span class="p">{</span> <span class="nx">article</span><span class="p">.</span><span class="nx">body</span> <span class="o">=</span> <span class="nx">body</span><span class="p">;</span> <span class="nx">article</span><span class="p">.</span><span class="nx">readingTime</span> <span class="o">=</span> <span class="nx">blogService</span><span class="p">.</span><span class="nx">calculateReadingTime</span><span class="p">(</span><span class="nx">body</span><span class="p">);</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="nx">tags</span><span class="p">)</span> <span class="p">{</span> <span class="nx">article</span><span class="p">.</span><span class="nx">tags</span> <span class="o">=</span> <span class="nx">tags</span><span class="p">.</span><span class="nx">split</span><span class="p">(</span><span class="dl">"</span><span class="s2">,</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="nx">description</span><span class="p">)</span> <span class="p">{</span> <span class="nx">article</span><span class="p">.</span><span class="nx">description</span> <span class="o">=</span> <span class="nx">description</span><span class="p">;</span> <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="nx">title</span> <span class="o">||</span> <span class="nx">body</span> <span class="o">||</span> <span class="nx">tags</span> <span class="o">||</span> <span class="nx">description</span> <span class="p">)</span> <span class="p">{</span> <span class="nx">article</span><span class="p">.</span><span class="nx">timestamp</span> <span class="o">=</span> <span class="nx">moment</span><span class="p">().</span><span class="nx">toDate</span><span class="p">();</span> <span class="p">}</span> <span class="nx">article</span><span class="p">.</span><span class="nx">save</span><span class="p">();</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nx">status</span><span class="p">(</span><span class="mi">200</span><span class="p">).</span><span class="nx">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Article successfully edited and saved</span><span class="dl">"</span><span class="p">,</span> <span class="na">article</span><span class="p">:</span> <span class="nx">article</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">};</span> <span class="c1">// delete article</span> <span class="nx">exports</span><span class="p">.</span><span class="nx">deleteArticle</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">articleId</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">params</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">article</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">BlogModel</span><span class="p">.</span><span class="nx">findById</span><span class="p">(</span><span class="nx">articleId</span><span class="p">);</span> <span class="c1">// check if user is authorised to delete article</span> <span class="nx">blogService</span><span class="p">.</span><span class="nx">userAuth</span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">,</span> <span class="nx">article</span><span class="p">.</span><span class="nx">author</span><span class="p">.</span><span class="nx">_id</span><span class="p">);</span> <span class="nx">article</span><span class="p">.</span><span class="nx">remove</span><span class="p">();</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nx">status</span><span class="p">(</span><span class="mi">200</span><span class="p">).</span><span class="nx">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Article successfully deleted</span><span class="dl">"</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">};</span> <span class="c1">// get all articles created by the user</span> <span class="nx">exports</span><span class="p">.</span><span class="nx">getArticlesByAuthor</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">state</span><span class="p">,</span> <span class="nx">order</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">asc</span><span class="dl">"</span><span class="p">,</span> <span class="nx">order_by</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">timestamp</span><span class="dl">"</span><span class="p">,</span> <span class="nx">page</span> <span class="o">=</span> <span class="mi">1</span><span class="p">,</span> <span class="nx">per_page</span> <span class="o">=</span> <span class="mi">20</span><span class="p">,</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">query</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">findQuery</span> <span class="o">=</span> <span class="p">{};</span> <span class="c1">// check if state is valid and if it is, add it to the query</span> <span class="k">if</span> <span class="p">(</span><span class="nx">state</span><span class="p">)</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="nx">state</span> <span class="o">!==</span> <span class="dl">"</span><span class="s2">published</span><span class="dl">"</span> <span class="o">&amp;&amp;</span> <span class="nx">state</span> <span class="o">!==</span> <span class="dl">"</span><span class="s2">draft</span><span class="dl">"</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="mi">400</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Invalid state</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nx">findQuery</span><span class="p">.</span><span class="nx">state</span> <span class="o">=</span> <span class="nx">state</span><span class="p">;</span> <span class="p">}</span> <span class="p">}</span> <span class="c1">// sort</span> <span class="kd">const</span> <span class="nx">sortQuery</span> <span class="o">=</span> <span class="p">{};</span> <span class="k">if</span> <span class="p">(</span><span class="nx">order</span> <span class="o">!==</span> <span class="dl">"</span><span class="s2">asc</span><span class="dl">"</span> <span class="o">&amp;&amp;</span> <span class="nx">order</span> <span class="o">!==</span> <span class="dl">"</span><span class="s2">desc</span><span class="dl">"</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="mi">400</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Invalid parameter order</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="nx">sortQuery</span><span class="p">[</span><span class="nx">order_by</span><span class="p">]</span> <span class="o">=</span> <span class="nx">order</span><span class="p">;</span> <span class="p">}</span> <span class="c1">// get user's articles</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">UserModel</span><span class="p">.</span><span class="nx">findById</span><span class="p">(</span><span class="nx">req</span><span class="p">.</span><span class="nx">user</span><span class="p">.</span><span class="nx">_id</span><span class="p">).</span><span class="nx">populate</span><span class="p">({</span> <span class="na">path</span><span class="p">:</span> <span class="dl">"</span><span class="s2">articles</span><span class="dl">"</span><span class="p">,</span> <span class="na">match</span><span class="p">:</span> <span class="nx">findQuery</span><span class="p">,</span> <span class="na">options</span><span class="p">:</span> <span class="p">{</span> <span class="na">sort</span><span class="p">:</span> <span class="nx">sortQuery</span><span class="p">,</span> <span class="na">limit</span><span class="p">:</span> <span class="nb">parseInt</span><span class="p">(</span><span class="nx">per_page</span><span class="p">),</span> <span class="na">skip</span><span class="p">:</span> <span class="p">(</span><span class="nx">page</span> <span class="o">-</span> <span class="mi">1</span><span class="p">)</span> <span class="o">*</span> <span class="nx">per_page</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nx">status</span><span class="p">(</span><span class="mi">200</span><span class="p">).</span><span class="nx">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Request successful</span><span class="dl">"</span><span class="p">,</span> <span class="na">articles</span><span class="p">:</span> <span class="nx">user</span><span class="p">.</span><span class="nx">articles</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">};</span> </code></pre> <p>The <code>createArticle</code> function begins by destructuring the new article data from the <code>req.body</code> object and calculating the reading time for the article using the <code>calculateReadingTime</code> function from the <code>blogService</code> module which we'll create next to abstract some functionalities.</p> <p>Next, the function checks if the <code>tags</code> field is present in the <code>newArticle</code> data, and splits the tags string into an array using the <code>split</code> method. Recall that <code>tags</code> is defined as an array in the blog model.</p> <p>Next, If the user uploads a cover image, we want to access the file, upload it to a cloud storage service, get the URL for the uploaded image and save it to our database. The <code>express-fileupload</code> we installed will allow us to access the <code>req.files</code> object.</p> <p>Finally, the function creates a new <code>BlogModel</code> instance with the <code>newArticle</code> data and the current timestamp and user ID, and saves it to the database using the <code>save</code> method. We're using an npm module <code>moment</code> to handle the <code>timestamp</code>. You can install moment by running <code>npm install moment</code>. </p> <p>The <code>author</code> field is an <code>ObjectId</code> referencing the <code>User</code> model. Here, we assign the user's ID so we can use Mongoose <code>.populate</code> method to retrieve the author's details when we need to. </p> <p>Similarly, we want to be able to track all the articles created by the user, so next, we update the user's <code>articles</code> array in the database to include the ID of the new article before we return a response to the client. </p> <p>In the <code>editState</code> function, we retrieve the article from the database and check if the user is authorized to change the state of the article. If the user is authorized, we update the article's state and timestamp in the database. </p> <p>In the <code>editArticle</code> function, we retrieve the article from the database and check if the user is authorized to edit the article. If the user is authorized, we update the article's data in the database. </p> </li> <li> <p>Create a file called <code>auth.controllers.js</code> in the <code>/controllers</code> directory for the authentication routes:<br> </p> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">jwt</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">jsonwebtoken</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">UserModel</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">../models</span><span class="dl">"</span><span class="p">);</span> <span class="nx">exports</span><span class="p">.</span><span class="nx">signup</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">firstname</span><span class="p">,</span> <span class="nx">lastname</span><span class="p">,</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">password</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">UserModel</span><span class="p">({</span> <span class="na">firstname</span><span class="p">:</span> <span class="nx">firstname</span><span class="p">,</span> <span class="na">lastname</span><span class="p">:</span> <span class="nx">lastname</span><span class="p">,</span> <span class="na">email</span><span class="p">:</span> <span class="nx">email</span><span class="p">,</span> <span class="na">password</span><span class="p">:</span> <span class="nx">password</span><span class="p">,</span> <span class="p">});</span> <span class="nx">user</span><span class="p">.</span><span class="nx">save</span><span class="p">((</span><span class="nx">err</span><span class="p">,</span> <span class="nx">user</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">(</span><span class="nx">err</span><span class="p">);</span> <span class="p">}</span> <span class="p">});</span> <span class="k">delete</span> <span class="nx">user</span><span class="p">.</span><span class="nx">password</span><span class="p">;</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nx">status</span><span class="p">(</span><span class="mi">201</span><span class="p">).</span><span class="nx">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Signup successful</span><span class="dl">"</span><span class="p">,</span> <span class="na">user</span><span class="p">:</span> <span class="nx">user</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">};</span> <span class="nx">exports</span><span class="p">.</span><span class="nx">login</span> <span class="o">=</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="p">{</span> <span class="nx">err</span><span class="p">,</span> <span class="nx">user</span><span class="p">,</span> <span class="nx">info</span> <span class="p">})</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="nx">user</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nx">status</span><span class="p">(</span><span class="mi">401</span><span class="p">).</span><span class="nx">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">email or password is incorrect</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="nx">req</span><span class="p">.</span><span class="nx">login</span><span class="p">(</span><span class="nx">user</span><span class="p">,</span> <span class="p">{</span> <span class="na">session</span><span class="p">:</span> <span class="kc">false</span> <span class="p">},</span> <span class="k">async</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nx">status</span><span class="p">(</span><span class="mi">401</span><span class="p">).</span><span class="nx">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="nx">error</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">body</span> <span class="o">=</span> <span class="p">{</span> <span class="na">_id</span><span class="p">:</span> <span class="nx">user</span><span class="p">.</span><span class="nx">_id</span><span class="p">,</span> <span class="na">email</span><span class="p">:</span> <span class="nx">user</span><span class="p">.</span><span class="nx">email</span> <span class="p">};</span> <span class="kd">const</span> <span class="nx">token</span> <span class="o">=</span> <span class="nx">jwt</span><span class="p">.</span><span class="nx">sign</span><span class="p">({</span> <span class="na">user</span><span class="p">:</span> <span class="nx">body</span> <span class="p">},</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">JWT_SECRET</span><span class="p">,</span> <span class="p">{</span> <span class="na">expiresIn</span><span class="p">:</span> <span class="dl">"</span><span class="s2">1h</span><span class="dl">"</span><span class="p">,</span> <span class="p">});</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nx">status</span><span class="p">(</span><span class="mi">200</span><span class="p">).</span><span class="nx">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Login successful</span><span class="dl">"</span><span class="p">,</span> <span class="na">token</span><span class="p">:</span> <span class="nx">token</span> <span class="p">});</span> <span class="p">});</span> <span class="p">};</span> </code></pre> <p>The <code>signup</code> function creates a new <code>user</code> object with the provided first name, last name, email, and password. It then saves this <code>user</code> object to the database and returns a success message and the <code>user</code> object, minus the <code>password</code> field. You should never expose passwords. </p> <p>The <code>login</code> function is called when a user attempts to log in. If the provided email and password do not match a user in the database, it returns a 401 status code and an error message. Otherwise, it creates a <code>JWT</code> with the user's ID and email as the payload, and signs it with a secret key (which we stored in our <code>.env</code> file. Since we're not using session, logging out is tricky, so we've set an expiration time of one hour for the token. The function returns a success message and the <code>JWT</code>.</p> </li> <li> <p>Create a file called <code>/index.js</code> in the <code>/controllers</code> directory:<br> </p> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">authController</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">./auth.controller</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">blogController</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">./blog.controller</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">authorController</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">./author.controller</span><span class="dl">"</span><span class="p">);</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="p">{</span> <span class="nx">authController</span><span class="p">,</span> <span class="nx">blogController</span><span class="p">,</span> <span class="nx">authorController</span> <span class="p">};</span> </code></pre> </li> </ol> <h3> Blog Service </h3> <p>We abstracted some of the logic for our <code>author.controller.js</code> to a <code>blogService</code> module. Let's look into that.</p> <p>Before we begin, we're using Cloudinary, a media management platform that allows you to store, optimize, and deliver images and videos. Follow the instructions on the <a href="https://cloudinary.com/documentation/how_to_integrate_cloudinary">Cloudinary website</a> to set up your account, then install the SDK by running this command:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">npm</span> <span class="nx">install</span> <span class="nx">cloudinary</span> </code></pre> </div> <p>Now, in <code>/services</code>, create a file called <code>blog.service.js</code> with the following functions:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">cloudinary</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">cloudinary</span><span class="dl">'</span><span class="p">).</span><span class="nx">v2</span><span class="p">;</span> <span class="nx">cloudinary</span><span class="p">.</span><span class="nx">config</span><span class="p">({</span> <span class="na">secure</span><span class="p">:</span> <span class="kc">true</span> <span class="p">});</span> <span class="nx">exports</span><span class="p">.</span><span class="nx">userAuth</span> <span class="o">=</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">,</span> <span class="nx">authorId</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="c1">// if author is not the same as the logged in user, throw error</span> <span class="k">if</span> <span class="p">(</span><span class="nx">req</span><span class="p">.</span><span class="nx">user</span><span class="p">.</span><span class="nx">_id</span> <span class="o">!==</span> <span class="nx">authorId</span><span class="p">.</span><span class="nx">toString</span><span class="p">())</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="mi">401</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">You are not authorized to access this resource</span><span class="dl">"</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="p">};</span> <span class="nx">exports</span><span class="p">.</span><span class="nx">calculateReadingTime</span> <span class="o">=</span> <span class="p">(</span><span class="nx">text</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">wordsPerMin</span> <span class="o">=</span> <span class="mi">200</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">wordCount</span> <span class="o">=</span> <span class="nx">text</span><span class="p">.</span><span class="nx">trim</span><span class="p">().</span><span class="nx">split</span><span class="p">(</span><span class="sr">/</span><span class="se">\s</span><span class="sr">+/</span><span class="p">).</span><span class="nx">length</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">readingTime</span> <span class="o">=</span> <span class="nb">Math</span><span class="p">.</span><span class="nx">ceil</span><span class="p">(</span><span class="nx">wordCount</span> <span class="o">/</span> <span class="nx">wordsPerMin</span><span class="p">);</span> <span class="k">return</span> <span class="nx">readingTime</span> <span class="o">&gt;</span> <span class="mi">1</span> <span class="p">?</span> <span class="s2">`</span><span class="p">${</span><span class="nx">readingTime</span><span class="p">}</span><span class="s2"> mins`</span> <span class="p">:</span> <span class="s2">`</span><span class="p">${</span><span class="nx">readingTime</span><span class="p">}</span><span class="s2"> min`</span><span class="p">;</span> <span class="p">};</span> <span class="nx">exports</span><span class="p">.</span><span class="nx">uploadImage</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">filePath</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">files</span><span class="p">.</span><span class="nx">file</span><span class="p">.</span><span class="nx">tempFilePath</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">options</span> <span class="o">=</span> <span class="p">{</span> <span class="na">use_filename</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">unique_filename</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="na">overwrite</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">};</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">uploadedImage</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">cloudinary</span><span class="p">.</span><span class="nx">uploader</span><span class="p">.</span><span class="nx">upload</span><span class="p">(</span><span class="nx">filePath</span><span class="p">,</span> <span class="nx">options</span><span class="p">);</span> <span class="k">return</span> <span class="nx">uploadedImage</span><span class="p">.</span><span class="nx">secure_url</span><span class="p">;</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>The <code>userAuth</code> function checks if the user making the request is the same as the author of the post being accessed. If the user is not the author, it throws an error with a status code of 401 (Unauthorized).</p> <p>The <code>calculateReadingTime</code> function takes a piece of text as an argument and calculates the estimated reading time in minutes by dividing the number of words in the text by the average number of words per minute (<em>the average reading speed for an adult is about 200wpm according to Marc Brysbaert from Ghent University in Belgium</em>). It then rounds up to the nearest whole number and returns a string with the reading time.</p> <p>The <code>uploadImage</code> function uploads an image to Cloudinary and returns a secure URL. It takes <code>req</code>, <code>res</code> and <code>next</code> as arguments, retrieves the file path of the uploaded image from the <code>req</code> object and stores it in a <code>filePath</code> variable (this is made possible by the <code>express-fileupload</code> npm package we installed). It then sets up options for the upload, including the <code>use_filename</code> and <code>overwrite</code> options, which specify that the uploaded file should use its original filename and overwrite any existing file with the same name. The function then uses the <code>cloudinary.uploader.upload</code> method to upload the file to Cloudinary. If the upload is successful, it returns the secure URL of the uploaded file.</p> <p>In <code>/services/index.js</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">blogService</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">./blog.service.js</span><span class="dl">'</span><span class="p">);</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="p">{</span> <span class="nx">blogService</span> <span class="p">}</span> </code></pre> </div> <h2> Testing the API with Postman </h2> <p>With the routes and controllers in place, we can now test our API to make sure it's working as expected. You can use Postman to test all of the routes in your API to make sure they are working as expected.</p> <p>To test routes that require a request body, such as POST and PATCH routes, you'll need to specify the request body in the appropriate format in the Postman request form. You'll also need to provide a bearer token in the <code>Authorisation</code> header when testing protected routes.</p> <p>For example, if you're sending a POST request to the <code>/author/blog</code> route, include the article data in the request body.</p> <ul> <li>First, you'll need to start the server by running the following command in the terminal: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>npm start </code></pre> </div> <ul> <li>Next, create a new user. Send a POST request to the <code>/auth/signup</code> route and include the user data in the request body like this: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="w"> </span><span class="s2">"doe@example.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"password"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Password1"</span><span class="p">,</span><span class="w"> </span><span class="nl">"firstname"</span><span class="p">:</span><span class="w"> </span><span class="s2">"jon"</span><span class="p">,</span><span class="w"> </span><span class="nl">"lastname"</span><span class="p">:</span><span class="w"> </span><span class="s2">"doe"</span><span class="p">,</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>If successful, you'll get a success response:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Signup successful"</span><span class="p">,</span><span class="w"> </span><span class="nl">"user"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"firstname"</span><span class="p">:</span><span class="w"> </span><span class="s2">"jon"</span><span class="p">,</span><span class="w"> </span><span class="nl">"lastname"</span><span class="p">:</span><span class="w"> </span><span class="s2">"doe"</span><span class="p">,</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="w"> </span><span class="s2">"doe@example.com"</span><span class="p">,</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>Next, login. Send a POST request to the <code>/auth/login</code> route and include the user data in the request body like this: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"email"</span><span class="p">:</span><span class="w"> </span><span class="s2">"doe@example.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"password"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Password1"</span><span class="p">,</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>If successful, you'll get a success response with a token:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Login successful"</span><span class="p">,</span><span class="w"> </span><span class="nl">"token"</span><span class="p">:</span><span class="w"> </span><span class="s2">"sjlkafjkldsf.jsdntehwkljyroyjoh.tenmntiw"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <ul> <li>Finally, send POST request to the <code>/author/blog</code> route and include the article data in the request body like this: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"title"</span><span class="p">:</span><span class="w"> </span><span class="s2">"testing the routes"</span><span class="p">,</span><span class="w"> </span><span class="nl">"body"</span><span class="p">:</span><span class="w"> </span><span class="s2">"This is the body of the article"</span><span class="p">,</span><span class="w"> </span><span class="nl">"description"</span><span class="p">:</span><span class="w"> </span><span class="s2">"An article"</span><span class="p">,</span><span class="w"> </span><span class="nl">"tags"</span><span class="p">:</span><span class="w"> </span><span class="s2">"blog,test"</span><span class="p">,</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>You should get a 401(Unauthorised) status code. Try again, but add an <code>Authorization</code> header with a bearer token <code>Bearer {token}</code>. Replace <code>{token}</code> with the token you got after logging in. You should get a success response:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Article created successfully"</span><span class="p">,</span><span class="w"> </span><span class="nl">"article"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"title"</span><span class="p">:</span><span class="w"> </span><span class="s2">"testing the routes"</span><span class="p">,</span><span class="w"> </span><span class="nl">"description"</span><span class="p">:</span><span class="w"> </span><span class="s2">"An article"</span><span class="p">,</span><span class="w"> </span><span class="nl">"tags"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="s2">"blog"</span><span class="p">,</span><span class="w"> </span><span class="s2">"test"</span><span class="w"> </span><span class="p">],</span><span class="w"> </span><span class="nl">"author"</span><span class="p">:</span><span class="w"> </span><span class="s2">"6366b10174282b915e1be028"</span><span class="p">,</span><span class="w"> </span><span class="nl">"timestamp"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2022-11-05T20:52:40.573Z"</span><span class="p">,</span><span class="w"> </span><span class="nl">"state"</span><span class="p">:</span><span class="w"> </span><span class="s2">"draft"</span><span class="p">,</span><span class="w"> </span><span class="nl">"readCount"</span><span class="p">:</span><span class="w"> </span><span class="mi">0</span><span class="p">,</span><span class="w"> </span><span class="nl">"readingTime"</span><span class="p">:</span><span class="w"> </span><span class="s2">"1 min"</span><span class="p">,</span><span class="w"> </span><span class="nl">"body"</span><span class="p">:</span><span class="w"> </span><span class="s2">"This is the body of the article"</span><span class="p">,</span><span class="w"> </span><span class="nl">"_id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"6366cd18b34b65410bc391db"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Test the other routes.</p> <p>That's it! With the API routes and controllers implemented and tested, we now have a fully-functional blog API. In the next article, we'll cover additional topics such as error logging and deploying our API. Stay tuned!</p> node api mongodb tutorial Precious Abubakar Mon, 09 Jan 2023 15:18:53 +0000 https://dev.to/pda/building-a-blog-api-with-nodejs-authentication-and-validation-part-3-p4n https://dev.to/pda/building-a-blog-api-with-nodejs-authentication-and-validation-part-3-p4n <p>In the previous articles in <a href="https://dev.to/pda/series/21311">this series</a>, we designed our API, implemented the data models and established the database connection. Before we start building the actual API, we'll cover two topics that are important for any API: </p> <ul> <li>Authentication </li> <li>Validation</li> </ul> <p>Let's start by installing the dependencies required for this section:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>npm install joi jsonwebtoken passport passport-jwt passport-local passport-local-mongoose </code></pre> </div> <h2> Authentication with Passport.js </h2> <p>To authenticate users in our API, we'll be using the popular <a href="https://www.passportjs.org/">Passport.js</a> library. When a user logs in, we'll generate a JWT token for the user. The token will be used to authorise the user's requests to the API.</p> <ul> <li>In the /authentication/passport.js file, set up the JWT strategy: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="kd">const</span> <span class="nx">passport</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">passport</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">localStrategy</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">passport-local</span><span class="dl">"</span><span class="p">).</span><span class="nx">Strategy</span><span class="p">;</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">UserModel</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">../models</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">JWTstrategy</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">passport-jwt</span><span class="dl">"</span><span class="p">).</span><span class="nx">Strategy</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">ExtractJWT</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">passport-jwt</span><span class="dl">"</span><span class="p">).</span><span class="nx">ExtractJwt</span><span class="p">;</span> <span class="nx">passport</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span> <span class="k">new</span> <span class="nx">JWTstrategy</span><span class="p">(</span> <span class="p">{</span> <span class="na">secretOrKey</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">JWT_SECRET</span><span class="p">,</span> <span class="na">jwtFromRequest</span><span class="p">:</span> <span class="nx">ExtractJWT</span><span class="p">.</span><span class="nx">fromAuthHeaderAsBearerToken</span><span class="p">()</span> <span class="p">},</span> <span class="k">async</span> <span class="p">(</span><span class="nx">token</span><span class="p">,</span> <span class="nx">done</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">done</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="nx">token</span><span class="p">.</span><span class="nx">user</span><span class="p">);</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">done</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="p">)</span> <span class="p">);</span> </code></pre> </div> <p>The JSON Web Token (JWT) strategy that allows us to authenticate users by verifying their JWT. To use this strategy, we pass in a secret key (which we have stored in our <code>.env</code> file) and a fucntion. The <code>ExtractJWT.fromAuthHeaderAsBearerToken()</code> method will extract the JWT from the <code>Authorization</code> header of the request as a Bearer token. If the JWT is found, it will be decoded and passed to the function along with the <code>done</code> function. The function will check the <code>user</code> object in the JWT to see if it is valid. If it's valid, it will call the <code>done</code> function with the <code>user</code> object, indicating that the user has been authenticated, else it will call the <code>done</code> function with an error.</p> <ul> <li>For the <code>/signup</code> route, we'll set up a local strategy, which uses the <code>passport-local</code> module to authenticate users with a username (in this case, their email address) and password. When a user signs up, we'll create a new <code>User</code> document in the database and return it to Passport. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="nx">passport</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span> <span class="dl">"</span><span class="s2">signup</span><span class="dl">"</span><span class="p">,</span> <span class="k">new</span> <span class="nx">localStrategy</span><span class="p">(</span> <span class="p">{</span> <span class="na">usernameField</span><span class="p">:</span> <span class="dl">"</span><span class="s2">email</span><span class="dl">"</span><span class="p">,</span> <span class="na">passwordField</span><span class="p">:</span> <span class="dl">"</span><span class="s2">password</span><span class="dl">"</span><span class="p">,</span> <span class="na">passReqToCallback</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">password</span><span class="p">,</span> <span class="nx">done</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">UserModel</span><span class="p">.</span><span class="nx">create</span><span class="p">({</span> <span class="p">...</span><span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">,</span> <span class="nx">password</span> <span class="p">});</span> <span class="k">return</span> <span class="nx">done</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="nx">user</span><span class="p">);</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">done</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="p">)</span> <span class="p">);</span> </code></pre> </div> <ul> <li>The login strategy will also use the <code>passport-local</code> module. When a user logs in, we search the database for a matching email address and verify that the user exists in the database. If the login is successful, we return the <code>user</code> object to Passport. </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="nx">passport</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span> <span class="dl">"</span><span class="s2">login</span><span class="dl">"</span><span class="p">,</span> <span class="k">new</span> <span class="nx">localStrategy</span><span class="p">(</span> <span class="p">{</span> <span class="na">usernameField</span><span class="p">:</span> <span class="dl">"</span><span class="s2">email</span><span class="dl">"</span><span class="p">,</span> <span class="na">passwordField</span><span class="p">:</span> <span class="dl">"</span><span class="s2">password</span><span class="dl">"</span><span class="p">,</span> <span class="na">passReqToCallback</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">password</span><span class="p">,</span> <span class="nx">done</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">UserModel</span><span class="p">.</span><span class="nx">findOne</span><span class="p">({</span> <span class="nx">email</span> <span class="p">});</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="nx">user</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">done</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="kc">false</span><span class="p">,</span> <span class="p">{</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">User not found</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="k">return</span> <span class="nx">done</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="nx">user</span><span class="p">,</span> <span class="p">{</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Logged in Successfully</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">done</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="p">)</span> <span class="p">);</span> </code></pre> </div> <p>We still need to verify the user's password. In <code>/src/models/user.models.js</code>, create a method called <code>isValidPassword()</code> in the <code>User</code> model.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">UserModel</span><span class="p">.</span><span class="nx">methods</span><span class="p">.</span><span class="nx">isValidPassword</span> <span class="o">=</span> <span class="k">async</span> <span class="kd">function</span> <span class="p">(</span><span class="nx">password</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">this</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">match</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">bcrypt</span><span class="p">.</span><span class="nx">compare</span><span class="p">(</span><span class="nx">password</span><span class="p">,</span> <span class="nx">user</span><span class="p">.</span><span class="nx">password</span><span class="p">);</span> <span class="k">return</span> <span class="nx">match</span><span class="p">;</span> <span class="p">};</span> </code></pre> </div> <p><code>isValidPassword</code> takes <code>password</code> as an argument and compares it to the user's hashed password using <code>bcrypt</code>'s <code>compare</code> method. The method returns a boolean value indicating whether the passwords match. </p> <p>In src/authentication/passport.js, call <code>isValidPassword</code> to validate the user's password in the login strategy:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">validate</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">user</span><span class="p">.</span><span class="nx">isValidPassword</span><span class="p">(</span><span class="nx">password</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="nx">validate</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">done</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="kc">false</span><span class="p">,</span> <span class="p">{</span><span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Wrong Password</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> </code></pre> </div> <p>The complete file should look like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">passport</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">passport</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">localStrategy</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">passport-local</span><span class="dl">"</span><span class="p">).</span><span class="nx">Strategy</span><span class="p">;</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">UserModel</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">../models</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">JWTstrategy</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">passport-jwt</span><span class="dl">"</span><span class="p">).</span><span class="nx">Strategy</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">ExtractJWT</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">passport-jwt</span><span class="dl">"</span><span class="p">).</span><span class="nx">ExtractJwt</span><span class="p">;</span> <span class="nx">passport</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span> <span class="k">new</span> <span class="nx">JWTstrategy</span><span class="p">(</span> <span class="p">{</span> <span class="na">secretOrKey</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">JWT_SECRET</span><span class="p">,</span> <span class="na">jwtFromRequest</span><span class="p">:</span> <span class="nx">ExtractJWT</span><span class="p">.</span><span class="nx">fromAuthHeaderAsBearerToken</span><span class="p">()</span> <span class="p">},</span> <span class="k">async</span> <span class="p">(</span><span class="nx">token</span><span class="p">,</span> <span class="nx">done</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">done</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="nx">token</span><span class="p">.</span><span class="nx">user</span><span class="p">);</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">done</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="p">)</span> <span class="p">);</span> <span class="nx">passport</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span> <span class="dl">"</span><span class="s2">signup</span><span class="dl">"</span><span class="p">,</span> <span class="k">new</span> <span class="nx">localStrategy</span><span class="p">(</span> <span class="p">{</span> <span class="na">usernameField</span><span class="p">:</span> <span class="dl">"</span><span class="s2">email</span><span class="dl">"</span><span class="p">,</span> <span class="na">passwordField</span><span class="p">:</span> <span class="dl">"</span><span class="s2">password</span><span class="dl">"</span><span class="p">,</span> <span class="na">passReqToCallback</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">password</span><span class="p">,</span> <span class="nx">done</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">UserModel</span><span class="p">.</span><span class="nx">create</span><span class="p">({</span> <span class="p">...</span><span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">,</span> <span class="nx">password</span> <span class="p">});</span> <span class="k">return</span> <span class="nx">done</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="nx">user</span><span class="p">);</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">done</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="p">)</span> <span class="p">);</span> <span class="nx">passport</span><span class="p">.</span><span class="nx">use</span><span class="p">(</span> <span class="dl">"</span><span class="s2">login</span><span class="dl">"</span><span class="p">,</span> <span class="k">new</span> <span class="nx">localStrategy</span><span class="p">(</span> <span class="p">{</span> <span class="na">usernameField</span><span class="p">:</span> <span class="dl">"</span><span class="s2">email</span><span class="dl">"</span><span class="p">,</span> <span class="na">passwordField</span><span class="p">:</span> <span class="dl">"</span><span class="s2">password</span><span class="dl">"</span><span class="p">,</span> <span class="na">passReqToCallback</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">email</span><span class="p">,</span> <span class="nx">password</span><span class="p">,</span> <span class="nx">done</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">UserModel</span><span class="p">.</span><span class="nx">findOne</span><span class="p">({</span> <span class="nx">email</span> <span class="p">});</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="nx">user</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">done</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="kc">false</span><span class="p">,</span> <span class="p">{</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">User not found</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">validate</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">user</span><span class="p">.</span><span class="nx">isValidPassword</span><span class="p">(</span><span class="nx">password</span><span class="p">);</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="nx">validate</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">done</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="kc">false</span><span class="p">,</span> <span class="p">{</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Wrong Password</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="k">return</span> <span class="nx">done</span><span class="p">(</span><span class="kc">null</span><span class="p">,</span> <span class="nx">user</span><span class="p">,</span> <span class="p">{</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Logged in Successfully</span><span class="dl">"</span> <span class="p">});</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">done</span><span class="p">(</span><span class="nx">error</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="p">)</span> <span class="p">);</span> </code></pre> </div> <h2> Validation with Joi </h2> <p>To validate user input, we'll be using the <a href="https://joi.dev/">Joi library</a>. Joi provides a simple, yet powerful way to define and validate data structures in Node.js applications.</p> <ul> <li>In the <code>/validators</code> directory, create a file called <code>author.validator.js</code>: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">Joi</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">joi</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">newArticleValidationSchema</span> <span class="o">=</span> <span class="nx">Joi</span><span class="p">.</span><span class="nx">object</span><span class="p">({</span> <span class="na">title</span><span class="p">:</span> <span class="nx">Joi</span><span class="p">.</span><span class="nx">string</span><span class="p">().</span><span class="nx">trim</span><span class="p">().</span><span class="nx">required</span><span class="p">(),</span> <span class="na">body</span><span class="p">:</span> <span class="nx">Joi</span><span class="p">.</span><span class="nx">string</span><span class="p">().</span><span class="nx">trim</span><span class="p">().</span><span class="nx">required</span><span class="p">(),</span> <span class="na">description</span><span class="p">:</span> <span class="nx">Joi</span><span class="p">.</span><span class="nx">string</span><span class="p">().</span><span class="nx">trim</span><span class="p">(),</span> <span class="na">tags</span><span class="p">:</span> <span class="nx">Joi</span><span class="p">.</span><span class="nx">string</span><span class="p">().</span><span class="nx">trim</span><span class="p">(),</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">updateArticleValidationSchema</span> <span class="o">=</span> <span class="nx">Joi</span><span class="p">.</span><span class="nx">object</span><span class="p">({</span> <span class="na">title</span><span class="p">:</span> <span class="nx">Joi</span><span class="p">.</span><span class="nx">string</span><span class="p">().</span><span class="nx">trim</span><span class="p">(),</span> <span class="na">body</span><span class="p">:</span> <span class="nx">Joi</span><span class="p">.</span><span class="nx">string</span><span class="p">().</span><span class="nx">trim</span><span class="p">(),</span> <span class="na">description</span><span class="p">:</span> <span class="nx">Joi</span><span class="p">.</span><span class="nx">string</span><span class="p">().</span><span class="nx">trim</span><span class="p">(),</span> <span class="na">tags</span><span class="p">:</span> <span class="nx">Joi</span><span class="p">.</span><span class="nx">string</span><span class="p">().</span><span class="nx">trim</span><span class="p">(),</span> <span class="na">state</span><span class="p">:</span> <span class="nx">Joi</span><span class="p">.</span><span class="nx">string</span><span class="p">().</span><span class="nx">trim</span><span class="p">(),</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">newArticleValidationMW</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">article</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="k">try</span> <span class="p">{</span> <span class="k">await</span> <span class="nx">newArticleValidationSchema</span><span class="p">.</span><span class="nx">validateAsync</span><span class="p">(</span><span class="nx">article</span><span class="p">);</span> <span class="nx">next</span><span class="p">();</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="mi">406</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="nx">error</span><span class="p">.</span><span class="nx">details</span><span class="p">[</span><span class="mi">0</span><span class="p">].</span><span class="nx">message</span> <span class="p">});</span> <span class="p">}</span> <span class="p">};</span> <span class="kd">const</span> <span class="nx">updateArticleValidationMW</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">article</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="k">try</span> <span class="p">{</span> <span class="k">await</span> <span class="nx">updateArticleValidationSchema</span><span class="p">.</span><span class="nx">validateAsync</span><span class="p">(</span><span class="nx">article</span><span class="p">);</span> <span class="nx">next</span><span class="p">();</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="mi">406</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="nx">error</span><span class="p">.</span><span class="nx">details</span><span class="p">[</span><span class="mi">0</span><span class="p">].</span><span class="nx">message</span> <span class="p">});</span> <span class="p">}</span> <span class="p">};</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="p">{</span> <span class="nx">newArticleValidationMW</span><span class="p">,</span> <span class="nx">updateArticleValidationMW</span><span class="p">,</span> <span class="p">};</span> </code></pre> </div> <p>We're exporting two middleware functions, <code>newArticleValidationMW</code> and <code>updateArticleValidationMW</code>. <code>newArticleValidationMW</code> uses the <code>newArticleValidationSchema</code> to verify that the request body of a new article request contains all of the required fields (<code>title</code>, <code>body</code>) and all the provided fields are in the correct format. If all of the fields are valid, it calls the next function to continue with the request. <code>updateArticleValidationMW</code>, is similar to the first, but it uses the <code>updateArticleValidationSchema</code> to validate the request body of an update article request. </p> <p>Both functions use the <code>validateAsync</code> method provided by the Joi library to perform the validation. This method takes an object (the request body) and returns a promise that is rejected if the object is invalid or resolved if it is valid.</p> <ul> <li>In the <code>/validators</code> directory, create a file called <code>user.validator.js</code>: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">Joi</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">joi</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">validateUserMiddleware</span> <span class="o">=</span> <span class="k">async</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">;</span> <span class="k">try</span> <span class="p">{</span> <span class="k">await</span> <span class="nx">userValidator</span><span class="p">.</span><span class="nx">validateAsync</span><span class="p">(</span><span class="nx">user</span><span class="p">);</span> <span class="nx">next</span><span class="p">();</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="mi">406</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="nx">error</span><span class="p">.</span><span class="nx">details</span><span class="p">[</span><span class="mi">0</span><span class="p">].</span><span class="nx">message</span> <span class="p">});</span> <span class="p">}</span> <span class="p">};</span> <span class="kd">const</span> <span class="nx">userValidator</span> <span class="o">=</span> <span class="nx">Joi</span><span class="p">.</span><span class="nx">object</span><span class="p">({</span> <span class="na">firstname</span><span class="p">:</span> <span class="nx">Joi</span><span class="p">.</span><span class="nx">string</span><span class="p">().</span><span class="nx">min</span><span class="p">(</span><span class="mi">2</span><span class="p">).</span><span class="nx">max</span><span class="p">(</span><span class="mi">30</span><span class="p">).</span><span class="nx">required</span><span class="p">(),</span> <span class="na">lastname</span><span class="p">:</span> <span class="nx">Joi</span><span class="p">.</span><span class="nx">string</span><span class="p">().</span><span class="nx">min</span><span class="p">(</span><span class="mi">2</span><span class="p">).</span><span class="nx">max</span><span class="p">(</span><span class="mi">30</span><span class="p">).</span><span class="nx">required</span><span class="p">(),</span> <span class="na">email</span><span class="p">:</span> <span class="nx">Joi</span><span class="p">.</span><span class="nx">string</span><span class="p">().</span><span class="nx">email</span><span class="p">({</span> <span class="na">minDomainSegments</span><span class="p">:</span> <span class="mi">2</span><span class="p">,</span> <span class="na">tlds</span><span class="p">:</span> <span class="p">{</span> <span class="na">allow</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">com</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">net</span><span class="dl">"</span><span class="p">]</span> <span class="p">},</span> <span class="p">}),</span> <span class="na">password</span><span class="p">:</span> <span class="nx">Joi</span><span class="p">.</span><span class="nx">string</span><span class="p">()</span> <span class="p">.</span><span class="nx">pattern</span><span class="p">(</span><span class="k">new</span> <span class="nb">RegExp</span><span class="p">(</span><span class="dl">"</span><span class="s2">^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.{8,})</span><span class="dl">"</span><span class="p">))</span> <span class="p">.</span><span class="nx">required</span><span class="p">(),</span> <span class="p">});</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="nx">validateUserMiddleware</span><span class="p">;</span> </code></pre> </div> <ul> <li>In <code>/validators/index.js</code>: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">userValidator</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">./user.validator</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">newArticleValidationMW</span><span class="p">,</span> <span class="nx">updateArticleValidationMW</span><span class="p">,</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">./author.validator</span><span class="dl">"</span><span class="p">);</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="p">{</span> <span class="nx">userValidator</span><span class="p">,</span> <span class="nx">newArticleValidationMW</span><span class="p">,</span> <span class="nx">updateArticleValidationMW</span><span class="p">,</span> <span class="p">};</span> </code></pre> </div> <p>With authentication and validation in place, we're ready to start building the API routes and controllers. In the next article, we'll dive into the details of implementing the routes and controllers for our blog API. Stay tuned!</p> api node jwt Precious Abubakar Sun, 08 Jan 2023 20:03:46 +0000 https://dev.to/pda/building-a-blog-api-with-nodejs-designing-the-api-part-2-494a https://dev.to/pda/building-a-blog-api-with-nodejs-designing-the-api-part-2-494a <p>In <a href="https://dev.to/pda/building-a-blog-api-with-nodejs-introduction-and-setting-up-the-server-part-1-2266">part one</a> of this series, we set up our development environment and a basic file structure. Now, let's design the API itself. In this article, we'll cover the following topics:</p> <ul> <li><p>Deciding on the routes and functionality of our API</p></li> <li><p>Defining the data models for our database</p></li> <li><p>Implementing the data models</p></li> <li><p>Setting up the database connection</p></li> </ul> <p>Let's get started!</p> <h2> Deciding on the Routes and Functionality </h2> <p>The first step in designing our API is to decide on the routes and functionality we want to include.</p> <p>Let's outline the requirements for our blog:</p> <ul> <li><p>A user should be able to sign up and sign in to the blog app</p></li> <li><p>A blog can be in two states: draft and published</p></li> <li><p>A user should be able to get a list of published articles, whether logged in or not</p></li> <li><p>A user should be able to get a published article, whether logged in or not</p></li> <li><p>A logged in user should be able to create an article.</p></li> <li><p>When an article is created, it should be in draft state.</p></li> <li><p>The author of the article should be able to update the state of the article to published</p></li> <li><p>The author of the article should be able to edit the article in draft or published state</p></li> <li><p>The author of the article should be able to delete the article in draft or published state</p></li> <li><p>The author of the article should be able to get a list of their articles. The endpoint should be paginated and filterable by state</p></li> <li><p>Articles created should have title, cover image, description, tags, author, timestamp, state, read count, reading time and body.</p></li> <li> <p>The list of articles endpoint that can be accessed by both logged in and not logged in users should be paginated.</p> <ul> <li>It should be searchable by author, title and tags.</li> <li>It should also be orderable by read count, reading time and timestamp</li> </ul> </li> <li><p>When a single article is requested, the API should return the author's information with the blog, and the read count of the blog should increase by 1.</p></li> </ul> <p>Considering the outlined requirements, we'll define our routes as follows:</p> <ul> <li> <p>Blog routes:</p> <ul> <li>GET /blog: Retrieve a list of all published articles</li> <li>GET /blog/:article_id: Retrieve a single article by its ID</li> </ul> </li> <li> <p>Author routes: We want only authenticated users to have access to these routes and all of the CRUD operations.</p> <ul> <li>GET /author/blog: Retrieve a list of all published articles created by the user.</li> <li>POST /author/blog: Create a new article</li> <li>PATCH /author/blog/edit/:article_id: Update an article by its ID</li> <li>PATCH /author/blog/edit/state/:article_id: Update an article's state</li> <li>DELETE /author/blog/:article_id: Delete an article by its ID</li> </ul> </li> <li> <p>Auth routes: for managing user authentication.</p> <ul> <li>POST /auth/signup: Register a new user</li> <li>POST /auth/login: Log in an existing user</li> </ul> </li> </ul> <h2> Defining the Data Models </h2> <p>With the routes defined, we can start thinking about the data models for our database. A data model is a representation of the data that will be stored in the database and the relationships between that data. We'll be using Mongoose to define our schema.</p> <p>We will have two data models: Blog and User.</p> <h3> User </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>field</th> <th>data_type</th> <th>constraints</th> </tr> </thead> <tbody> <tr> <td>firstname</td> <td>String</td> <td>required</td> </tr> <tr> <td>lastname</td> <td>String</td> <td>required</td> </tr> <tr> <td>email</td> <td>String</td> <td>required, unique, index</td> </tr> <tr> <td>password</td> <td>String</td> <td>required</td> </tr> <tr> <td>articles</td> <td>Array, [ObjectId]</td> <td>ref - Blog</td> </tr> </tbody> </table></div> <h3> Blog </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>field</th> <th>data_type</th> <th>constraints</th> </tr> </thead> <tbody> <tr> <td>title</td> <td>String</td> <td>required, unique, index</td> </tr> <tr> <td>description</td> <td>String</td> <td></td> </tr> <tr> <td>tags</td> <td>Array, [String]</td> <td></td> </tr> <tr> <td>imageUrl</td> <td>String</td> <td></td> </tr> <tr> <td>author</td> <td>ObjectId</td> <td>ref - Users</td> </tr> <tr> <td>timestamp</td> <td>Date</td> <td></td> </tr> <tr> <td>state</td> <td>String</td> <td>required, enum: ['draft', 'published'], default:'draft'</td> </tr> <tr> <td>readCount</td> <td>Number</td> <td>default:0</td> </tr> <tr> <td>readingTime</td> <td>String</td> <td></td> </tr> <tr> <td>body</td> <td>String</td> <td>required</td> </tr> </tbody> </table></div> <p>Mongoose has a method called <code>populate()</code>, which lets you reference documents in other collections. <code>populate()</code> will automatically replace the specified paths in the document with document(s) from other collection(s). The <code>User</code> model has its <code>articles</code> field set to an array of <code>ObjectId</code>'s. The <code>ref</code> option is what tells Mongoose which model to use during population, in this case the <code>Blog</code> model. All <code>_id</code>'s we store here must be article <code>_id</code>'s from the <code>Blog</code> model. Similarly, the <code>Blog</code> model references the <code>User</code> model in its <code>author</code> field.</p> <h2> Implementing the data models </h2> <ul> <li>In <code>/src/models</code>, create a file called <code>blog.model.js</code> and set up the Blog model: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">mongoose</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">mongoose</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">uniqueValidator</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">mongoose-unique-validator</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">Schema</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">mongoose</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">BlogSchema</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">Schema</span><span class="p">({</span> <span class="na">title</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">required</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">unique</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">index</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="na">description</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">tags</span><span class="p">:</span> <span class="p">[</span><span class="nb">String</span><span class="p">],</span> <span class="na">author</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="nx">Schema</span><span class="p">.</span><span class="nx">Types</span><span class="p">.</span><span class="nx">ObjectId</span><span class="p">,</span> <span class="na">ref</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Users</span><span class="dl">"</span> <span class="p">},</span> <span class="na">timestamp</span><span class="p">:</span> <span class="nb">Date</span><span class="p">,</span> <span class="na">imageUrl</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">state</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">enum</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">draft</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">published</span><span class="dl">"</span><span class="p">],</span> <span class="na">default</span><span class="p">:</span> <span class="dl">"</span><span class="s2">draft</span><span class="dl">"</span> <span class="p">},</span> <span class="na">readCount</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="nb">Number</span><span class="p">,</span> <span class="na">default</span><span class="p">:</span> <span class="mi">0</span> <span class="p">},</span> <span class="na">readingTime</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">body</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">required</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="p">});</span> <span class="c1">// Apply the uniqueValidator plugin to the blog model</span> <span class="nx">BlogSchema</span><span class="p">.</span><span class="nx">plugin</span><span class="p">(</span><span class="nx">uniqueValidator</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">Blog</span> <span class="o">=</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nx">model</span><span class="p">(</span><span class="dl">"</span><span class="s2">Blog</span><span class="dl">"</span><span class="p">,</span> <span class="nx">BlogSchema</span><span class="p">);</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="nx">Blog</span><span class="p">;</span> </code></pre> </div> <p>The <code>title</code> field is defined as a required string and must be unique across all documents in the collection. The <code>description</code> field is defined as a string, and the <code>tags</code> field is defined as an array of strings. The <code>author</code> field is defined as a reference to a document in the <code>users</code> collection, and the <code>timestamp</code> field is defined as a date. The <code>imageUrl</code> field is defined as a string, the <code>state</code> field is defined as a string with a set of allowed values (either "draft" or "published"), and the <code>readCount</code> field is defined as a number with a default value of 0. The <code>readingTime</code> field is defined as a string, and the <code>body</code> field is defined as a required string.</p> <p><code>mongoose-unique-validator</code> is a plugin that adds pre-save validation for unique fields within a Mongoose schema. It will validate the <code>unique</code> option in the schema and prevent the insertion of a document if the value of a unique field already exists in the collection.</p> <ul> <li>In <code>/src/models</code>, create a file called <code>user.model.js</code> and set up the User model: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">mongoose</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">mongoose</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">uniqueValidator</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">mongoose-unique-validator</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">bcrypt</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">bcrypt</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="p">{</span> <span class="nx">Schema</span> <span class="p">}</span> <span class="o">=</span> <span class="nx">mongoose</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">UserModel</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">Schema</span><span class="p">({</span> <span class="na">firstname</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">required</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="na">lastname</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">required</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="na">email</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">required</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">unique</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">index</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">},</span> <span class="na">password</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="nb">String</span><span class="p">,</span> <span class="na">required</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="na">articles</span><span class="p">:</span> <span class="p">[{</span> <span class="na">type</span><span class="p">:</span> <span class="nx">Schema</span><span class="p">.</span><span class="nx">Types</span><span class="p">.</span><span class="nx">ObjectId</span><span class="p">,</span> <span class="na">ref</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Blog</span><span class="dl">"</span> <span class="p">}],</span> <span class="p">});</span> <span class="c1">// Apply the uniqueValidator plugin to the user model</span> <span class="nx">UserModel</span><span class="p">.</span><span class="nx">plugin</span><span class="p">(</span><span class="nx">uniqueValidator</span><span class="p">);</span> <span class="nx">UserModel</span><span class="p">.</span><span class="nx">pre</span><span class="p">(</span><span class="dl">"</span><span class="s2">save</span><span class="dl">"</span><span class="p">,</span> <span class="k">async</span> <span class="kd">function</span> <span class="p">(</span><span class="nx">next</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="k">this</span><span class="p">;</span> <span class="k">if</span> <span class="p">(</span><span class="nx">user</span><span class="p">.</span><span class="nx">isModified</span><span class="p">(</span><span class="dl">"</span><span class="s2">password</span><span class="dl">"</span><span class="p">)</span> <span class="o">||</span> <span class="nx">user</span><span class="p">.</span><span class="nx">isNew</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">hash</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">bcrypt</span><span class="p">.</span><span class="nx">hash</span><span class="p">(</span><span class="k">this</span><span class="p">.</span><span class="nx">password</span><span class="p">,</span> <span class="mi">10</span><span class="p">);</span> <span class="k">this</span><span class="p">.</span><span class="nx">password</span> <span class="o">=</span> <span class="nx">hash</span><span class="p">;</span> <span class="p">}</span> <span class="k">else</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">next</span><span class="p">();</span> <span class="p">}</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">User</span> <span class="o">=</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nx">model</span><span class="p">(</span><span class="dl">"</span><span class="s2">Users</span><span class="dl">"</span><span class="p">,</span> <span class="nx">UserModel</span><span class="p">);</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="nx">User</span><span class="p">;</span> </code></pre> </div> <p>The <code>firstname</code> and <code>lastname</code> fields are defined as required strings, and the <code>email</code> field is defined as a required string and must be unique across all documents in the collection. The <code>password</code> field is defined as a required string, and the <code>articles</code> field is defined as an array of references to documents in the <code>Blog</code> collection.</p> <p>The <code>pre</code> hook is used to add a function that will be executed before a specific Mongoose method is run. The pre-save hook here hashes the user's password with the npm module <code>bcrypt</code>, before the user document is saved to the database.</p> <h2> Setting Up the Database Connection </h2> <p>Now that we have our routes and data models defined, it's time to set up the database connection.</p> <ul> <li><p>Set up your MongoDB database and save the connection url in your <code>.env</code> file.</p></li> <li><p>Run the following command to install the npm package <code>mongoose</code>:<br> </p></li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>npm install --save mongoose </code></pre> </div> <ul> <li>Create a file called <code>db.js</code> in the <code>/database</code> directory. In <code>/database/db.js</code>, set up the database connection using Mongoose: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">mongoose</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">'</span><span class="s1">mongoose</span><span class="dl">'</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">connect</span> <span class="o">=</span> <span class="p">(</span><span class="nx">url</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nx">connect</span><span class="p">(</span><span class="nx">url</span> <span class="o">||</span> <span class="dl">'</span><span class="s1">mongodb://[localhost:27017](http://localhost:27017)</span><span class="dl">'</span><span class="p">)</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nx">connection</span><span class="p">.</span><span class="nx">on</span><span class="p">(</span><span class="dl">"</span><span class="s2">connected</span><span class="dl">"</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nx">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">Connected to MongoDB Successfully</span><span class="dl">"</span><span class="p">);</span> <span class="p">});</span> <span class="nx">mongoose</span><span class="p">.</span><span class="nx">connection</span><span class="p">.</span><span class="nx">on</span><span class="p">(</span><span class="dl">"</span><span class="s2">error</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nx">log</span><span class="p">(</span><span class="dl">"</span><span class="s2">An error occurred while connecting to MongoDB</span><span class="dl">"</span><span class="p">);</span> <span class="nx">console</span><span class="p">.</span><span class="nx">log</span><span class="p">(</span><span class="nx">err</span><span class="p">);</span> <span class="p">});</span> <span class="p">}</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="p">{</span> <span class="nx">connect</span> <span class="p">};</span> </code></pre> </div> <p>The <code>connect</code> function takes an optional <code>url</code> argument, which specifies the URL of the database to connect to. If no URL is provided, it defaults to 'mongodb://<a href="http://localhost:27017">localhost:27017</a>', which connects to the MongoDB instance running on the local machine at the default port (27017).</p> <ul> <li>Create an <code>index.js</code> file in the <code>/database</code> directory: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">database</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">./db</span><span class="dl">"</span><span class="p">);</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="p">{</span> <span class="nx">database</span><span class="p">,</span> <span class="p">};</span> </code></pre> </div> <p>Now that we have the database connection set up, in the next article, we'll dive into two important concepts- authentication and data validation. Stay tuned!</p> node mongoose mongodb api Precious Abubakar Sun, 08 Jan 2023 18:16:43 +0000 https://dev.to/pda/building-a-blog-api-with-nodejs-introduction-and-setting-up-the-server-part-1-2266 https://dev.to/pda/building-a-blog-api-with-nodejs-introduction-and-setting-up-the-server-part-1-2266 <h2> Introduction </h2> <p>In this series, we'll be building a simple blog API using Node.js. If you're not familiar with what an API is, it stands for "Application Programming Interface" and it allows different software systems to communicate with each other. In this case, our blog API will allow us to create, read, update, and delete blog posts, as well as manage user authentication.</p> <p>Why build a blog API with Node.js? Node.js is a popular, open-source runtime environment for executing JavaScript code outside of a browser. It has a large, active community of developers and a wealth of libraries and frameworks that make it easy to build scalable, high-performance web applications.</p> <p>In this first article, we'll cover the initial steps of setting up our development environment, creating a new project and setting up our server. Let's get started!</p> <h2> Prerequisites </h2> <p>Here's what we'll need:</p> <ul> <li><p>Node.js: You can download the latest version of Node.js from the <a href="https://nodejs.org/" rel="noopener noreferrer">official website</a> and follow the installation instructions. This will also install the Node.js package manager (npm), which we'll use to install additional packages.</p></li> <li><p>MongoDB: We'll be using a MongoDB database to store our data. You can follow the installation instructions on the <a href="https://www.mongodb.com/docs/manual/administration/install-community/" rel="noopener noreferrer">official website</a>.</p></li> <li><p>A code editor: You can use any code editor that you prefer, such as Visual Studio Code, Sublime Text, or Atom.</p></li> <li><p>A terminal: We'll be using the integrated VS code terminal to run commands and interact with our project, but you can use your preferred terminal.</p></li> <li><p>A basic understanding of JavaScript, APIs, databases and other web development concepts. If you're new to these topics, it might be helpful to brush up on your knowledge before diving into this tutorial.</p></li> </ul> <h2> Setting up the Development Environment </h2> <ol> <li> <p>To create a new project, open up your terminal and navigate to the directory where you want to create your project. Then, run the following command:<br> </p> <pre class="highlight plaintext"><code>npm init -y </code></pre> <p>This will create a package.json file in your project directory, which is used to manage dependencies and scripts for your project. The <code>-y</code> flag accepts all the default options, so you don't have to manually enter them.</p> </li> <li> <p>Next, run the following command to install these dependencies:<br> </p> <pre class="highlight plaintext"><code>npm install --save express dotenv cors express-rate-limit helmet express-fileupload </code></pre> </li> </ol> <h3> File Structure </h3> <p>Now that we have our dependencies installed, let's create the file structure for our project. Create the following directories and files in your project directory:</p> <ul> <li><p><code>/src</code>: This is the main directory for our project. It will contain all the source code for our application.</p></li> <li><p><code>/src/authentication</code>: This directory will contain the code related to user authentication, such as password hashing and JWT generation.</p></li> <li><p><code>/src/config</code>: This directory will contain configuration files for our application, such as the database connection string and server port number.</p></li> <li><p><code>/src/controllers</code>: This directory will contain the code for the controllers of our API. Controllers handle incoming requests and send responses to the client.</p></li> <li><p><code>/src/database</code>: This directory will contain the code for connecting to and interacting with the database.</p></li> <li><p><code>/src/loggers</code>: This directory will contain the code for logging events in our application.</p></li> <li><p><code>/src/models</code>: This directory will contain the code for the database models of our application. Models represent the data stored in the database and provide an interface for interacting with that data.</p></li> <li><p><code>/src/routes</code>: This directory will contain the code for the API routes. Routes define the endpoints of our API and specify the HTTP methods (e.g., GET, POST) that can be used to access them.</p></li> <li><p><code>/src/services</code>: This directory will contain any service objects or utility functions that are used throughout our application.</p></li> <li><p><code>/src/validators</code>: This directory will contain the code for validating input data.</p></li> <li><p><code>app.js</code>: This file will contain the middleware and routers for the server.</p></li> <li><p><code>index.js</code>: This is the entry point for our application. It will contain the code for starting the server and connecting to the database.</p></li> <li><p><code>package.json</code>: This file contains metadata for the API. The <code>start</code> script should be: <code>"start": "node index.js"</code>.</p></li> </ul> <h3> Setting Up Environment Variables </h3> <p>Let's set up the environment variables we'll need for this project. As we build, it will become clear why each variable is needed.</p> <p>Avoid exposing your API secrets, as it is a security risk. If you're using version control, you can set up a config file that you can push without exposing any secrets, or you may create a <code>.env.example</code> showing the variable names only, with no values.</p> <ol> <li> <p>Create an <code>index.js</code> file in <code>/src/config</code>:<br> </p> <pre class="highlight javascript"><code><span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">dotenv</span><span class="dl">"</span><span class="p">).</span><span class="nf">config</span><span class="p">();</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="p">{</span> <span class="na">PORT</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">PORT</span><span class="p">,</span> <span class="na">MONGODB_CONNECTION_URL</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">MONGODB_CONNECTION_URL</span><span class="p">,</span> <span class="na">JWT_SECRET</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">JWT_SECRET</span><span class="p">,</span> <span class="na">CLOUDINARY_URL</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">CLOUDINARY_URL</span><span class="p">,</span> <span class="p">};</span> </code></pre> </li> <li> <p>In the root directory, create a <code>.env</code> file. We'll update the values as we build:<br> </p> <pre class="highlight plaintext"><code>PORT=5000 MONGODB_CONNECTION_URL= JWT_SECRET= CLOUDINARY_URL= </code></pre> </li> </ol> <h2> <strong>Setting up the server</strong> </h2> <ol> <li> <p>In the <code>app.js</code> file, add the following code:<br> </p> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">express</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">express</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">rateLimit</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">express-rate-limit</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">helmet</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">helmet</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">cors</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">cors</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">fileUpload</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">express-fileupload</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">CONFIG</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">./src/config</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nf">cors</span><span class="p">());</span> <span class="kd">const</span> <span class="nx">limiter</span> <span class="o">=</span> <span class="nf">rateLimit</span><span class="p">({</span> <span class="na">windowMs</span><span class="p">:</span> <span class="mi">15</span> <span class="o">*</span> <span class="mi">60</span> <span class="o">*</span> <span class="mi">1000</span><span class="p">,</span> <span class="na">max</span><span class="p">:</span> <span class="mi">100</span><span class="p">,</span> <span class="na">standardHeaders</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">legacyHeaders</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Too many requests, please try again after 15 minutes</span><span class="dl">"</span><span class="p">,</span> <span class="p">});</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">limiter</span><span class="p">);</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nf">helmet</span><span class="p">());</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">json</span><span class="p">());</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">urlencoded</span><span class="p">({</span> <span class="na">extended</span><span class="p">:</span> <span class="kc">true</span> <span class="p">}));</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span> <span class="nf">fileUpload</span><span class="p">({</span> <span class="na">createParentPath</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">useTempFiles</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">tempFileDir</span><span class="p">:</span> <span class="dl">"</span><span class="s2">/tmp/</span><span class="dl">"</span><span class="p">,</span> <span class="p">})</span> <span class="p">);</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">"</span><span class="s2">/</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">status</span><span class="p">:</span> <span class="kc">true</span> <span class="p">});</span> <span class="p">});</span> <span class="c1">// 404 error handler</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="dl">"</span><span class="s2">*</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="mi">404</span><span class="p">).</span><span class="nf">json</span><span class="p">({</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Route not found</span><span class="dl">"</span> <span class="p">});</span> <span class="p">});</span> <span class="c1">// Error Handler</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nf">function </span><span class="p">(</span><span class="nx">err</span><span class="p">,</span> <span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">,</span> <span class="nx">next</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">err</span><span class="p">.</span><span class="nx">message</span><span class="p">);</span> <span class="nx">res</span><span class="p">.</span><span class="nf">status</span><span class="p">(</span><span class="nx">err</span><span class="p">.</span><span class="nx">status</span> <span class="o">||</span> <span class="mi">500</span><span class="p">).</span><span class="nf">send</span><span class="p">(</span><span class="dl">"</span><span class="s2">Oops, something failed</span><span class="dl">"</span><span class="p">);</span> <span class="p">});</span> <span class="nx">module</span><span class="p">.</span><span class="nx">exports</span> <span class="o">=</span> <span class="nx">app</span><span class="p">;</span> </code></pre> <p>We've set up the following middleware:</p> <p><code>cors</code> allows cross-origin resource sharing, which means that our API can be accessed from a different domain.</p> <p>Following that, we have a rate-limiting middleware that limits the number of requests a user can make within a certain period. This helps protect against malicious users trying to overwhelm the server with requests:<br> </p> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">limiter</span> <span class="o">=</span> <span class="nf">rateLimit</span><span class="p">({</span> <span class="na">windowMs</span><span class="p">:</span> <span class="mi">15</span> <span class="o">*</span> <span class="mi">60</span> <span class="o">*</span> <span class="mi">1000</span><span class="p">,</span> <span class="na">max</span><span class="p">:</span> <span class="mi">100</span><span class="p">,</span> <span class="na">standardHeaders</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">legacyHeaders</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">message</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Too many requests, please try again after 15 minutes</span><span class="dl">"</span><span class="p">,</span> <span class="p">});</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">limiter</span><span class="p">);</span> </code></pre> <p>We also have the <code>helmet</code> middleware, which helps secure the API by setting various HTTP headers.</p> <p>Then, we have the following middleware which allows the API to process JSON and URL-encoded data in the body of requests:<br> </p> <pre class="highlight javascript"><code><span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">json</span><span class="p">());</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nx">express</span><span class="p">.</span><span class="nf">urlencoded</span><span class="p">({</span> <span class="na">extended</span><span class="p">:</span> <span class="kc">true</span> <span class="p">}));</span> </code></pre> <p>Finally, we have the <code>fileUpload</code> middleware, which allows the API to handle file uploads:<br> </p> <pre class="highlight javascript"><code><span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nf">fileUpload</span><span class="p">({</span> <span class="na">createParentPath</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">useTempFiles</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">tempFileDir</span><span class="p">:</span> <span class="dl">"</span><span class="s2">/tmp/</span><span class="dl">"</span><span class="p">,</span> <span class="p">}));</span> </code></pre> </li> <li> <p>In the <code>index.js</code> file, add the following code:<br> </p> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">./app</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">CONFIG</span> <span class="o">=</span> <span class="nf">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">./src/config</span><span class="dl">"</span><span class="p">);</span> <span class="nx">app</span><span class="p">.</span><span class="nf">listen</span><span class="p">(</span><span class="nx">CONFIG</span><span class="p">.</span><span class="nx">PORT</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="s2">`server listening on port </span><span class="p">${</span><span class="nx">CONFIG</span><span class="p">.</span><span class="nx">PORT</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="p">});</span> </code></pre> </li> </ol> <p>Now we're ready to start coding the individual components of our blog API. In <a href="https://dev.to/pda/building-a-blog-api-with-nodejs-designing-the-api-part-2-494a">the next article</a>, we'll begin with the database models and establish a connection to the database. Stay tuned!</p> gratitude Precious Abubakar Sun, 23 Oct 2022 20:44:02 +0000 https://dev.to/pda/how-to-reset-a-local-git-branch-to-a-remote-branch-5b4f https://dev.to/pda/how-to-reset-a-local-git-branch-to-a-remote-branch-5b4f <p>Git is a free and open-source distributed version control system that makes collaboration seamless. The Git feature that really makes it stand out is its branching model. Git allows and encourages you to have multiple local branches that can be entirely independent of each other. </p> <p>Keeping your local branches in sync with the remote is a common problem faced by developers, and the obvious solution is <code>$ git pull &lt;remote&gt; &lt;branch&gt;</code> which incorporates changes from the remote branch into the local branch. However, sometimes you don't want to merge the remote changes with your local changes, because, for one reason or the other, you want to have a copy of the remote changes in an unaltered state, without interference from your own local changes. </p> <p>In this article, you will learn how to reset a local branch to a remote branch using git fetch and git reset. If you’re confused by some of the terminology (e.g. remote), read <a href="https://git-scm.com/book/id/v2/Git-Branching-Remote-Branches#_remote_branches" rel="noopener noreferrer">this</a>.</p> <h2> Prerequisite </h2> <ul> <li>Basic knowledge of git</li> </ul> <h2> Understanding the Problem </h2> <p>Picture this: you're contributing to a group project and you've made some changes locally. Contributor B refactors the codebase and merges the changes to the upstream/main branch. You want to make sure this new update works before you integrate it into your local main branch, so you create a branch <code>$ git checkout -b test</code> and pull from upstream <code>$ git pull upstream main</code>. </p> <p>What happens? You either get merge conflicts or an updated version of your code with both local and upstream changes merged. But this wasn't what you were hoping to achieve, so how can you pull the upstream changes while discarding everything that currently exists on the test branch? </p> <p>First, let's take a look at how <code>git pull</code> works.</p> <h3> Git Pull </h3> <p>Git pull incorporates changes from a remote repository into the current branch. Git pull does two things- fetching and merging. More precisely, <code>git pull</code> runs <code>git fetch</code> and then depending on configuration options or command line flags, will call either <code>git rebase</code> or <code>git merge</code>.</p> <ul> <li><p><strong>Git Fetch</strong>: downloads objects and refs from another repository. In this context, it downloads the changes from our upstream/main branch.</p></li> <li><p><strong>Git Merge</strong>: incorporates changes from the latest commits into the current branch. This is the step we want to avoid since we don't actually want to merge the two histories, we only want to keep one.</p></li> </ul> <p>In this example, the current branch is "test", and by running <code>git push</code>, we are merging the changes from upstream/main into our local test branch. <br> <a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fm235aqy2r74f8aqps5um.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fm235aqy2r74f8aqps5um.png" alt="git pull workflow"></a></p> <h2> TLDR: The Solution </h2> <p>We can fetch the remote changes from upstream/main using git fetch, and reset the local branch using git reset.<br> <a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fa5b709bw06g4nu991mty.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fa5b709bw06g4nu991mty.png" alt="git fetch and git reset workflow"></a></p> <p><strong>Git Reset</strong>: resets the current branch to the specified state. There are several configurations but we'll be using the <code>--hard</code> flag. <code>--hard</code> resets the index and working tree. Any changes to tracked files in the working tree are discarded. Any untracked files or directories in the way of writing any tracked files are simply deleted.</p> <h3> Reset Local Branch to Remote Using Git Reset </h3> <ul> <li> <p>On your local repository, checkout to a new branch<br> </p> <p><code>$ git checkout new-branch</code><br> </p> </li> <li> <p>Fetch changes from remote (in this example, we are fetching from the upstream/main branch but you can change this to suit your use case)<br> </p> <p><code>$ git fetch upstream main</code><br> </p> </li> <li> <p>Reset local branch to remote branch<br> </p> <p><code>$ git reset --hard upstream/main</code><br> </p> </li> <li> <p>clean up any untracked changes<br> </p> <p><code>$ git clean -xdf</code><br> </p> </li> </ul> <p>The <code>-x</code> flag removes ignored files.</p> <p>The <code>-d</code> flag removes untracked folders.</p> <p>The <code>-f</code> flag removes untracked files.</p> <h2> Conclusion </h2> <p>There are other methods you can use to solve this problem, and this <a href="https://alphaefficiency.com/git-reset-local-branch-to-remote" rel="noopener noreferrer">article</a> by Brian Dordevic talks about them. Another great resource you can look at is this <a href="https://www.freecodecamp.org/news/git-reset-origin-how-to-reset-a-local-branch-to-remote-tracking-branch" rel="noopener noreferrer">post</a> on freecodecamp.</p> <p>Now that you know the basics about <code>git pull</code>, <code>git fetch</code>, <code>git merge</code> and <code>git reset</code>, you can find out more about how they really work and all the different ways you can use them in the <a href="https://git-scm.com/docs/git#_git_commands" rel="noopener noreferrer">git documentation</a>. </p> <p>Using git can be overwhelming, but you can take comfort in the fact that nobody has all the git commands memorized. It's okay to have issues occasionally, what matters is that you can figure them out and learn something in the process. You can always read the documentation, ask questions or find answers on <a href="https://stackoverflow.com" rel="noopener noreferrer">Stackoverflow</a>. We all do. 😉</p> <h2> Credits </h2> <ul> <li><a href="https://www.git-scm.com/doc" rel="noopener noreferrer">Git docs</a></li> <li><a href="https://alphaefficiency.com/git-reset-local-branch-to-remote" rel="noopener noreferrer">Alpha Efficiency</a></li> </ul> programming beginners git github Precious Abubakar Sat, 04 Jun 2022 10:58:10 +0000 https://dev.to/pda/open-source-contribution-why-its-a-great-idea-5d1l https://dev.to/pda/open-source-contribution-why-its-a-great-idea-5d1l <h2> What is Open Source Software? </h2> <p>Imagine a Chef writing a recipe book. He uploads his manuscript to Google Drive, grants write access, and shares the link so that other chefs can contribute to it. <a href="https://opensource.com/resources/what-open-source">Open source software is software with source code that anyone can inspect, modify, and enhance</a>. If you have a smartphone or a PC, chances are you've used open-source software once or twice e.g. Mozilla Firefox, VLC media player, WordPress, Ubuntu, Blender, etc. </p> <h2> Who Can Contribute to Open Source Software? </h2> <p>Contrary to popular belief, <strong>you don't have to write code to contribute to open source</strong>. Documentation, discussions, UX, advocacy, and <a href="https://opensource.com/life/16/1/8-ways-contribute-open-source-without-writing-code">other forms of contribution</a> are often overlooked and equally important. Therefore, anyone with an interest can contribute to Open Source. </p> <h2> Why Should I Contribute to Open Source Software? </h2> <p>I asked a few Open Source contributors in <a href="https://chaoss.community/">CHAOSS Community</a> and here's why they think you should consider contributing to Open Source today:</p> <p><a href="https://twitter.com/IkegahRuth">Ruth Ikegah</a>, <em>Badging Initiative Maintainer and Member of DEI Working group</em> : </p> <blockquote> <p>Collaboration: The transparency in Open Source fosters collaboration. By contributing to Open Source, you get to work with like-minded folks to build up an idea from scratch to a live product.</p> </blockquote> <p><a href="https://twitter.com/ElizabethN">Elizabeth Barron</a>, <em>CHAOSS Community Manager</em> :</p> <blockquote> <ul> <li>Learn valuable tech skills through practice (doesn’t have to be just code!)</li> <li>meet and connect with interesting people from around the world who have similar interests</li> <li>Learn to collaborate and work asynchronously with distributed teams (which is a very helpful skill for the workplace)</li> <li>Use your skills to make someone’s life better (especially if the project is for a non-profit, or if it has a socially impactful or DEI aspect to it)</li> <li>Build a portfolio of your work to show potential employers</li> <li>Help others grow their own skills by welcoming them to a project and helping them find their way</li> </ul> </blockquote> <h2> How Can I Become an Open Source Contributor? </h2> <p>You can find a curation of Open Source projects at <a href="https://up-for-grabs.net/?ref=hackernoon.com#/">Up For Grabs</a>, <a href="https://aviyel.com/">Aviyel</a> and <a href="https://hackernoon.com/how-to-find-open-source-projects-for-beginners">similar platforms</a>. Once you've identified a project you would like to contribute to, you should read their documentation (they usually have a contribution guide). Most of these projects have communities centered around them, it is best to join the community for support.</p> <p>You don't need to be an expert to begin, they usually welcome beginners and direct you towards beginner-friendly tasks. However, to be an amazing open-source contributor, you must be able to communicate effectively, dedicate some time, and be open to diversity and inclusivity, as you would be collaborating with people of diverse ethnicity and beliefs.</p> <p>You don't typically get paid for Open Source contributions, but some mentorship and internship programs pay people to contribute, such as <a href="https://developers.google.com/season-of-docs">Google Season of Docs</a>, <a href="https://summerofcode.withgoogle.com/">Google Summer of Code</a>, <a href="https://sites.google.com/shecodeafrica.org/contributhon">Conthributhon by SheCodeAfrica</a> and <a href="https://www.outreachy.org/">Outreachy</a>. This is also a great way to get involved if you're just starting in your field and you need guidance.</p> <h2> Conclusion </h2> <p>Contributing to Open Source Software can seem daunting, and that is normal. Lots of Open Source Contributors felt the same way too. I contributed to Open Source for the first time last month, and <a href="https://preciousabubakar.hashnode.dev/contributhon-2022">here's how that went</a>. Read how Rizel Scarlett <a href="https://blackgirlbytes.dev/conquering-the-fear-of-contributing-to-open-source">conquered their fear of contributing to Open Source</a>. Rizel also shared <a href="https://dev.to/github/from-zero-to-hero-quick-tips-to-navigating-open-source-like-a-pro-4lhl">quick tips to navigating Open Source like a pro</a>.</p> opensource programming writing design Precious Abubakar Sat, 28 May 2022 00:02:09 +0000 https://dev.to/pda/contributhon-2022-by-shecodeafrica-3d63 https://dev.to/pda/contributhon-2022-by-shecodeafrica-3d63 <p>Contributhon is a 2-month Open Source Bootcamp designed by <a href="https://shecodeafrica.org/">SheCodeAfrica</a> to pair mentors from different global open source organizations with African women in tech who get to work with them on selected projects within the organization. The participating mentoring organizations for this cohort were CHAOSS, Layer5, Jenkins, Moja Global, and Coil. </p> <p>After joining Contributhon as a mentee last month, I was assigned to <a href="https://chaoss.community/">CHAOSS</a>, where I contributed to open source for the first time. CHAOSS is an open source project at the Linux Foundation focused on creating analytics and metrics to help define community health.<br> I worked with a fellow mentee- Iyimide, and three mentors from CHAOSS- Ruth Ikegah, Elizabeth Barron, and Matt Snell. As this cohort of Contributhon comes to an end, I have documented a summary of my activities in the last couple of weeks.</p> <h3> Overview </h3> <p>I worked on the <a href="https://sites.google.com/shecodeafrica.org/contributhon/mentor-orgs/current-mentoring-organizations/chaoss?authuser=0#h.8r2rosuqfdbb">CHAOSS Newcomer Slack Bot Project</a> with Iyimide.<br> Our tasks included:</p> <ul> <li>Determine the best framework for writing the Slack bot. </li> <li>Use CHAOSS’s GitHub repository to host the code for the bot.</li> <li>Include tests for the bot, if possible. </li> <li>Include comments in the code that will help the next maintainer understand how the bot works.</li> <li>Work with mentors at CHAOSS for bot content, and bring your own ideas! </li> <li>At the end of the project, document the information for installing, maintaining, adding to bot content, or troubleshooting.</li> </ul> <h3> My Contribution </h3> <p>After doing research and testing, and with some guidance from our mentors, we set up the project repo(which we currently still maintain) and set up CI/CD. Afterward, we built and deployed the bot. </p> <ul> <li>See my <a href="https://github.com/chaoss/chaoss-slack-bot/pulls?q=is%3Apr+author%3A%40me+">pull requests</a> </li> </ul> <p>After completing the initial phase of our project, I focused on writing the documentation</p> <ul> <li><a href="https://docs.google.com/document/d/1NJd-nNKUNb3Q0lRb5cfmUU8kpRcYGjh-vPqpk4CCvic/edit?usp=sharing">CHAOSS Slack Bot Documentation</a></li> </ul> <h3> Challenges </h3> <p>I had my doubts about the project initially because it was not something I was familiar with. Also, it was my first time contributing to open-source after several previous attempts which failed because it was all very confusing. However, the team was great. I got (and I'm still getting) all the support and encouragement I needed from my mentors and my co-mentee. Any confusion on my part was quickly cleared up.</p> <h3> Experience gained </h3> <p>Some of the skills/concepts I learned/improved on during this program are:</p> <ul> <li>Continuous integration/Continuous Deployment</li> <li>Unit testing</li> <li>Technical writing</li> <li>Troubleshooting with Git</li> <li>Developer sign-off</li> <li>Effective communication</li> </ul> <h3> Improvement Suggestions </h3> <ul> <li>This cohort was great, and the next cohort would be even better with more presentations from resourced persons. They were the icing on the cake.</li> </ul> <h3> Next Steps </h3> <p>While I am still contributing to CHAOSS, I am also looking out for full-time roles and other Open Source opportunities. I hope to be a Contributhon mentor in the future. </p> <p>Thank you, SheCodeAfrica 💗.</p> opensource beginners wecoded