Skip to content

Latest commit

 

History

History
41 lines (28 loc) · 2.55 KB

README.md

File metadata and controls

41 lines (28 loc) · 2.55 KB

Deployment and Best Practices

In this challenge, you will build a simple Express app that is deployable to Heroku. This means that it has a proper start script in the package.json file, and that the port number is taken from the environment instead of it being hard-coded. Feel free to deploy your app to Heroku, but bear in mind that this is not a free service anymore.

Instructions

Task 1: Project Setup and Submission

Your assignment page on Canvas should contain instructions for submitting this project. If you are still unsure, reach out to School Staff.

Task 2: Minimum Viable Product

  • Build a simple API:

    • Create a .gitignore file executing npx gitignore node

    • Create a package.json file executing npm init --y

    • Add Eslint to the project executing npx eslint --init

    • Edit the package.json file to add "start" and "server" scripts

    • Install express, dotenv, cors

    • Add support for environment variables using an .env file and the dotenv library, providing fallbacks in the code

    • Flesh out the API:

      Method URL Description
      GET /api/users Returns an array users.
      POST /api/register Creates a user from { username, password } in the request body, responds with newly created user.
      POST /api/login Checks { username, password } in the request body, responds with a welcome message.
  • OPTIONALLY deploy your app to Heroku. The link to the repo on Github is your actual submission deliverable.

Important Notes

  • You can make the API return totally hard-coded responses for the requests from clients (no database).
  • Alternatively you can use an in-memory array to persist users and act as a database, and build database helpers that interact with the users array.
  • If you persist users in an array database, know that storing passwords in plain text is a very bad practice from a security standpoint.

Stretch Yourself

  • Research how to avoid storing passwords as is in your array database.
  • Research how to grant access to GET /api/users only those clients that are registered and logged in.
  • Create a front-end piece inside the project containing a register/login form and the means to display users.