Node.js: The Complete Guide to Build RESTful APIs (2018)

Explore the Node.js module system, learn what modules are and why we need them, examine core modules like operating system, file system, events, and http, and create your own modules.

Explore how the console and timing functions belong to the global scope, accessible as window or global objects in browsers and Node, while file scope keeps variables private.

Node treats each file as a module with isolated scope to avoid global name clashes. Export variables and functions to share them, and identify the main module in Node apps.

Create a reusable logger module in Node.js by exporting a public log function while keeping the URL implementation private, then use it from the app to log messages.

Learn how node wraps module code in a function, keeping variables private and exposing features via require. See how exports is a shortcut to module.exports and check __filename and __dirname.

Discover how node wraps module code in a function, keeping variables private and exposing only module.exports or exports via the wrapper's require, module, exports, __filename, and __dirname.

Explore Node.js built-in modules, focusing on the path module, and learn how to require the module, use parse, and inspect path properties like root, dir, extension, and name.

Explore the OS module in Node.js to retrieve system information such as totalmem, freemem, and uptime, and demonstrate loading the module with require and using a template string.

Explore Node's file system (fs) module to work with files and directories, compare asynchronous and synchronous methods, and learn to use callbacks with readdir in a non-blocking Node process.

Explore how the events module drives Node.js core functionality through the EventEmitter class, using emit to raise events and on to register listeners that respond synchronously.

Encapsulate event data as an event argument object when raising events, sending properties like id and url to listeners. Use ES6 arrow functions to register listeners and handle logging events.

Develop a logger class that extends EventEmitter, moving emit and listener logic into the class so a single object handles events, eliminating mismatched emitters and enabling clean event-driven logging.

discover how to create a simple web server with node's http module, handle requests and responses, return JSON data, and see why express offers a cleaner structure built on http.

Explore npm, the Node Package Manager and registry of about 475,000 free node modules, and learn how to install, manage, and verify a specific global npm version.

Create a node project with a package.json, generate it with npm init, and fill metadata such as name, version, description, entry point, license, and author before installing packages.

Learn how to add a third party Node package such as underscore using npm. See how npm install updates package.json dependencies and stores files in node_modules.

Load and use the underscore third-party module in Node.js with require, showing how Node resolves modules from core, file, or node_modules, and call underscore.contains on an array.

Install and inspect mongoose to learn how npm manages dependencies, updates package.json and node_modules, and how modern npm flattens dependencies while handling version conflicts.

Exclude the node_modules folder from source control to avoid large downloads, then restore dependencies with npm install from package.json, using gitignore and git commands.

Learn semantic versioning (samver) for Node.js packages, understanding major, minor, and patch releases, and how carrot and tilde ranges control npm dependencies for stable or up-to-date builds.

Discover how to verify exact installed package versions by inspecting package.json and using npm list, with the --depth=0 flag to show only your application's dependencies.

Explore how to view a package's metadata and dependencies using npm view, npmjs.com, and package.json properties, and learn how to check versions for downgrades or upgrades.

Install a specific package version with npm install. Update package.json and verify version in node_modules with npm list depth 0, then practice installing underscore 1.4.0 to prep for outdated packages.

Learn how to identify and upgrade outdated npm packages using npm outdated, npm update, and npm-check-updates, manage major version changes, and update package.json before installation.

Identify development dependencies used for testing, static analysis, and bundling, and install jshint with npm install jshint --save-dev. See how package.json lists devDependencies and how node_modules stores all dependencies.

Learn how to uninstall a node package with npm uninstall, removing it from dependencies and the node_modules folder, and verify the change in package.json.

Learn to use global npm packages, install with -g, upgrade, and manage them across projects, including npm outdated and npm uninstall -g, with Mac permissions tips.

Create a new node library called lion-lib, initialize package.json, and export a simple add function. Publish on npm with a unique name, install in another app, and require it.

Export a new function via module.exports.multiply in lion-lib, then update the version with npm version minor and publish the updated package to npm, avoiding conflicts with version 1.0.0.

Explore Node's module system and the http module, building a web server on port 3000 with endpoints like /api/courses, then introduce Express for a scalable approach to RESTful services.

Explore RESTful services and http-based APIs using express to build resources like customers with endpoints such as /api/customers, and perform CRUD with get, post, put, and delete.

Introduces Express as a framework to structure node web apps, replacing unmaintainable callback routing, and guides setting up an Express demo project with npm init and installing Express.

Learn to build a simple web server with express by creating an app, defining get routes like / and /api/courses, sending responses, and starting on port 3000.

Install nodemon to automatically restart a node app on file changes, replacing manual restarts with a global npm install -g nodemon and running node mon to monitor all files.

Learn how to replace a hard coded port with a port environment variable for dynamic ports in production, reading the value via the process object and defaulting to 3000.

Define routes with route parameters to fetch a single course via /api/courses/:id, read values with request.params, and differentiate required route parameters from optional query parameters read with request.query.

Build restful APIs with Node.js by implementing endpoints to get all courses and get a single course by id, using array.find, parseInt on the id, and 404 not found responses.

Handle http post requests to /api/courses to create a new course by reading the body via express.json, assign id, push to courses array, and return the new course.

Use Postman to call http services with a post request to localhost:3000/api/courses, sending a json body with a name property and see the 200 response.

Validate input on the server to prevent client data, returning a 400 bad request for invalid input, and use joi to define a schema with name at least 3 characters.

Implement http put requests to update a course at /api/courses/:id, validate input with a shared schema, handle 404 not found and 400 bad request, and return the updated course.

Learn to handle http delete requests in node.js rest APIs by locating a course by id, returning 404 if not found, deleting it with splice, and returning the deleted course.

Build a genres management http service for the Vidly movie rental api, exposing endpoints to list, create, update, and delete genres from scratch.

Continue building restful services with Express and explore advanced topics, including middleware, configuration debugging, and templating engines, as you advance your Express skills.

Explore Express middleware, where each function processes a request, may terminate the cycle, or passes control to next; learn built-in and custom middleware, including json body parsing and cross-cutting concerns.

Create custom middleware in Node.js by building a logger and an authenticating function, wiring them with app.use in a request‑response pipeline, and exporting them as modules.

Explore built-in Express middleware, including json and urlencoded parsers, which populate request.body, handle form submissions, and serve static content with Express.static from the public folder.

Explore third-party middleware in express, including helmet for security headers and morgan for http request logging, and learn how to enable or avoid them to balance performance.

Enable and manage environment-specific behavior in a Node.js app by using process.env.NODE_ENV and app.get('env'), to selectively enable logging and features for development, testing, staging, or production.

Learn to store configuration settings, override them per environment, and securely manage secrets with the config module and environment variables.

Replace console.log with the debug module and control debugging via environment variables and namespaces like app:startup. Define namespaces like app:db, set levels, and enable or disable logs without code changes.

Explore how templating engines render dynamic html in Express by using Pug, Mustache, or EGS. Set the view engine and render templates to return html markup to clients.

Explore database integration options for Node and Express, with drivers for MongoDB, MySQL, Redis, and Oracle, and learn to install MongoDB via npm, require it, and use Mongoose.

Understand authentication in Express by recognizing its minimal nature, and preview how the course will secure API endpoints with authentication and authorization.

Structure your express app by moving routes into separate modules, using a router, and wiring them via app.use('/api/courses', router). Refactor middleware into its own folder to centralize configuration.

Refactor the Vidly app by moving genre routes into routes/genres.js, exporting and importing the router, and mounting it with /api/genres to create a cleaner Node.js rest API structure.

Explore synchronous versus asynchronous code in Node.js, using blocking and non-blocking examples like setTimeout and simulated database reads.

Create a getUser function that returns a user object after a simulated database delay, showing how asynchronous results need callbacks, promises, or async/await, with callbacks covered in the next lecture.

Implement callbacks in Node.js by converting a sync function to an asynchronous one with setTimeout, and use callbacks to return a user object and its repositories.

Explore how callbacks create nested asynchronous flows with getUser, getRepositories, and getCommits, reveal callback hell and the Christmas tree problem, and contrast with synchronous code.

Replace anonymous callbacks with named functions to flatten callback hell in asynchronous Node.js code, creating getCommits, getRepositories, and displayCommits functions, and preview promises as the next improvement.

Master JavaScript promises in Node.js by understanding pending, fulfilled, and rejected states, and how to create, resolve, reject, and chain them with then and catch.

Learn how to replace callbacks with promises in Node.js by converting getUser, getRepositories, and getCommits to return promises and using resolve to deliver results.

Transform callback-based code into promise-based flow by chaining then, catching errors, and displaying results; compare callback hell with the flat promise structure and practice best error handling.

Explore the promise API in JavaScript by creating settled promises with Promise.resolve and Promise.reject, handling results with then and catch, and using native error objects for rejection.

Run asynchronous operations in parallel with promises, use promise.all to collect results, handle errors with catch, and apply promise.race for the first fulfilled promise.

Explore async and await in node.js, rewriting promise-based calls into readable synchronous-style code, decorating functions with async, using await, and handling errors with try/catch.

Convert callback-based code to promises and async/await. Learn to modify getCustomer, getTopMovies, and sendEmail into promise-returning functions, using await for clearer flow and improved readability.

Replace in-memory data with MongoDB for a Node and Express app, and learn how MongoDB functions as a NoSQL document database that stores JSON objects. Install MongoDB in your environment.

Learn how to install MongoDB on macOS with Homebrew, configure /data/db, and run the MongoDB daemon. Connect to localhost:27017 using MongoDB Compass.

Install MongoDB on Windows by downloading the community server, adding MongoDB to PATH, creating C:/data/db, and running MongoD, then connect with MongoDB Compass to access admin and local databases.

Connect to MongoDB with mongoose in a Node.js project, using mongoose.connect to localhost and a playground database, handling success with console.log and errors with console.error.

Define the shape of MongoDB documents with a Mongoose schema, specifying properties like name (string), author (string), tags (array of strings), date (date with default Date.now), isPublished (boolean), and version.

Create a course model by compiling the course schema into a Mongoose model called Course for the courses collection, then instantiate and save course objects as documents.

Save a course object to MongoDB, a NoSQL database, with an async function, await the promise, and log the unique identifier assigned to the document.

Learn to query mongodb documents with the course class: use find for lists and findOne for single items, and refine results with filters, sorting, limits, and select projections.

Master MongoDB comparison operators such as eq, ne, gt, gte, lt, lte, in, and nin to build nuanced queries, filter by price, and express ranges with JavaScript objects.

Demonstrate using the find method with logical query operators to filter by author or is published, using an array of filter objects and regular expressions to refine results.

Use regular expressions to filter courses by author in Node.js queries, matching starts with, ends with, or contains patterns, with case-insensitive options and clear syntax.

Filter courses by name and tags, then use count to return the number of documents matching the criteria. Run the application to confirm two documents match.

Implement pagination with skip and limit. Define page number and page size, compute (page number minus one) times page size to skip, and apply limit to fetch the current page.

Import the exercise data into a MongoDB database and build a Mongoose query to fetch published backend courses, sorted by name, selecting only name and author.

Sort published frontend and backend courses by price in descending order, display only their name and author on the console, and illustrate the in operator and or operator queries.

Filter published courses by price 15 dollars or more or by titles containing word by, using MongoDB $gte and a case-insensitive regex; run solution3.js with node to verify 4 results.

Learn the query-first approach to updating MongoDB documents by fetching by id, modifying properties, and saving the updated document, with the alternative update-first method referenced for the next video.

Learn how to update MongoDB documents directly with the update method using a filter and update operators, including set, inc, currentDate, and more, to modify fields without retrieving first.

Learn to remove documents in a restful api by using deleteOne with a query, optionally deleteMany, and findByIdAndRemove to return results or null when not found.

Learn how to implement mongoose validation, make the name field required, handle rejected promises with try-catch, and combine joy validation to ensure robust restful APIs in Node.js.

Explore mongoose validators, including required with boolean or function, conditional price when isPublished, and validators for strings, numbers, and dates such as minlength, max length, min, max, and enum.

Learn how to implement a custom validator in mongoose to require at least one tag for a course, using a validate object with a validator function and a custom message.

Learn how to implement an async validator by enabling isAsync, updating the function signature with a callback, and simulating remote data checks with setTimeout.

Explore how to inspect the validation error object, iterate over its errors property, and extract per-field messages for invalid properties like category and tags.

Explore schema type objects for strings, including lowercase, uppercase, and trim, and implement custom getters and setters to round numeric values such as price on set and get.

Learn to persist the genres API with Mongoose and MongoDB in the Vidly project, replacing the in-memory array with a genre schema and full async CRUD with Joi validation.

Create a customers API endpoint in Express, defining a Customer model with name, phone and isGold fields, and implement get all and create routes with Joi and Mongoose validation.

Apply the single responsibility principle by moving the customer model and its validate function from customers.js into a new models/customer.js, using mongoose and joi, and destructuring exports to simplify references.

Explore modeling relationships in NoSQL using references, embedded documents, and hybrid approaches, balancing consistency, performance, and query needs.

Learn to reference an author document from a course by adding an object id with a ref to author in the course model, demonstrated in population.js using Mongoose.

Load related author and category data with populate in Mongoose, selecting only the name field to streamline course listings. Validate data integrity by handling missing or invalid author references.

Learn to embed an author subdocument inside a course document, validate embedded fields, and update or remove subdocuments using dot notation and MongoDB operators.

Convert a single author subdocument to an array of subdocuments named authors, add and remove authors with course.save, and verify updates in compass.

Build a movies API for the Vidly project using MongoDB with an embedded genre document for performance. Maintain a separate genres collection for dropdowns and validate input with a schema.

Build a rentals api with endpoints to create and list rentals, embedding essential customer and movie data and validating customer, movie, and stock before saving.

Initialize the fawn library to implement MongoDB transactions with a two-phase commit. Execute a rentals transaction that saves a rental and updates movie stock, with error handling.

Explore how MongoDB object IDs encode a 12-byte value with a timestamp, machine id, process id, and counter to uniquely identify documents, and how to use getTimestamp and isValid.

Validate object IDs in a mongoose app using joi-object id to ensure valid customer and movie ids, return 400 on invalid input, and prevent unhandled promise rejections.

Centralize the Joi objectId method in index.js for reuse across modules. Update movie, customer, and genre models and routes to use Joi.objectId and the MongoDB driver id.

Register new users via post /api/users with name, email, and password, and enforce email uniqueness in the MongoDB schema while implementing authentication and authorization in the Vidly API.

Create a new user model in user.js, reuse schema from genre.js, define name, email with unique constraint, and password with validation; hash passwords, export User model, and set up registration.

Create a POST /api/users route to register users, validate input with Joi, verify unique email, and save the user to the database; test with Postman for invalid or duplicate registrations.

Install lodash, import it as underscore, and use _.pick to select only id, name, and email from request.body, excluding sensitive fields like password.

Hash passwords securely with bcrypt by generating a salt and hashing the password with that salt, including the salt in the hash for authentication.

Build a Node.js API authentication flow by validating email and password, using bcrypt to compare hashes, and returning a generic 400 to avoid revealing which credential failed.

Test the authentication endpoint with Postman, reusing register user request in the Vidly collection, fix the Joi import, and verify 200 responses for valid credentials and errors for invalid ones.

Generate a JSON web token on login, store it on the client to authorize API calls, and secure its header and payload with server-side digital signature using a secret key.

Install jsonwebtoken and import it as jwt to sign a token with a payload containing _id using a private key, then test with Postman and review the token on jwt.io.

store secrets in environment variables using the config package, map application settings with custom-environment-variables.json, validate the key at startup, and run with the env var vidly_jwtPrivateKey set.

Learn to send the json web token in a custom http header (x-auth-token) after registration, enabling immediate login, client-side token storage, and updates to import jsonwebtoken and config.

Encapsulate token generation in the user object by adding a generateAuthenticationToken method to the user schema, ensuring the payload includes the user id and aligns with information expert principle.

Protect data-modifying endpoints by enforcing authentication with a json web token. Implement middleware that reads x-auth-token, verifies the token with a private key, and populates request.user.

Apply authentication middleware to protect select API routes in Node.js, test token-based access with postman, and handle 401 unauthorized, 400 bad request, and 200 success responses.

Add a secure me endpoint to fetch the current user from the json web token, using authorization middleware and request.user.id, and exclude the password in the response.

Log out by deleting the client-side authentication token; no server-side route is needed. Do not store tokens on the server or in plain text; use https for token transmission.

Add an isAdmin boolean to the user schema and include it in the JWT payload, then use an admin middleware to protect routes with role based authorization.

Test authorization in a Node.js API by validating admin vs non admin access with json web tokens and middleware, illustrating roles and operations.