Forem: Tirth Raval

Building a Todo Application Backend with MongoDB and Express

Tirth Raval — Thu, 11 Apr 2024 05:09:02 +0000

In modern web development, creating robust backend services is essential, especially when dealing with dynamic data like todos. In this tutorial, I will build a Todo Application backend using MongoDB as our database and Express.js as our server framework. We'll leverage the Mongoose library to interact with MongoDB in a schema-based manner.

Getting Started
First things first, let's set up our environment. Ensure you have Node.js installed, and then install the necessary dependencies:

npm install express mongoose --save

Connecting to MongoDB
To begin, import the required libraries:

const express = require('express');
const mongoose = require('mongoose');

Next, establish a connection to your MongoDB database:

mongoose.connect('your MongoDB connection string/collection_name');

Defining the Schema
Even though MongoDB is a schema-less database, Mongoose requires us to define a schema before creating models. Let's define our Todo schema:

const todoSchema = mongoose.Schema({
    title: String,
    description: String,
    isComplete: {
        type: Boolean,
        default: false
    }
});

Creating the Model
With the schema in place, let's create a model for our Todo:

const todo = mongosse.model('todo' , todoSchema);

Get all Todos

app.get('/todos', async (req, res) => {
    try {
        const todos = await Todo.find({});
        if (!todos) {
            res.status(404).json({ msg: "Data not found" });
        } else {
            res.json({ todos });
        }
    } catch (error) {
        res.status(500).json({ msg: error });
    }
});

Create a new todo:

app.post('/create-todo', async(req, res) =>{
    //create the todos
    const {title, descrption} = req.body;

    try{
        await todo.create({
            title,
            description
        })
        res.json({
            msg :"To do created"
        })
    }
    catch(error){
        res.status(411).json({
            msg: "Error"
        })
    }
    //write the logic of creating a todo
})

Update a Todo

app.put('/update-todo', async(req,res) =>{
    //update the todo

    const {id} = req.body;
    try{
        await todo.updateOne({
            _id : id
        }, {
            isComplate : true
        })
        res.json({
            msg : "Task completed"
        })
    }
    catch(error){
        res.status(505).json({
            msg : "Server Error"
        })
    }

})

Conclusion
In this tutorial, we've covered the basics of building a Todo Application backend using MongoDB and Express. We've learned how to define schemas, create models, and implement CRUD operations.

Please see the below Github link for the code:
https://github.com/tirthraval/todo-backend

Happy coding! 🚀

Getting Started with MongoDB: A Beginner's Guide

Tirth Raval — Wed, 10 Apr 2024 01:54:13 +0000

Are you intrigued by the flexibility and power of NoSQL databases? If so, MongoDB might be the perfect starting point for your journey into the world of non-relational databases. In this beginner-friendly guide, we'll walk you through the basics of MongoDB, from setting up your first MongoDB instance to connecting it with a MongoDB compass.

Understanding NoSQL and MongoDB
NoSQL databases, also known as non-relational databases, offer a schema-less approach to data storage. Unlike traditional relational databases, NoSQL databases like MongoDB allow you to store various types of data without rigid schemas. MongoDB, in particular, operates on a key-value pair model, offering flexibility and scalability for modern applications.

Creating Your MongoDB Instance
Sign Up for MongoDB: Begin your MongoDB journey by creating an account on the MongoDB website(https://account.mongodb.com/account/login). Navigate to MongoDB's website and follow the prompts to create your account.

Create a New Project: Once logged in, create a new project by providing a project name and following the on-screen instructions.

Provide a suitable name for your project and click on next.

Once you create the project, you should get the below screen now click on the create button and select MO as a free cluster for learning purposes.

With your MongoDB instance deployed, it's time to connect to the server. Follow the prompts to create a database user and choose a connection method, preferably Compass, for local visualization.

Accessing MongoDB with Compass: Install MongoDB Compass if you haven't already, and paste the connection string provided during the setup process. Ensure to use the Mongo Cluster password for authentication.

Exploring Your MongoDB Instance

Once successfully connected, you can explore your MongoDB instance using MongoDB Compass. This intuitive tool allows you to visualize and interact with your MongoDB databases effortlessly. Take time to familiarize yourself with the interface and the data stored in your instance.

What's Next?
In our next blog post, we'll dive deeper into MongoDB by connecting it with an Express.js application. You'll learn how to integrate MongoDB into your backend stack, allowing you to leverage its capabilities for building robust and scalable web applications.

Understanding Token-Based Authentication with JSON Web Tokens (JWT) in Express.js

Tirth Raval — Mon, 08 Apr 2024 06:51:12 +0000

Introduction:
Authentication is a critical aspect of web applications, ensuring that only authorized users can access sensitive data and functionalities. Among various authentication methods, token-based authentication stands out for its simplicity and effectiveness. In this article, we'll delve into token-based authentication using JSON Web Tokens (JWT) in an Express.js application.

Why Authentication Matters:
Authentication safeguards sensitive user data from unauthorized access. Without proper authentication mechanisms, anyone could access confidential information, posing significant security risks.

What is Authentication?:
Authentication is the process of verifying the identity of a user. It typically involves combining a username and password to validate user credentials before granting access to resources.

Common Authentication Methods:

Password-based authentication
Token-based authentication
Cookie-based authentication
OAuth-based authentication
Token-Based Authentication with JWT

Let us understand the Token-Based Authentication:
JWT, or JSON Web Token, is a compact, URL-safe means of representing claims to be transferred between two parties securely. It consists of three parts: header, payload, and signature.

JWT has three parts seperated by dots(.)

Header - It has the JWT and the signing algorithm
payload - It is just data which used to create the JWT
signature - It is a kind of password to verify the JWT

The user sends a request to authenticate (e.g., /signin) with their credentials.
Upon successful validation, the server generates a JWT containing relevant user information.
The client receives the JWT and includes it in subsequent requests to access protected resources.
The server verifies the JWT's signature to ensure its authenticity and grants access to authorized resources.

Implementing JWT in Express.js:
We can integrate JWT seamlessly into Express.js applications using the jsonwebtoken library. Here's a step-by-step guide:

Install the jsonwebtoken library: npm install jsonwebtoken
Import the library into your application.
Utilize the provided methods (jwt.sign() and jwt.verify()) to manage JWTs.

const jwt = require('jsonwebtoken);
const jwtPassword = '12345678'

const user = {
    userName : "Tirth",
    password : "test@123"
}

//create the JWT

const token = jwt.sign({username : user.userName}, jwtPassword);
//token is nothing but very long string
//verify the token
const data = jwt.verify(token, jwtPasssword);
//data --> {
//  username : "Tirth" }
//

In above code, I just explain how to manage JWT.

Example Implementation:
We'll walk through a basic Express.js application demonstrating token-based authentication:

const express = require("express");
const jwt = require("jsonwebtoken");
const jwtPassword = "123456";

const app = express();
app.use(express.json())

const ALL_USERS = [
  {
    username: "harkirat@gmail.com",
    password: "123",
    name: "harkirat singh",
  },
  {
    username: "raman@gmail.com",
    password: "123321",
    name: "Raman singh",
  },
  {
    username: "priya@gmail.com",
    password: "123321",
    name: "Priya kumari",
  },
];

function userExists(username, password) {
  // write logic to return true or false if this user exists
  // in ALL_USERS array
const userFind = ALL_USERS.filter(user => user.username === username && user.password === password);

return userFind.lenght > 0 ?false:true


}

app.post("/signin", function (req, res) {
  const username = req.body.username;
  const password = req.body.password;

  if (!userExists(username, password)) {
    return res.status(403).json({
      msg: "User doesnt exist in our in memory db",
    });
  }

  var token = jwt.sign({ username: username }, jwtPassword);
  return res.json({
    token,
  });
});

app.get("/users", function (req, res) {
  const token = req.headers.authorization;
  try {
    const decoded = jwt.verify(token, jwtPassword);
    const username = decoded.username;
    console.log(decoded)
    const filteredUser = ALL_USERS.filter((user) => user.username != username)
    res.json({
        userdata : filteredUser
    })
    // return a list of users other than this username
  } catch (err) {
    return res.status(403).json({
      msg: "Invalid token",
    });
  }
});

app.listen(3001)

Above code implements a basic sign-in system that allows users to authenticate and obtain a JWT upon successful login. The JWT can then be used to access authorized resources (like the /users endpoint) that require authentication.

Conclusion:
Token-based authentication using JSON Web Tokens provides a secure and efficient method for authenticating users in web applications. By understanding the principles behind JWT and its implementation in Express.js, developers can enhance the security of their applications while providing a seamless user experience.

To learn more about the JWT please visit below link:
https://www.npmjs.com/package/jsonwebtoken
https://jwt.io/

Thank you so much for reading the Blog.

Simplifying Input Validation in Node.js with Zod

Tirth Raval — Sun, 07 Apr 2024 07:38:50 +0000

As developers, ensuring that the data flowing into our applications is accurate and well-structured is paramount. One small error in input validation can lead to significant issues down the line, compromising security and stability. Thankfully, with tools like Zod, handling input validation in Node.js applications has never been easier.

Why Input Validation Matters

Let's assume, instead of sending the username and the password a user sends some random data and tries to crash the server. It is our (Software Engineer) responsibility to check the data is in the proper format.

Introducing Zod

Zod is a powerful JavaScript and TypeScript library that simplifies the process of defining data schemas and validating them at runtime. With Zod, developers can effortlessly define blueprints for their data, making input validation a breeze.

Install Zod: Start by installing Zod via npm using the command

npm install zod

Import Zod:

cosnt {z} = require('zod');

Creating Schemas with Zod

Zod allows developers to create schemas that define the structure and constraints of their data. Let's take a look at how we can define schemas using Zod:

const usernameSchema = z.string()
const phoneSchema = z.number()

//we can create the object also

const user = z.object({
    username : z.string().min(5), //username will be a string with a min of 5 char
    email:z.email(), //email should be email
    firstname:z.sting().max(5) //first name will be string, and length should not exceed 5 char
})

Let's see a few more primitive schemas.

// primitive values
z.string();
z.number();
z.bigint();
z.boolean();
z.date();

// empty types
z.undefined();
z.null();

Validating Inputs

Once we've defined our schemas, Zod provides convenient methods for validating input data:



const {z} = require('zod');

//create the schema

const userSchema = z.object({
    firstname : z.string().min(5),
    lastname : z.string().min(5),
    email:z.email();
    password :z.string()
})

//parse the Shema

try{
    userSchema.safeparse({
        firstname: "Tirth",
        lastname:"Raval",
        email:"tirth.b.raval@gmail.com"
        password:"titrh@1234"
    })
}
catch (error){
    console.log("error ${error}")
}

Using safeParse, we can validate input data against our schema and handle any validation errors that may occur.

Integrating Zod with Express.js

const express = require('express');
const zod = require('zod');
const app = express();


app.use(express.json());
const useInputValidation = (req,res,next) => {
    const input  = req.query.Kidneys;
    const inputSchema = zod.string();
    // console.log(typeof(input))
    if(!inputSchema.safeParse(input).success){

        res.status(400).json({
            msg:"Input are wrong"
        })
        return;
    }
    else{
       next();
    }

}
app.get('/health-chek', useInputValidation, (req,res)=>{

    res.json({
        msg :"You are find"
    })

});

app.listen(3000);

In this example, we've created a middleware function userInputValidation to validate incoming data before processing it further. If the input fails validation, we return a 400 Bad Request response with an error message.

Conclusion

Zod simplifies input validation in Node.js applications, providing a robust solution for ensuring data integrity and security. Developers can build more reliable, maintainable, and secure applications by defining clear schemas and leveraging Zod's validation capabilities. Whether you're working on a small personal project or a large-scale enterprise application, Zod has you covered when it comes to input validation in Node.js.

Start using Zod today and streamline your input validation process like never before!

Thank you!!

Enhance Your Express.js Backend with Middleware for Efficient Request Processing

Tirth Raval — Sat, 06 Apr 2024 07:53:40 +0000

What is Middlewares in Express.js?

In the realm of backend development with Express.js, managing repetitive tasks like user authentication and input validation across multiple endpoints can become cumbersome and lead to code redundancy. However, there's an elegant solution at hand: Middleware.

Let's understand using an example Why do we need Middlewares?

Whenever a user makes a new request to the backend, we need to do the following prechecks before resolving the request.

1) Check if the user is valid or not (Authentication)
2) do the input validation

One simple solution I can think of is to write the logic of authentication and input validation for each endpoint. This solution is good but not the best because we are repeating our code and increasing the code readability.

What can we do to overcome this challenge?

THE BEST SOLUTION IS TO USE MIDDLEWARES

Before jumping into the implementation part, first understand the flow of code execution.

Let's understand how to create the middleware

const express = require('express');
const app = express();
app.use(express.json())


app.get('/courses' , userAuthentication , (req, res) => {
  //write the logic of getting all courses
})

app.listen(3000, () =>{
  console.log('server is running on 3000 port')
})

In the above code, we can see an endpoint ‘/courses’, and the purpose of that endpoint is to get all the courses.

Before it gets the course and sends the response, we need to check whether the user is logged in or not, and then if a user is logged in, we can move forward and get all the course and send back the response.

const express = require("express");
const app = express();
app.use(express.json());

const userAuthentication = (req, res, next) => {
  //Let's assume you will write the logic for checking if a user is logged in.
  let isLogged;
  //islogged is a boolean value, and it will keep checking if a user is logged in or not
  if (!isLogged) {
    res.json({
      msg: "User is not logged in",
    });
  } else {
    next();
  }
};
app.get("/courses", userAuthentication, (req, res) => {
  //write the logic of getting all courses
});

app.listen(3000, () => {
  console.log("server is running on 3000 port");
});

middleware is nothing but a JS function, and it has three parameters

1) req object
2) res object
3) next() —> The purpose of this method is to move the controller to the next middleware.

Execution Flow

1) The user hits the endpoint ‘/courses’

2) The controller will call the middleware userAuthentication

3) userAuthentication will check if the user is logged in. if logged in, it will call the next(), and there is no more middleware; the controller will reach the end and get the courses. if not logged in, the user will get a response saying, “User is not logged in.”

By leveraging middleware, you achieve:

Improved code readability and maintainability.
Centralized handling of common tasks like authentication and validation.
Modular architecture, facilitating easier debugging and testing.

Building a Robust HTTP Server with Node.js: A Step-by-Step Guide

Tirth Raval — Fri, 05 Apr 2024 06:39:51 +0000

What is an HTTP server?

HTTP server can be defined as software that can take clients' requests and deliver the web pages to the user as the response.

What is Node.js?

Node.js is JavaScript run time which allows user to run JavaScript on their local machine. User can create their own HTTP server using different frameworks.

Why do we want to create the HTTP servers?

The primary purpose of creating the HTTP servers is that, once we create the HTTP server, we want to expose it to the world so people can use it without worrying about the underlying concept.

One good example I can think of is ChatGPT. If we ask ChatGPT anything, it will make some network calls and generate a response. As users, we do not have to worry about how ChatGPT generates the response.

How can we create the HTTP server using Node.js?

Express.js is a framework that allows us to create HTTP servers using JavaScript as the programming language.

Let us understand the status code before jumping into code.

What is the status code?

It is a message that the server sends to the browser telling the status of the request.

Status Code	Message
200	The Request succussed
404	The Server can not find the resource
500	Internal Server Error

For more details, visit:
https://www.geeksforgeeks.org/10-most-common-http-status-codes/#

Method	Use
Get	To receive the data from the Database.
Post	To add a new entry into the Database.
Put	To update an entry in the Database.
Delete	To delete an entry from the Database.

For a better understanding of the types of requests, please visit: https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods

Let's make our own HTTP server using Express.js

Step 1: Initialize a new Node.js project.

Write the below commands in your terminal
npm i

Step 2: Install Express.js.

npm install express

Step 3: Initialize the index.js

const express = require('express');
const app = express();

//we can create the different server based on the request

app.listen(3000, () => {
console.log("Server is running on port 3000") 
})

Step 5: Create your HTTP server based on the requests

const express = require('express');
const app = express();

//GET request handler
app.get('/api/resource', (req, res) => {
    // Your logic for handling GET request
    res.send('GET request received');
});

// POST request handler
app.post('/api/resource', (req, res) => {
    // Your logic for handling POST request
    res.send('POST request received');
});

// PUT request handler
app.put('/api/resource/:id', (req, res) => {
    const resourceId = req.params.id;
    // Your logic for handling PUT request
    res.send(`PUT request received for resource with ID: ${resourceId}`);
});

// DELETE request handler
app.delete('/api/resource/:id', (req, res) => {
    const resourceId = req.params.id;
    // Your logic for handling DELETE request
    res.send(`DELETE request received for resource with ID: ${resourceId}`);
});

app.listen(3000, () => {
console.log("Server is running on port 3000") 
})

req stands for request and represents the HTTP request from the client to the server.

res stands for response and represents the HTTP response that the server sends back to the client.