Lesson 10 Jobs API part 2

Lesson Page

This lesson is a completion of the project started in Lesson 9. The CRUD operations for the jobs entries are completed, and error processing is added so that in the event of an error, a meaningful return code and error message is returned for the REST request. Once that is done, additional packages are added for security. We don’t really explain security much, as it’s a deep topic. Instead, this is just a cookbook of the packages that must be added to make an Express application relatively secure. Once that is done, the application is deployed to Heroku. So each student will have a Heroku account, and will test their deployed application using Postman.

I expect that students may be a little behind at this point, because this is quite a bit of work. So this week is followed by a catch-up week, during which the students have a chance to get back into it.

The video for this lesson ends with a complicated procedure on how to create a Swagger UI for the API. The required Swagger yaml file is generated from Postman tests. In the lesson instructions, we tell the students that they don’t have to do that part. But it is very useful to have Swagger documentation for any REST API. So, I suggest that mentors demo the Swagger UI for the application, to explain what Swagger is and how it is used. The required Swagger yaml file is included in the final directory. If you are running the application from the final directory, the URL for Swagger is localhost:5000/api-docs. If you haven’t seen Swagger before, the UI should be pretty clear, except that to do protected operations you have to do the logon and then copy the returned token into the form that comes up when you click on the authorize button.