Welcome back! This is the 3rd or 4th entry on creating our status API using express/node.js. In the last tutorial, we discussed how we can secure our API using tokens and restrict certain routes by verifying the tokens. We also looked at filter the data shown for the specific user associated with that data. This week we have three main jobs:
– Add back in the update status route so we can update specific statuses
– Add back our delete route so we can delete them also.
– Clean up our code!! we had duplication everywhere so we are going to remove that. We are also going to look at structure our code better and separating out our logic for easier future management.
Enough talking let’s get started!
Firstly let’s add back in our update route:
As you may notice there isn’t much to change here from last week. Since we still updating statuses by ID we don’t need to check what user they are associated with. We just need to make sure our route is below our Middleware route that is doing the authentication so it can’t be accessed without authenticating.
Now let’s add back in our delete route
As in the update route, we don’t need to change a lot since we are also deleting by ID. ( Again this will be placed below the put route for /api/:status_id ).
Now let’s give it a whirl and see if we can update and delete our statuses still:
Woo its still working. So now we have all routes working for our status CRUD application that is protected via our Middleware route and JSON tokens. So now I want to clean up our code and separate out all our routes into route files and only have the necessary inside our server.js file. So cleaning/refactoring our code how fun….well its always good to have good code structure but we will be learning how express/node deals with importing routes and how we can make our code much more manageable.
Separating out API routes
First, we want to create a routes folder inside our project:
Then we want to create a file inside the routes folder called: apiRoutes.js this will now store all our API routes instead of them all being in server.js. So let’s move all the routes from server.js to apiRoutes.js. So move from /api/setup/ to just after the delete function. Now that we have them in their own file there is a bit of configuration we need to do to have the API working again. So server.js should now look like the following:
Right let me explain somethings
So this is an important part this is “importing” the routes from the apiRoutes.js file we created earlier. So now how does our application know where to sent requests?
So we firstly set a very basic MiddlewareRoute to tell it to forward any request to “next()”. We then tell our “app” to firstly look any request that includes/ to webRoutes ( don’t worry about that for now), we are also telling our app that if any requests come in that start with /api forward them to our apiRoutes file.
The last thing I wanted to mention we need to “export” our app object so it can be used everywhere else hence the last line in the file ( module.exports = app)
So what does our apiRoutes.js file look like: https://github.com/TheDeployGuy/ExpressRestAPI/blob/master/routes/apiRoutes.js
Let me explain some things:
Since we are moving the routes into a separate file we need to setup some our “base” variables. We also moved the DB logic inside this file as nothing in server.js needs it and everything in here does. One thing you may notice why did we remove “/api” from all our routes? Since we are already telling our app to direct any requests to /api to the apiRoutes.js file we don’t need to define it again if we did our requests would need to look like /api/authenticate. Examples:
You may notice “User” and “Status” objects so what are they? We have even separated out our user and status models:
As you can see we are setting up a schema object then setting the model and then we are exporting the User so we can use elsewhere in the application. We have done the exact same for Status seen here: https://github.com/TheDeployGuy/ExpressRestAPI/blob/master/models/status.js (p.s. don’t worry about the extra fields and functions I will example them in a later post.)
The last code enhancement I created was:
This is a helper function that will be used everywhere in the apiRoutes.js file to verify the user has a token and we can use it to pull information about that user. This function alone helps remove most of the duplicated code.
We have now made our application much much cleaner and easier to manage and we are starting to take even more advantage of the Express.js features. Next week we are going to start converting our API into an actual website with a simple user interface so join me next week!