yammie-restaurant-backend-for-jones-by-jack-in-javascript
Advanced tools
Backend Rest API for an online restaurant written in js
Readme
CLI Commands for connecting to a server, which gives you orders.
This is a global cli package so use flag -g
npm i -g yammie-restaurant-backend-for-jones-by-jack-in-javascript
To run type this in the terminal:
jackandjones
Now you have a running server with access to recent orders and option to add a new order ( through postman or React)
For help after you download type: jonesandjack --help
Only works when my database or your database is connected
There is javascript and typescirpt version of this code as well.
Summary of stages I took in building the backend:
I made a Database in mySQL called YammieDB and I added a Table called orders. I then inserted a couple of orders. Each order has an orderId , price, order date, customer name, phone and address for delivery.
I exported the database to the Database folder. To run the program in phpMyAdmin you need to import the file in this folder in the import tab in phpMyAdmin (after you ran Apache and mySQL on port 3306 using XAMPP)
In my Backend folder where node is I have the following Directory Sturcture dividing my files by Layered Archeticture מודל השכבות -
A. Config folder - where all my configurations go so If I want to change anything in the future I only need to aply the changes here. I also have a file called log-helper which uses Winston library to log requests in the format I specified and I displayed all requests and errors in logger.log file.
B. Middleware folder - with the following - an error handler to catch all errors throwed from any layer ( a catch all for all errors), I have a log-requests file which is middleware that logs every request to the logger.log file. I also have a sanitize file to prevent xss attacks so users can't just send me a string with a script tag - so it strips the tags.
C. Model folder - this is how the data is coming from the mySQL database YammieDB. I built an order model. I also have an error model class for error handling. These classes are used because I do not want to work with object literals. These object's are repeating themselves multiple times in my code so I made a class and then I made instances of a class. For example with the error-model I have a status and message and this saves me from making mistakes e.g. writing statusss instead of status. Additionally I am turning the request.body which is a literal object into an instance of an OrderModel class so now that request.body has all the methods of that class (has all Joi validation methods for example). This makes my program more object oriented.
Layers:
Throughout the layers in each step I am returning a promise using async await syntax because it takes time for data to come back from the database because javascirpt is single threaded and I do not want to hog the call stack with each request.
D. Data access Layer folder - contains dal file that connects to the database. Since node's orignial functions in 2009 did not work with promises but with callbacks I had to promisify the execute function. So the function returns a promise. I added a ""values" parameter in order to prevent sql injections so characters will be escaped. Notice that my connection is using the config file so If you want to connect to a different database all you need is to change the config file.
E. Business Logic Layer folder - contains order logic file that gets All the orders by last day and returns a promise and also adds a new order and returns a promise.
F. Controller Layer folder - contains orders controller - using express.Router() to have the routes here instead of in app.js) contains two routes that frontend can surf too.
G. app.js - Instead of having everything in app.js I seperated everything into layers. Here we start a server and listen on port 3001 for connections as defined in my .env file which holds my environment variables.
I am using cors package so React frontend project which usually runs on http://localhost:3000 wont have a cross origin issue.
I am using expressRateLimit package to prevent DOS attacks and limiting to 10 clicks per second and if you exceed you get an error message: 429 (Too Many Requests)
I am using sanitize middleware to prevent xss attacks. As well as log requests middleware to log all requests and errors to a logger.log file using the winston library.
If path is not found than my server.use(*) middleware will throw a 404 Route not found error.
At the end of the app.ts file you can see the errors-handler middleware to catch all erros.
You can see that all request and all errors are caught and displayed in logger.log using winston library
For example:
info 2022-09-15 06:45:46 GET Request to /api/orders/ (Good route)
info 2022-09-15 06:46:07 GET Request to /api/productssss (Bad Route)
info 2022-09-15 06:46:07 Route not found (Error Message)
Code is production ready.
This REST is running in the cloud as well at ........................................ If you type in this address you can see the last days orders.
type in terminal: npm run test
Added tests folder: app.spec.js - Using mocha and chai I tested /Get orders in last 24 hours and /Post new order as well with 2 error cases
Or: Import "Yammie.postman_collection.json" to Postman and test the REST API there. ( added edge cases of possible errors (400 Bad Request and 404 Route not found)) All errors ended up in errors-handler middleware.
Another option - Need to download "REST Client" extension in VSCode and you can check the server with the restCLientExt.http file I provided.
If there are no orders in the last 24 hours I return 200 with a message - 'No orders in the last 24 hours. I added Joi validation when adding a new order:
תקינות קלט:
Forbidden to add new ID becasue POST with REST adds a new Id.
All fields are required besides orderId
Price must be a number up to 100,000
orderDate must be a date greater than today
customerName must be a string with max 30 characters
deliveryAddress must be a string with max 100 characters
phone must be a string with max 15 characters (varchar not int in mysql because of 0.)
תוסיף הורשה
https://www.linkedin.com/in/jack-amsterdam/
https://github.com/jackamsterdam
FAQs
Backend Rest API for an online restaurant written in js
We found that yammie-restaurant-backend-for-jones-by-jack-in-javascript demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISA launched a new project called Vulnrichment to enrich CVEs with details that help prioritize patching and mitigation efforts, as the NVD backlog of unenriched CVEs awaiting analysis surpasses 10,000.
Security News
Socket is joining forces with CISA and other industry leaders at the RSA Conference to sign the Secure by Design pledge, committing to uphold the highest security standards in our products.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
