Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
yammie-restaurant-backend-for-jones-by-jack-in-javascript
Advanced tools
Backend Rest API for an online restaurant written in js
Readme
CLI Commands for connecting to a server, which gives you last day's orders and option to add an order.
This is a global cli package so use flag -g
npm i -g yammie-restaurant-backend-for-jones-by-jack-in-javascript
To run type this in the terminal:
jackandjones
Now you have a running server with access to recent orders and option to add a new order
(through postman or React).
**I am connected to a ClearDB database hence each order ID increments by 10 instead of 1.
For help after you download type: jonesandjack --help
There is a javascript and typescript version of the code on my Github.
https://github.com/jackamsterdam/Yammie-Restaurant-Jones-Backend-by-Jack-with-Javascript
https://github.com/jackamsterdam/Yammie-Restaurant-Jones-Backend-by-Jack-with-Typescript
Summary:
Yammie restaurant is expanding its services online and I was asked to build a REST API for the backend with Node.js for online orders. I then built the rest according to Node's Layered Architecture. This REST allows you to get all of last day's orders as well as add an order. Code is production ready.
The server is also deployed on Heroku - To see the last days orders go to:
https://yammie-backend-jones-by-jack.herokuapp.com/api/orders
I made a Database in mySQL called YammieDB and I added a Table called orders. I then inserted a couple of orders. Each order has an auto incremented order id , price, order date, customer name, phone and address for delivery.
I exported the database and put the file in the Database folder. To run the program in phpMyAdmin you need to import the file from this folder in the import tab in phpMyAdmin (after you ran Apache and mySQL on port 3306 using XAMPP).
I built an OrderModel and an onlineOrderModel. So I am extending the Base class OrderModel with OnlineOrderModel to support orders that are online for Yammie restaurant. I also have an errorModel class for error handling. These classes are used because I do not want to work with object literals. These object's are repeating themselves multiple times in my code so I made a class and then I made instances of a class. For example with the errorModel I have a status and message and this saves me from making mistakes e.g. writing statussss instead of status. Additionally I am turning the request.body which is a literal object into an instance of an OnlineOrderModel class so now that request.body has all the methods of that class (has all Joi validation methods for example). This makes my program more object oriented.
So, one of layered architecture's goals is to separate concerns among components. Another goal is to organize layers so they can perform a specific role within the app. I have the data access layer connecting to the database, business logic layer for all the logic and a controller layer with routes returning a response from the server.
Throughout the layers in each step I am returning a promise using async await syntax because it takes time for data to come back from the database and javascript is single threaded so I do not want to hog the call stack with each request.
app.ts - Instead of having all the above in app.ts I separated everything into layers. Here we start a server and listen on port 3001 for connections as defined in my .env file which holds my environment variables.
I am using cors package so React frontend project, which usually runs on http://localhost:3000, won't have a cross origin issue.
I am using expressRateLimit package to prevent DOS attacks and limiting to 10 clicks per second and if you exceed you get an HTTP error code and message: 429 (Too Many Requests).
I am using sanitize middleware to prevent xss attacks. As well as log requests middleware to log all requests and errors to a logger.log file using the winston library for informative logging.
If path is not found than my server.use(*) middleware will throw a HTTP error code of 404 Route not found error.
At the end of the app.js file you can see the errors-handler middleware to catch all errors that came from all layers. (Throwing errors in business logic and using next(err) to pass error to the err middleware).
You can see that all request and all errors are caught and displayed in logger.log using winston library.
For example in logger.log file the errors are displayed like this (because of my log-helper and log-request files which this middleware was added in app.js):
info 2022-09-18 01:01:46 GET Request to /api/orders/ (Good route)
info 2022-09-18 01:02:07 GET Request to /api/productssss (Bad Route)
info 2022-09-18 01:02:07 Route not found (Error Message)
Type in terminal: npm run test
Added tests folder: app.spec.js - Using mocha and chai I tested the REST API - /Get orders in last day and /Post new order, as well I tested with error cases.
Other options:
Import "Yammie.postman_collection.json" to Postman and test the REST API there. ( added edge cases of possible errors (400 Bad Request and 404 Route not found)) All errors ended up in errors-handler middleware.
Another option - Need to download "REST Client" extension in VSCode and you can check the server with the restCLientExt.http file I provided.
If there are no orders in the last day I return 200 with a message - 'No orders in the last day.
I added Joi validation when adding a new order:
תקינות קלט:
-Forbidden to add new ID - because POST with REST adds a new Id from the database ( According to REST Architecture you are not supposed to send ID with POST)
-All fields are required besides order Id
-Price must be a number up to 100,000
-orderDate must be a date greater than today
-customerName must be a string with max 30 characters
-deliveryAddress must be a string with max 100 characters
-phone must be a string with max 15 characters (using varchar (not int) in mysql -because of 0.)
https://www.linkedin.com/in/jack-amsterdam/
https://github.com/jackamsterdam
https://wakatime.com/@jackamsterdam
https://www.npmjs.com/~jackamsterdam
THANKS, AND HAVE A HAPPY DAY
FAQs
Backend Rest API for an online restaurant written in js
The npm package yammie-restaurant-backend-for-jones-by-jack-in-javascript receives a total of 1 weekly downloads. As such, yammie-restaurant-backend-for-jones-by-jack-in-javascript popularity was classified as not popular.
We found that yammie-restaurant-backend-for-jones-by-jack-in-javascript demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.