Introducing the Project4:48 with Guil Hernandez
In this workshop, you'll continue to use Sequelize to write robust server-side data validation for a REST API developed with Express. The API allows you to create a user account and retrieve a list of user accounts.
[MUSIC] 0:00 Hi everyone, I'm Guil, a developer and instructor here at Treehouse. 0:10 As developers, we need to ensure that the data created and 0:15 updated by users is reliable without irrelevant and duplicate entries. 0:18 When working with an ORM library like Sequelize, you can take advantage of its 0:23 built-in data validation and constraint capabilities. 0:27 Sequelize can run validation on a model to require specific values and 0:31 define constraints to prevent incorrect, unexpected or 0:35 potentially harmful data from being recorded into the database. 0:39 You've added validations to Sequelize models and handled validation errors in 0:43 previous courses and workshops on using Sequelize with Node JS and Express. 0:48 In this workshop, you'll continue to use Sequelize to write robust 0:53 server side data validation for a REST API developed with Express. 0:58 The API allows you to create a user account and 1:02 retrieve a list of user accounts. 1:06 To get started, download the project files with this video and 1:09 open the rest-api folder in your text editor. 1:13 Let's review the starter project, 1:16 which is the same REST API application you worked with in a previous course. 1:18 The file app.js is the entry point into the application. 1:21 It creates and configures the express app and 1:26 authenticates and syncs the Sequelize database. 1:30 routes.js defines the application's routes. 1:34 There are two routes, a route that returns a list of users, and 1:38 a route that creates a new user. 1:42 And we're going to work with one model only, 1:44 a user model located and models user.js. 1:48 Remember, a model represents a table in your database, 1:52 in this case, a users table. 1:56 Currently, this user model gets initialized with four attributes name, 1:58 email, birthday and password. 2:02 These represent the columns in the users table, and 2:04 they each have a datatype assigned. 2:07 For example name, email and password will be stored as string and 2:09 birthday is date only, which means that it will be 2:14 a date datatype that gets formatted without a timestamp. 2:18 Now let's run and test the application. 2:22 In your terminal or console, 2:25 start by running npm install to install the necessary dependencies. 2:27 After the dependencies have finished downloading and installing, 2:31 run npm start to start the application. 2:35 Since there are no validation rules for the user model yet, 2:38 I can successfully create a new user account without supplying any values. 2:41 For example, 2:46 I'll open up the Postman app which I'll use in this workshop to test the API. 2:47 I'll first select POST as the request, and enter the request URL or 2:52 end point, which is api/users, then send an empty object in the request body. 2:57 Notice how I received a 201 Created HTTP status code from the server with 3:03 the message "Account successfully created" in the response. 3:08 And if I sent a GET request to the API users route, 3:12 I can confirm that the application created a new user account, 3:15 regardless of the data that was sent by the client. 3:20 Notice all the null values posted to the database for name, 3:23 email, birthday, and password. 3:27 Users should not be able to create an account if they provide no data or 3:29 any incorrect data. 3:33 So next, we'll start defining data validation requirements to make these 3:35 fields required and ensure that new users provide values for them. 3:40 You wrote validation rules for a REST API in a previous course by adding 3:44 conditional statements in the wrap handlers to check if values for 3:49 properties like name and email were defined. 3:54 Now you're going to perform more powerful validation checks 3:57 directly in the user model. 4:01 This can help keep your route handlers lighter, 4:03 more manageable and focused on the job of responding to incoming requests. 4:06 In addition to making the fields required, you'll set up constraint rules to 4:11 ensure users create an account using a valid and unique email address. 4:16 You'll also use range validation rules for passwords, to require a specific 4:20 length of characters and hash or protect passwords before storing them in 4:25 a database if the password confirmation value matches the password value. 4:30 To get the most from this workshop, you should be familiar with using 4:35 the Sequelize ORM, as well as the Express framework. 4:40 Be sure to review the teachers notes with this video, 4:43 if you need a refresher on these topics 4:45
You need to sign up for Treehouse in order to download course files.Sign up