Skip to content
Felix Notes

WEB103 CodePath

  • Middleware
    • A function that has access to the request and response objects, and the next middleware function in the application’s request-response cycle
    • Used to modify the request and response objects, execute code, and terminate the request-response cycle
  • Databases
    • Organized collections of data
    • Essential for web applications to manage data efficiently
    • Provide backend support, enabling frontend web interfaces to interact with data
    • Key roles of databases in web apps include
      • store and organize structured data
      • maintain data accuracy and consistency through validation rules.
      • enable complex data operations with query languages
      • support concurrent access for scalability
      • employ security features like encryption and access control to protect sensitive data and ensure privacy compliance.
  • SQL
    • Programming language to manage and manipulate relational databases
    • SELECT column1, column2,…
      • Retrieves data from one or more tables in a database
      • The * operator selects all columns from a table
    • FROM table_name
      • Specifies the table
    • WHERE condition
      • Used to filter data based on specific conditions
      • Operators (=, >, <, <=, >=) can be used in the condition
      • Logical operators (AND, OR, NOT) can be used to combine conditions
    • COUNT(*)
      • Counts and returns the number of rows in a table
    • SUM(column)
      • Calculates the sum of numeric values in a column
    • AVG(column)
      • Calculates the average of numeric values in a column
    • MAX(column)
      • Returns the maximum value of a column
    • MIN(column)
      • Returns the minimum value of a column
    • ORDER BY column 1 ASC|DESC
      • Sorts data in ascending or descending order
    • GROUP BY
      • Group data based on specific columns
      • COUNT, SUM, AVG, MAX, MIN can be used in conjunction with GROUP BY clause to perform calculations on grouped data
    • INNER JOIN table_name2, table_name3,…
      ON matching_column_name1, matching column_name2,…
      • Combines data from two or more tables based on a matching column
      • Only the rows that have a match in both tables are returned in the result set → inner joins
    • OUTER JOIN
      • Combines data from two or more tables
      • Includes unmatched rows from one or both tables
      • Can do LEFT outer join or RIGHT outer join based on the table you want to prioritize
      • Missing columns will be NULL
    • SELECT …
      UNION
      SELECT …
      • Combines the results of two or more SELECT statements into a single result set
      • SELECT statements must have the same number of columns, and the data types of the corresponding columns must be compatible
      • Duplicate rows are automatically removed from the result set
  • PostgreSQL
    • Powerful, open-source RDBMS
    • Connect to a PostgreSQL database by creating a pool of connections
      • A connection pool is a cache of database connections maintained so that the connections can be reused when needed, rather than being opened and closed for each database transaction
  • MVC architecture

MVC architecture

  • Model
    • Represents the data of the application and defines how it should be manipulated
    • Database tables, validation, associations
  • View
    • Presents data to the user
    • HTML templates, CSS, JavaScript
  • Controller
    • Handles user input and manages data flow
    • Request handling, data manipulation, response generation
  • HTTP status codes
    • 1xx informational response — the request was received, continuing process
    • 2xx successful — the request was successfully received, understood, and accepted
    • 3xx
    • redirection — further action needs to be taken in order to complete the request
    • 4xx client error — the request contains bad syntax or cannot be fulfilled
    • 5xx server error — the server failed to fulfil an apparently valid request
  • CRUD operations
    • Form the foundation of data manipulation in web apps
  • RESTful API
    • Architectural style for networked hypermedia applications → a series of rules developers follow when they create their API
    • One rule is you should be able to get a piece of data (called a resource) when you link to a specific URL
    • Defining routes
      • GET /resource
      • GET /resources/:id
      • POST /resources
      • PUT /resources/:id
      • DELETE /resources/:id
    • Best naming practices
      • Use plural nouns to represent a collection of resources
      • Use specific names
      • Avoid verbs
      • Use hyphens or underscore if needed
  • Relational data
    • Relational data refers to structuring data using tables that are related to one another based on common fields
    • The relationships between the tables allow data to be easily and efficiently accessed, queried, and updated
    • One-to-one relationship
      • Each record in one table is associated with only one record in another table and vice versa
    • One-to-many relationship
      • Each record in one table can be associated with many records in another table, but each record in the other table is associated with only one record in the first table
    • Many-to-many relationship
      • Each record in one table can be associated with many records in another table, and vice versa
  • Project planning
    • Choosing a theme
    • Writing user stories
      • Short, straightforward description of an app’s functionality expressed from the perspective of the end user
      • Classify users into one or more roles
    • Writing features
    • Writing a pitch
    • Wireframing
    • Entity relationship diagrams
    • GitHub project management
  • Authentication
    • Authentication is the process of verifying the identity of a user.
    • With authentication, a web app can control access to resources based on user identity, ensuring that only authorized users are granted access.
    • Authentication process
      • The provided credentials are compared to the stored values in a database to verify the user’s identity. This may involve hashing and salting the password for additional security.
      • If the user’s credentials are verified, they are granted access to the requested resources. If the credentials are incorrect or invalid, the access is denied 🚫
    • Setting up authentication
      • The frontend
        • The Frontend 👋
          • typically provides a login page where users can enter their credentials
          • makes a request to the backend API endpoint to verify the user’s credentials
        • The Backend 🤝
          • handles the user authentication process
          • involves setting up a database of user credentials and creating an API endpoint for user authentication

Token auth

  • If the user’s credentials are verified, the backend will generate an authentication token, such as a cookie or a JWT (JSON Web Token) and send it back to the frontend.
  • This token is used to maintain the user’s session state and keep them authenticated as they navigate through the application.
  • Session management
    • The frontend stores the authentication token securely and uses it to authenticate requests to the backend.
    • The backend verifies the token on each request to ensure that the user is still authenticated and allowed to access the requested resources.
  • Middleware
    • Implementing these steps can be tedious and complicated, but we can use middleware to help simplify the process.
    • Passport is used in many web apps and provides support for various authentication strategies.
  • OAuth
    • Authentication protocol that allows users to grant third-party apps access to their resources, without giving those applications their login credentials.
    • The OAuth protocol works by allowing a user to grant an app access to their resources by authorizing it with a token.
    • The token is typically issued by the resource owner (the user), and contains a set of permissions that determine what the app can access.