A function that has access to the request and response objects, and the next
middleware function in the application’s request-response cycle
Used to modify the request and response objects, execute code, and terminate
the request-response cycle
Databases
Organized collections of data
Essential for web applications to manage data efficiently
Provide backend support, enabling frontend web interfaces to interact with
data
Key roles of databases in web apps include
store and organize structured data
maintain data accuracy and consistency through validation rules.
enable complex data operations with query languages
support concurrent access for scalability
employ security features like encryption and access control to
protect sensitive data and ensure privacy compliance.
SQL
Programming language to manage and manipulate relational databases
SELECT column1, column2,…
Retrieves data from one or more tables in a database
The * operator selects all columns from a table
FROM table_name
Specifies the table
WHERE condition
Used to filter data based on specific conditions
Operators (=, >, <, <=, >=) can be used in the condition
Logical operators (AND, OR, NOT) can be used to combine conditions
COUNT(*)
Counts and returns the number of rows in a table
SUM(column)
Calculates the sum of numeric values in a column
AVG(column)
Calculates the average of numeric values in a column
MAX(column)
Returns the maximum value of a column
MIN(column)
Returns the minimum value of a column
ORDER BY column 1 ASC|DESC
Sorts data in ascending or descending order
GROUP BY
Group data based on specific columns
COUNT, SUM, AVG, MAX, MIN can be used in conjunction with GROUP BY clause
to perform calculations on grouped data
INNER JOIN table_name2, table_name3,…
ON matching_column_name1, matching column_name2,…
Combines data from two or more tables based on a matching column
Only the rows that have a match in both tables are returned in the result
set → inner joins
OUTER JOIN
Combines data from two or more tables
Includes unmatched rows from one or both tables
Can do LEFT outer join or RIGHT outer join based on the table you want to
prioritize
Missing columns will be NULL
SELECT …
UNION
SELECT …
Combines the results of two or more SELECT statements into a single result
set
SELECT statements must have the same number of columns, and the data types
of the corresponding columns must be compatible
Duplicate rows are automatically removed from the result set
PostgreSQL
Powerful, open-source RDBMS
Connect to a PostgreSQL database by creating a pool of connections
A connection pool is a cache of database connections maintained so that
the connections can be reused when needed, rather than being opened and
closed for each database transaction
MVC architecture
Model
Represents the data of the application and defines how it should be
manipulated
Database tables, validation, associations
View
Presents data to the user
HTML templates, CSS, JavaScript
Controller
Handles user input and manages data flow
Request handling, data manipulation, response generation
HTTP status codes
1xx informational response — the request was received, continuing process
2xx successful — the request was successfully received, understood, and
accepted
3xx
redirection — further action needs to be taken in order to complete the
request
4xx client error — the request contains bad syntax or cannot be fulfilled
5xx server error — the server failed to fulfil an apparently valid request
CRUD operations
Form the foundation of data manipulation in web apps
RESTful API
Architectural style for networked hypermedia applications → a series of
rules developers follow when they create their API
One rule is you should be able to get a piece of data (called a resource)
when you link to a specific URL
Defining routes
GET /resource
GET /resources/:id
POST /resources
PUT /resources/:id
DELETE /resources/:id
Best naming practices
Use plural nouns to represent a collection of resources
Use specific names
Avoid verbs
Use hyphens or underscore if needed
Relational data
Relational data refers to structuring data using tables that are related to
one another based on common fields
The relationships between the tables allow data to be easily and efficiently
accessed, queried, and updated
One-to-one relationship
Each record in one table is associated with only one record in another
table and vice versa
One-to-many relationship
Each record in one table can be associated with many records in another
table, but each record in the other table is associated with only one
record in the first table
Many-to-many relationship
Each record in one table can be associated with many records in another
table, and vice versa
Project planning
Choosing a theme
Writing user stories
Short, straightforward description of an app’s functionality expressed
from the perspective of the end user
Classify users into one or more roles
Writing features
Writing a pitch
Wireframing
Entity relationship diagrams
GitHub project management
Authentication
Authentication is the process of verifying the identity of a user.
With authentication, a web app can control access to resources based on user
identity, ensuring that only authorized users are granted access.
Authentication process
The provided credentials are compared to the stored values in a database
to verify the user’s identity. This may involve hashing and salting the
password for additional security.
If the user’s credentials are verified, they are granted access to the
requested resources. If the credentials are incorrect or invalid, the
access is denied 🚫
Setting up authentication
The frontend
The Frontend 👋
typically provides a login page where users can enter their
credentials
makes a request to the backend API endpoint to verify the user’s
credentials
The Backend 🤝
handles the user authentication process
involves setting up a database of user credentials and creating an API
endpoint for user authentication
If the user’s credentials are verified, the backend will generate an
authentication token, such as a cookie or a JWT (JSON Web Token) and send it
back to the frontend.
This token is used to maintain the user’s session state and keep them
authenticated as they navigate through the application.
Session management
The frontend stores the authentication token securely and uses it to
authenticate requests to the backend.
The backend verifies the token on each request to ensure that the user is
still authenticated and allowed to access the requested resources.
Middleware
Implementing these steps can be tedious and complicated, but we can use
middleware to help simplify the process.
Passport is used in many web apps and provides support for various
authentication strategies.
OAuth
Authentication protocol that allows users to grant third-party apps access
to their resources, without giving those applications their login
credentials.
The OAuth protocol works by allowing a user to grant an app access to their
resources by authorizing it with a token.
The token is typically issued by the resource owner (the user), and contains
a set of permissions that determine what the app can access.
