Closed TomerIrony closed 2 years ago
You've done a really good job! Glad to say that your project has been accepted
_id
is added in .eslintrc. The following rules are forbidden: eslint-disable
, eslint-disable-line
, and eslint-disable-next-line
npm run start
command that starts the server on localhost:3000
.npm run dev
command that starts the server on localhost:3000
with hot reloading.GET /users/me
returns information about the user (email and name).GET /articles
returns all articles saved by the user.POST /articles
creates an article with the data passed inside the request body.DELETE /articles/articleId
deletes the saved article using _id
.POST /signup
creates a user with the data passed inside the request body.POST /signin
returns a JWT when the correct email and password are passed in the request body./signin
and /signup
.catch()
block.process.env
..env
file, and this file should not be added to Git.process.env.NODE_ENV !== 'production'
), the code runs and works fine and an error won't occur if there is no .env
file present.
request.log
file.error.log
file.README.md
. index.js
file, which is located in the routes
folder, and app.js
contains one main route handled by routes.
Summary:
I can not see changes in the project, all previous comments are not fixed. Please take a look, I attached screenshots below comments where applicable. Hope they will be easy to fix.
Note: I may attach only one screen, but you need to find all similar cases inside the project and fix them to receive points.
Backend
Performance Criteria
[x] The repository contains all the necessary infrastructure files:
_id
is added in .eslintrc. The following rules are forbidden:eslint-disable
,eslint-disable-line
, andeslint-disable-next-line
[x] No linting errors.
[x] The scripts section of the package.json file contains the following:
npm run start
command that starts the server onlocalhost:3000
.npm run dev
command that starts the server onlocalhost:3000
with hot reloading.[x] When all dependencies are installed, the application starts with npm run dev without errors.
[ ] The following routes function as described:
GET /users/me
returns information about the user (email and name).GET /articles
returns all articles saved by the user.POST /articles
creates an article with the data passed inside the request body.DELETE /articles/articleId
deletes the saved article using_id
.POST /signup
creates a user with the data passed inside the request body.POST /signin
returns a JWT when the correct email and password are passed in the request body.https://snipboard.io/oFqYni.jpg please provide default value as well, for example like this
process.env.JWT_SECRET || 'dev'
[x] All routes are protected with authorization, except for
/signin
and/signup
.[x] User routes and article routes are described in separate files.
[x] API errors are handled:
catch()
block.[x] In production mode, the database address is taken from
process.env
.[x] Safe password storage has been implemented:
[x] Data is validated before being added to the database.
https://snipboard.io/RHvoez.jpg According to project requirement
Server request bodies should be validated prior to submitting them to controllers for processing.
please usecelebrate
library to validate requests. Here is a link to the documentation https://www.npmjs.com/package/celebrate. Router validation example below[x] Users can't delete saved cards from other user profiles. When the user tries to delete someone else's card, an error with a 403 status should be returned. If you've forgotten something, or have some doubts, you can check this reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/403
[x] The server can be accessed via HTTPS using the domain specified in README.md.
[x] Storing the private key for creating a JWT is implemented correctly:
.env
file, and this file should not be added to Git.process.env.NODE_ENV !== 'production'
), the code runs and works fine and an error won't occur if there is no.env
file present.please provide default value as well, for example like this
process.env.JWT_SECRET || 'dev'
Best Practices
[x] Asynchronous operations are implemented using promises or async/await.
[ ] Requests are validated before being passed to the controller. The body and (where applicable) headers and parameters are checked against the corresponding schemas. If a request doesn't match the schema, the processing is not passed to the controller and the client receives a validation error.
According to project requirement
Server request bodies should be validated prior to submitting them to controllers for processing.
please use celebrate library to validate all routes, including cards and users. Please note that It is necessary to validate the ObjectID not just as a sequence of characters with 24 symbols, but as a hex sequence with 24 symbols (fortunately, Joi has a built-in hex validator). Note: all routes exceptGET \users
andGET /cards
andGET /users/me
[ ] Logging is set up:
no logs, please provide logging.
request.log
file.error.log
file.[x] Errors are handled by a centralized handler.
[ ] Centralized error handling is described inside a separate module.
https://snipboard.io/kI81XQ.jpg
[x] In case of an error, the API returns a response status that matches the error type.
[x] The server can be accessed via HTTPS using the domain specified in
README.md
.[x] The application API is located on a domain with a name of the following format: name.zone/api (not just name.zone).
[ ] All routes are connected to the
index.js
file, which is located in theroutes
folder, andapp.js
contains one main route handled by routes.Recommendations
https://snipboard.io/Kt0Ael.jpg
https://snipboard.io/0uynCq.jpg
Number of points: 60