Glow Backend: Protective Routes & Middleware Functions & Secure Environment Variables

[smackeem]

I never knew just how important middleware functions are until Jan suggested using one to get an access token for my API fetches. It was just brilliant and taught me how to manipulate the req res, and next properties in a express. Similarly, Securing environment variables to prevent data breaches. I knew it was important but it wasn't until dealing with this API and see how imperative it is to keep these variables safe, that I got a full grasp of data security.

const getToken = (req, res, next) => {
  const uriAuth = "https://test.api.amadeus.com/v1/security/oauth2/token";
  let headers = {
    "Content-Type": "application/x-www-form-urlencoded",
  };

  let body = {
    grant_type: "client_credentials",
    client_id: AMADEUS_API_KEY,
    client_secret: AMADEUS_API_SECRET,
  };

  fetch(uriAuth, {
    method: "POST",
    headers: headers,
    body:
      "grant_type=client_credentials&client_id=" +
      body.client_id +
      "&client_secret=" +
      body.client_secret,
  })
    .then((res) => {
      return res.json();
    })
    .then((json) => {
      req.token = json.access_token;
      next();
    });
};

[SamPatt]

Protective Routes & Middleware Functions & Secure Environment Variables

Great job using tokens for auth and environmental variables for security. It looks well implemented.

Adding error handling - similar to what you have in the getOneWayTrip function - could make this more robust. Switching to aync/await syntax may make implementing error handling simpler.

Overall server feedback

Code is very clean, well formatted and easy to understand.

Variables / functions are well named.

Follows the conventions we learned for file structure / naming, so it's well organized.

Back end looks very solid, nice work!