/express-api-template-oauth2

Template Repository for a simple oAuth2 lib, powered by express & mongo

Primary LanguageJavaScriptMIT LicenseMIT

express-api-template-oauth2

A template for starting projects with express as an API. Includes authentication and common middlewares.

Dependencies

Install with npm install.

To update the versions in package.json, run npm update --save && npm update --save-dev. You may wish to test these changes by deleting the node_modules directory, running npm install, and npm test. Fix any conflicts.

Installation

  1. Click the "Use this template" button on the root page of the repository
  2. Replace all instances of 'express-template' with your app name. This includes package.json, various debugger configurations, and the MongoDB store.
  3. Install dependencies with npm install.
  4. Set a SECRET_KEY in the environment (.env file or process manager of your choice).
  5. Run the API server with npm start. If you want your code to be reloaded on change, you should use npm run dev instead of npm start.

For development and testing, set the SECRET_KEY from the root of your repository using

echo SECRET_KEY=$(/usr/local/opt/openssl/bin/openssl rand -base64 66 | tr -d '\n') >>.env

Structure

Dependencies are stored in package.json.

Developers should store JavaScript files in src/app/controllers and src/app/models.

Routes should follow express patterns for using index.js files in folders, such as app.use('/examples', require('./examples')) from src/app/controllers/index.js

Tasks

Developers should run these often!

  • npm run test: Tests your code
  • npm run lint:fix: Fixes any auto-fixable issues

API

Use the included openapi.yaml OAS3 specification file to document your API in a reuseable manner. You can even make a documentation to make this easier to read with the open-source automated reference documentation tool provided by redoc.

Gotchas

Some things I've found developing an api with mongoose:

  • Updating virtual properties that have alternate validations/encodings/encryptions must be done with direct assignment, not through a Model#findOneAndUpdate invocation.