kevinadhiguna/express-crud-rensyu

API with CRUD, register, and login functionality powered by ExpressJS. Only for rensyu.

ExpressJS - CRUD API (template)

A goal API powered by ExpressJS, MongoDB, and Mongoose object data modeling (ODM).

To-do list :

1. Add error handling properly :

• https://www.joyent.com/node-js/production/design/errors
• https://strongloop.com/strongblog/robust-node-applications-error-handling/

[ Will do ]

2. Display Hostname, IP, etc. :

• https://expressjs.com/en/4x/api.html#req.hostname
• https://www.tutsmake.com/node-js-express-get-client-ip-address-tutorial/
• inside Request - ExpressJS docs

[ Will do ]

3. Make use of HelmetJS to enhance security : https://helmetjs.github.io/

[ Done - additional-cors_and_helmetjs branch ]

4. Use compression library : https://github.com/expressjs/compression

[ Done - additional-compression_lil-http-terminator branch ]

5. Install logging library (Winston) :

• https://betterstack.com/community/guides/logging/node-js/how-to-install-setup-and-use-winston-and-morgan-to-log-node-js-applications/
• https://signoz.io/blog/winston-logger/#what-are-transports-in-winston-logger
• https://reflectoring.io/node-logging-winston/
• https://github.com/winstonjs/winston

[ On Progress... - additional-winston branch ]

6. Please add some of best performance practices : https://expressjs.com/en/advanced/best-practice-performance.html

[ Done reading - Looking forward to implement Supervisor (process manager), handle error properly, and learn more about reverse proxy. ]

7. Explore more regarding healthcheck and graceful shutdown using some libraries : https://expressjs.com/en/advanced/healthcheck-graceful-shutdown.html

[ Done - additional-healthcheck_graceful-shutdown branch ]

8. Add PM2 as process mmanager :

• https://pm2.keymetrics.io/docs/usage/process-management/
• https://blog.appsignal.com/2022/03/09/a-complete-guide-to-nodejs-process-management-with-pm2.html

[ On Progress.. - additional-pm2 branch ]

9. Add how to handle uncaughtException OR unexpectedErrorHandler & unhandledRejection OR unexpectedErrorHandler : https://github.com/poolapack/payment-formatter/blob/dev/src/index.js

[ Done - additional-compression_lil-http-terminator branch ]

10. Add CORS : https://github.com/shawn-dsilva/mern-login-signup-component/blob/master/server.js

[ Done - additional-cors_and_helmetjs branch ]

ExpressJS docs: One thing you should NOT DO is to listen for the uncaughtException event, emitted when an exception bubbles all the way back to the event loop. (For more: )

Stackoverflow answer: Also remember that it is not safe to resume normal operation after 'uncaughtException', because the system becomes corrupted :

The correct use of 'uncaughtException' is to perform synchronous cleanup of allocated resources (e.g. file descriptors, handles, etc) before shutting down the process.

11. Given above, should one listen to uncaughtException event ? Do a research.

[ Done - uncaughtException should be handled. Let the process crash and restart again using an external monitor (process manager) that runs as an another process. Source: NodeJS docs & Heroku ]

12. Add validation using Joi

• MERN - user validation example using Joi

[ Will do ]

13. Prevent bruteforce attack

• Prevent Brute Force Attacks in Node.JS - Medium

[ Will do ]

14. Deploy ExpressJS to Vercel

• Deploy ExpressJS to Vercel - dev.to

[ Will do ]

15. Add multistage Docker build

• Use Node.js with Docker and Docker Compose to improve DX - Blog Rocket

[ Will do ]

Why do I need "next()" function ?

Read ExpressJS Middleware : https://expressjs.com/en/guide/writing-middleware.html

How to Run

1. Install dependencies

yarn

2. Set environment variables in .env

cp .env.example .env

3. Run the app

yarn dev