- Use a token-based approach to authorise access to API resources
- Use a hashing library to encrypt sensitive information
- Build a front-end application that interacts with a bearer-auth protected API
You are tasked with building a small frontend application containing 3 forms and a list. There is a screenshot at the bottom of this document that gives you an idea of what to aim for. As you'll be able to see, it doesn't have to look good so don't spend time on styling!
The flow of the application you build looks like this:
- A user fills in the register form to create their account with a hashed password
- The user fills in the login form to get a bearer token
- The user can then create movies once they have a valid token
- The list of displayed movies will update as a user creates them
Take a little bit of time to familiarise yourself with the project structure - this exercise has both a front-end React app (src/client/) and a back-end express API (src/server/) in it.
- Fork this repository and clone the fork.
- Rename
.env.exampleto.env - Edit the
DATABASE_URLvariable in.env, swappingYOUR_DATABASE_URLfor the URL of the database you just created. Leave?schema=prismaat the end. - Edit the
SHADOW_DATABASE_URLvariable in.env, swappingYOUR_SHADOW_DATABASE_URLfor the URL of a shadow database you created in an earlier exercise. Leave?schema=shadowat the end. - Run
npm cito install the project dependencies. - Run
npx prisma migrate resetto execute the database migrations. Pressywhen it asks if you're sure.
- Run the app with
npm start- this will open a React app in your browser and run the express server. The server will default to port4000, you can change this by adding anAPI_PORTvariable to your.envif you want. - Work through each file in the
requirementsdirectory in numerical order. You can choose whether to work on the Client or Server version of each requirement first, but you may find it easier to do Server first.
