An awesome API that allows for badass CRUD note taking action
After you have cloned this repo, please set up the application by running:
npm install
After setting up, you can run the application using node:
node app.js
The default port is set to 5000 so you can access the API at this URL
http://localhost:5000/api/
GET: api/notes
GET: api/notes/:id
GET: api/notes?q=search_term
POST: api/notes
PUT: api/notes/:id
DELETE: api/notes/:id
Install Jasmine CLI
npm install -g jasmine
To run specs enter this command into your terminal within project directory
jasmine
your search more efficient?
-
My note searching api would not scale very well. Currently it is just a LIKE query on the database and there is also no indexing. This would mean that you could/would get results that are less relevant to what the user was searching for when there is more notes(data) in the system. This would also make the search slow as there are more notes because the data set that you get back could large.
-
To help it scale I would put in something like Elastic Search into the system to help.
-
I would add authentication in front of the API, more than likely using the oAuth2 protocol.
-
I would choose oAuth over Basic Auth(Username/Password), because it's much easier to use brute force or dictionary attacks. This is true because you can only make the password rules so complex and long before it is a strain on the developers wanting to develop using your API.
- Ability to update and delete a note(I already implemented this)
- Associate a note a user. This would require a user table with a one to many association
- Ability to add a tag/category. This would allow for better organization if it is something a user desired.
- Ability to link the note so you could share it with others.
- Data syncing. This would allow notes to be available across multiple platforms (iOS, Android, Web, Etc.) in near real-time.
Assuming that the API was implemented using a the MVC pattern I would test the following ways
-
Validation specs. This would test that we have validations in place for attributes that are required and must be unique.
-
Testing any business logic within the model.
-
Testing each endpoint that you can get a response back from
-
Testing successful and unsuccessful responses. This would include status codes, content-type, and other relevant headers and the body
-
Testing that the response structure is correct, meaning that the attributes on the object you expect to be there are there.
-
Testing that if you ask for a list of items that it comes back with an array around the objects
- I am huge fan of always testing the entire code base whenever a pull request comes in.