A) What Is Node? (back to top...) Node give you the chance to run JavaScript beyond the browser. You can run it on the server or in any enviornment for that matter. So, whereas JavaScript is something limited to your web browser, Node has no limitations in that regard. To make this happen, it uses an engine crafted by Google called "V8." It compiles JavaScript and runs it as "machine code." In addition, it adds some additional features beyond your typical JavaScript dynamic. For example, you can access files directly on you machine. JavaScript can't do that. 1) Runtime (back to top...) One term that we ran into here was "runtime," which refers to the period of time a program is up and running. JavaScript is based on Java. Java is compiled code. By that, we mean that there's a layer of "processing" that happens between the code that is written and the "machine code" that is actually executed. JavaScript, on the other hand, is happening right at runtime in that it's "interpreted" code. In some ways, this is happening regardless of the language that you're using in that everything is being converted to binary code in some way, shape or form. The basic difference is that a compiler system, including a (built in or separate) linker, generates a stand-alone machine code program, while an interpreter system instead performs the actions described by the high level program. That being the case, compiled code will be compiled before runtime, interpreted code happens right at runtime. B) REPL (back to top...) If you write "node" in your Command Line, at that point you've entered into the "REPL" dynamic. REPL stands for "Read, Eval, Print, Loop." In some ways, you can think of it as a stand-alone "sandbox" where you can proof the accuracy of your code. More on that later... A) Characteristics (back to top...) 1) Weakly Typed Language (back to top...) By "weakly," we mean that while JavaScript does recognize strings, booleans and integers, it doesn't insist that you define the datatype in the context of creating a variable. For example, with PDO, you have to define the parameter as an "INT" or a "STR." JavaScript doesn't make you do that. 2) Datatypes Can be Switched (back to top...) You can have a variable that starts out in your code as a "string," and then switch it to be an "integer" and JavaScript does not freak out. 3) Object Oriented Language (back to top...) Remember, an "object" is a combination of properties and values. JavaScript can be organized in that way. 4) Primitive and Reference Data Types (back to top...) Also, JavaScript makes use of the "Primitive" and "Reference" types. Click here for an indepth explanation, but the bottom line is that you have two types of data. You've got the "primitive" type which is going to be either undefined, null, boolean, number, string, or symbol. The other type of data is "Reference" and that's going to be an "object." All that to say, that when you're manipulating data, if the variable stores a primitive value, when you manipulate its value, you are working on the actual value stored in the variable. In other words, the variable that stores a primitive value is accessed by value. Unlike the primitive value, when you manipulate an object, you are working on the reference to that object, rather than the actual object. In short, a variable that stores an object is accessed by reference. There...! 5) Versatile Language (back to top...) You can run JavaScript on a server or on your own box - which is what Node.js is all about. 6) Wide Variety of Tasks (back to top...) JavaScript can also provide a wide variety of tasks! We'll see more of that later (it's not like we haven't already seen that...)! B) Core Syntax Review (back to top...) Here's a quick example of some things we should already be aware of: Here you've got variable (var), a basic function that includes some parameters, those parameters being "returned" using some concatenation and then we'll use this command to see it in GIT Bash: node play.js After running that, we'll see in our terminal: "Bruce plays drums with sticks." C) let, var and const (back to top...) 1) ECMA (back to top...) ECMAScript (or ES) is a trademarked scripting-language specification standardized by Ecma International in ECMA-262 and ISO/IEC 16262. It was created to standardize JavaScript, so as to foster multiple independent implementations. JavaScript has remained the best-known implementation of ECMAScript since the standard was first published, with other well-known implementations including JScript and ActionScript.[3] ECMAScript is commonly used for client-side scripting on the World Wide Web, and it is increasingly being used for writing server applications and services using Node.js. That's important because, on occasion, you'll hear "ES" in conjuction with JavaScript. For the most part, they're interchangeable in that "ES" is a standard that JavaScript abides by. From time to time, some improvements in JavaScript will be made as part of staying consistent with the ES standard. "let" is part of that effort. 2) let (back to top...) "let" allows you to avoid that situation that sometimes happens when you're changing the value of your "var" in the context of your application. Here's a great explanation from DEV: There's a weakness that comes with var. I'll use the example below to explain this. So, since times > 3 returns true, greeter is redefined to "say Hello instead". While this is not a problem if you knowingly want greeter to be redefined, it becomes a problem when you do not realize that a variable greeter has already been defined before. If you have use greeter in other parts of your code, you might be surprised at the output you might get. This might cause a lot of bugs in your code. This is why the let and const is necessary. let is preferred for variable declaration now. It's no surprise as it comes as an improvement to the var declarations. It also solves this problem that was raised in the last subheading. Let's consider why this is so. let is block scoped A block is chunk of code bounded by {}. A block lives in curly braces. Anything within curly braces is a block. So a variable declared in a block with the let is only available for use within that block. Let me explain this with an example. We see that using hello outside its block(the curly braces where it was defined) returns an error. This is because let variables are block scoped . let can be updated but not re-declared Just like var, a variable declared with let can be updated within its scope. Unlikevar, a let variable cannot be re-declared within its scope. So while this will work, However, if the same variable is defined in different scopes, there will be no error. Why is there no error? This is because both instances are treated as different variables since they have different scopes. This fact makes let a better choice than var. When using let, you don't have to bother if you have used a name for a variable before as a variable exists only within its scope. Also, since a variable cannot be declared more than once within a scope, then the problem discussed earlier that occurs with var does not occur. 3) const (back to top...) In those situations where you know your variable isn't going to change for nothing, no way, no how - you would use "const." Like this: const name="Bruce"; "name" will not change at all throughout the entire application. D) Arrow Functions (back to top...) 1) Anonymous vs Named Functions (back to top...) To convert the function that we wrote a moment ago using the Arrow Function approach, we start by referencing the function as a constant. So we started with this: var name = "Bruce"; var instrument = "drums"; var sticks = "sticks"; function description(thename, theax, theclubs) { return thename + " plays " + theax + " with " + theclubs; } console.log(description(name, instrument, sticks)); At this point, the "description" function is "declared" using "description" like what you see with console.log(description(name, instrument, sticks)); and the "description" function is technically called a "named" function. But you can also declare a function in the context of a variable. Like this: var name = "Bruce"; var instrument = "drums"; var sticks = "sticks"; const summarizeUser=function (thename, theax, theclubs) { we're now packaging our function as a constant. The function itself is now considered an "anonymous" function because it doesn't have a specific name return thename + " plays " + theax + " with " + theclubs; } console.log(summarizeUser(name, instrument, sticks)); ...we're going to get the same result. The only difference is that we're now calling our function as a value stored within a constant. And what was a "named" function is now referred to as an "anonymous" function. 2) "this" (back to top...) Now, by using the Arrow Function approach, you can write what we've got below in a manner that's a little shorter. This... const summarizeUser=function(thename, theax, theclubs) { ...becomes this: const summarizeUser=(thename, theax, theclubs) => { Now, apart from the fact that we were able to lose the word, "function," the other thing that the Arrow Function approach makes available is the "this" operator. Click here to access a good video that describes the "this" operator in some detail. The bottom line is that you can use "this" to call a function within the class that you're using "this" in. One thing that's a little distinctive about the way "this" is used in JavaScript as opposed to other languages is that, while it does refer to the functionality within the Class that it's being used in, it also refers to the dynamic that triggered the code to begin with. Here's the finished code with notes that's coming from the aforementioned video. Here's the JS: Here's the HTML...

---

Add Name

---

➀ -> This is what puts the key in the ignition and gets the motor running. ➁ -> Here's the Class that's being instantiated and because you've got a constructor in place, that piece of the code is going to fire immediately ➂ -> const btn = document.querySelector('button'); this is looking through the document and grabbing the fist element that matches "button" ➃ -> this.names is the syntax that we would use to create the equivalent to a property. "names" is now available throughout the Class as you can see in the "addName" method ➄ -> here we're using the arrow operator and it's especially utilitarian in that we're using it as a way to afford us the opportunity to use the "this" operator in order to streamline the code that you see commented out. Take a look at what is written below... In the video, this is what was originally tried: btn.addEventListener('click', this.addName; The logic was that we could invoke the "addName" method by simply prefacing it with "this." After all, isn't that what "this" is supposed to do? The problem is that "this" is not only looking within the Class that it's positioned in, it's also going by the element that triggered the function in question. In this case, it's looking at the "btn." Because "addName" is not part of the "btn" dynamic, it throws and error. To get around that, you use the "bind" element. It's going to look like this: btn.addEventListener('click', this.addName.bind(this)); By using this, we're telling JavaScript to not look for "addName" in the context of the button, but rather to look for it in the context of the Class. Now, we're good to go. Here is where the Arrow Function comes to bear. Instead of writing btn.addEventListener('click', this.addName.bind(this));, we can write this: btn.addEventListener('click', () => { this.addName(); }); The Arrow Function gives us the chance to tell JavaScript to assume the scope of the button command to include the NameGenerator Class rather than just the button itself. 3) Some Shorthand (back to top...) This works: const add = (a, b) => { return a + b; }; If you've got a function that's a mere, one-line-return kind of dynamic, you can simply do this: const add = (a,b) => a + b; If I don't have any more than one argument, I don't need the paranthesis: const add = a => a + 1; ...and, in the event that I don't have any arguments at all, I can just have empty parenthesis and I'm good to go... const randomAdd = () => 1 + 2; BTW: To make "randomAdd" fire, you would write this in your GIT Bash: console.log(randomAdd()); E) Working with Objects, Properties and Methods (back to top...) Here we go: 1) Objects (back to top...) const person = { // "person" is an object name: 'Bruce', // key value pairs are called "properties" or "fields" of the object age: '55', greet () { // you can also have an anonymous function as a property of the object (note the way the syntax is notated console.log('Hi, I am ' + this.name +' and I am ' + ths.age); } person.greet(); } The above will output: Hi, I am Bruce and I am 55 a) Arrays (back to top...) An object can also be an array... const hobbies = ["drums", "gigs"]; for (let x of hobbies) { console.log(x); } This will output: drums gigs One thing that's kind of interesting is the number of possibilities that open up when you're dealing with arrays. When you add a "dot" at the end of your "hobbies" object, you get a display that shows you several options (see image to the right). Let's take a look at "map." map "map" allows you to edit the way in which the array is displayed. Check it out: console.log( hobbies.map(hobby => { return "Hobby: " + hobby; }) ); console.log(hobbies); This will output: [ 'Hobby: drums', 'Hobby: gigs' ] [ 'drums', 'gigs' ] And because of the options we have available to us as "shorthand" with the arrow function, we can get the same output using this: console.log(hobbies.map(hobby => "Hobby: " + hobby)); push While a "const" is typically something that doesn't change, because it's an array and therefore technically what is referred to as a "reference type," you can change the elements within the array without violating the "const" dynamic. So, if I do this: const hobbies = ["drums", "gigs"]; hobbies.push("cuts"); console.log(hobbies); I get this: [ 'drums', 'gigs', 'cuts' ] This is an important concept because it underscores the difference between "primative values" and "reference types." A "reference type" is a piece of code that is pointing to something. in other words, it represents a digital address of some kind of object. The "const" in the above example, technically, hasn't changed because it's an address as opposed to a legitimate value. F) Understanding Spread and Rest Operators 1) Spread (back to top...) "Spread" is an operator that you use to add elements to an array by copying the existing array and then adding an element to it. Take a look: a) slice (back to top...) const copiedArray = hobbies.slice(); console.log(copiedArray); When I run "node.js," I get my copied array: C:\wamp\www\adm\node>node play.js [ 'drums', 'gigs' ] "slice" copies the array and you can also pass arguments into it to limit the range of elements within the array you want to copy. b) spread (back to top...) If you were to do this: const copiedArray = [hobbies]; console.log(copiedArray) We would get this: C:\wamp\www\adm\node>node play.js [ [ 'drums', 'gigs' ] ] You get what's called a "nested array." It's an array within an array. While that might be helpful to use at some point, it's not what we're looking for now. However, if we add the "spread" operator, we're telling the system to take all of the elements within the object we're getting ready to "spread" and add those to the object that surrounds what it is that we're spreading. So, if we do this: const copiedArray=[...hobbies]; console.log(copiedArray); We get: C:\wamp\www\adm\node>node play.js [ 'drums', 'gigs' ] Perfect! And what you can do with Arrays, you can also do with Objects. Here's your "person object: const person = { name: "Bruce", age: 55, greet() { console.log("Hi, I am " + this.name); } }; We can use the "..." operator to extract that object and distribute its elements to the object that our "spread" operator is attached to. Just be sure to use "{}" instead of the square brackets. So, it will look like this: const copiedPerson = { ...person }; console.log(copiedPerson); ...and that will render: C:\wamp\www\adm\node>node play.js { name: 'Bruce', age: 55, greet: [Function: greet] } 2) Rest (back to top...) "Rest" is similiar to "spread" only in reverse. Take for example this situation: We're going to use an arrow function to return an array. const CFA = (var1, var2, var3) => { return [var1, var2, var3]; }; console.log(CFA("sandwich", "friends", "Coke")); When we run that in our command prompt, we get this: C:\wamp\www\adm\node>node play.js [ 'sandwich', 'friends', 'Coke' ] This, however, is limiting because we can't add any elements to that array on the fly. For example, we couldn't do this: console.log(CFA("sandwich", "fries", "Coke", "cookie")); It wouldn't return an error, but we would get the same result. By using the "Rest" operator though, we've got access to some more flexibility. Watch... Instead of const CFA=(var1, var2, var3)), we do const CFA=(...vars). The whole syntax looks like this: const CFA = (...vars) => { return vars; }; Now, when I pass in another property into the array like what I did before, I get the entire array... C:\wamp\www\adm\node>node play.js [ 'sandwich', 'frieds', 'Coke', 'cookie' ] G) Destructuring (back to top...) In the above code, you're passing the entire "person" object into the "printName" function. Remember, an object can be a function as well, and that's exactly what you have with the "printName" object in that you've got an arrow function called "personData." In this example, you're pulling the "name" property from the "person" array and printing it. That's one way to do it. The other way to do it is by using the "destructuring" syntax which looks like this: const printName = ({ name }) => { console.log(name); }; } By using the curly braces, you're telling the system to "destructure" the incoming data and pull out the "name" property. Another way in which "destructuring" can be used it like so: const { name, age } = person; console.log(name, age); You can also "destructure" an array like this: const hobbies = ["drums", "gigs"]; const [hobby1, hobby2] = hobbies; console.log(hobby1); This will return "drums." H) Async Code and Promises (back to top...) 1) Asynchronous vs Synchonous (back to top...) Let's start with a little review on what "Asynchronous" and "Synchronous" code is. If I've got this: setTimeout(( ) => { console.log('Timer is done!'); }, 1); console.log('Hello'); console.log('Hi'); The first block of code is considered "asynchronous" code because it doesn't happen right away. The second block is "synchronous" because it happens immediately. If you were to run this, you would get: The fact that "setTimeout" is first, because there's a delay of 1 millisecond, it will get fired after the other two lines have run. So... Asynchronous Code - means that there's a delay, it doesn't happen right away Synchronous Code - happens immediately 2) callback (back to top...) Also, a "callback" is a function that is executed within another function. You see it a lot in JQuery. For example, this: $('#button').click(function() { alert"Michelle"); }); The function with the "button" code is technically a "callback" in that it's a function within a function. As far as the way it's being used here, this example does a pretty good job of unravelling the mystery... function doHomework(subject, callback) { alert(`Starting my ${subject} homework.`); callback(); } doHomework('math', function() { alert('Finished my homework'); }); In this example, this: function() { alert('Finished my homework'); ...is what's being recognized in the system in the context of the "callback" variable. So, you get "Starting my math homework" which is the first part of the "doHomework" function. Then it moves to the "callback" which is the function function() { alert('Finished my homework');. 3) constructor (back to top...) "Constructors" is a JavaScript device that allows you create many objects of the same type. Click here for more information. 4) Promises (back to top...) Constructors constitute something you want to be aware of because of the way they facilitate the "promise" dynamic. "Promises" represent a more verbose / easier way of triggering callbacks. Thing is, you rarely have to write them on your own as much as they are happening behind the scenes in the context of pre-packaged blocks of syntax. For now, just know how they look: I) Template Literals (back to top...) One other feature, we'll use from time to time are template literals: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Template_literals It's a different way of writing strings. Instead of using double or single quotation marks: 'A String' or "Another string" you can use backticks (`) `Another way of writing strings` Now why would we use that way of creating strings? With that syntax, you can dynamically add data into a string like this: const name = "Max"; const age = 29; console.log(`My name is ${name} and I am ${age} years old.`); This is of course shorter and easier to read than the "old" way of concatenating strings: const name = "Max"; const age = 29; console.log("My name is " + name + " and I am " + age + " years old."); This section is designed to go over the rudimentary aspects of Node and the web in general. A) How the Web Works (back to top...) This is pretty easy. I'm including two graphics that pretty much make the point... B) Set up a Server (back to top...) 1) Core Modules (back to top...) Node comes with a group of Core Modules by default. They are:

• http
• https
• fs
• path
• path
• os

As far as setting up your server, you've got more than one option. 2) Setup Code (back to top...) This is "Event Driven Architecture," by the way. This first example uses a "named" function: const http = require('http'); function rqListener(req, res) { } http.createServer(rqListener); You can also do it this way - using an anonymous function: const http = require('http'); http.createServer(function(req, res)); Finally, you can do it this, using an arrow function: const http = require("http"); const server = http.createServer((req, res) => { console.log(req); }); server.listen(3000); C) Event Loop (back to top...) The thing you want to be aware of is that, because of the way the Listener is set up, you never quit "running" the server. That anomoly is called an, "Event Loop." Take a look: The "event" of the server is never terminated. From that standpoint, it's called an "Event Loop." And that's a good thing! You don't want that process to stop. To terminate your session, just hit "Ctrl-C." D) Sending Responses (back to top...) You can adjust the code you used to set up your server so that you can see some responses. Check it out: Here's the response: If you wanted to send some html code and some text, it would look like this: This will give you:

I've got fix that stupid NOMAS site!

E) Request and Response Headers (back to top...) Part of what we wrote a moment ago included "headers." While that may be a familiar term, there are some things about that we'll get into later. For now, here's an online resource that lists everything we'll ever need as far as "Request and Response Headers." F) Routing (back to top...) What we're going to do in this example is use an element in the URL to dictate the flow and functionality of our page. Check it out: ^*As a rule, you don't include any code after "res.end." In this case, despited the "IF" clause, our code would continue if we just wrote "res.end." But by prefacing it with "return," then the code stops at that point as it should. G) Redirecting Requests (back to top...) This time we're going to post the form that we wrote above and redirect the result based on the form having been posted. Check it out... H) Parsing Requests (back to top...) When you send information via a form, Node is sending it as a stream of data rather than as a string or something similar. Below is a graphic that shows how it's being sent and processed. In order to access the incoming stream, we do this: The code above produces what you see below. To take this apart, let's take a look at the syntax above that's in bold: ❸ const body = []; ❶ req.on("data", ❷ chunk => { console.log(chunk); ❹ body.push(chunk); }); ❺ req.on("end", () => { ❻ const parsedBody = Buffer.concat(body).toString(); console.log(parsedBody); }); The way this breaks down is relatively simple. You've got some incoming data based on your route and your method: if (url === "/message" && method === "POST") {. Before you got write or create a file, we're going to assert a little code so we can access the incoming data stream. ❶ We're going to start by "registering" an Event Listener. An Event Listener is basically a piece of code that's triggered by a certain event. In this case, "on" is a method that we have available to use thanks to the server we created earlier (const server = http.createServer((req, res) => {). req.on("data", (chunk) => { //using an ES6 arrow function The "on" method expects two arguments. The first is the name of the event itself which, in this case, is "data..." ❷ The second argument is what we do after that event has been "heard." In this instance, the second argument is actually a function. By default, the function is going to be looking for a "chunk" as per the way Node operates in this context, hence the "chunk" in the opening parenthesis. For the function, we're going to start by instantiating a new constant called "body" and then we're pushing ❸ const body=[]; - the body is going to be an empty array ❹ body.push(chunk) - we're pushing our "chunk" of data into the empty array. ❺ req.on('end', () => { - Now, we've got register yet another new Listener to handle what amounts to the end result. Again, we'll grab the "on" method which will expect two arguments. The first one is "end." It's going to "listen" for what is the end of the incoming request. ❻ const parsedBody = Buffer.concat(body).toString(); - at this point, we can rely on the fact that the "body" constant contains all of the info that corresponds to the incoming request and we're going to use the "Buffer" object to combine it into a single string. Alright, now... Let's take the incoming string and write that to the message.txt file. To do that is relatively easy. The code is going to look like this: req.on("end", () => { ❶ const parsedBody = Buffer.concat(body).toString(); ❷ const message = parsedBody.split('=')[1]; ❸ fs.writeFileSync("message.txt", message); }); ❶ This has already been discussed. We're using the "Buffer" object to take all the pieces that have been collected and turn them into a cohesive string. ❷ "message" is going to be what holds the portion of the "parsedBody" array that coincides with the "message" value. The "parsedBody" value is going to be a series of "key / value" pairs. "message" is going to be the value to the right of equal sign that's in the first position in the array. ❸ We're now using a line from the original code, but we're placing it within the "end" function so that we're now writing the "message" constant value to the "message.txt" file. I) Understanding Event Driven Code Execution (back to top...) JavaScript is a "single threaded, asynchronous language." A "thread" is the smallest sequence of programmed instructions that can be managed independently by a scheduler, which is typically a part of the operating system. So, in other words, you're dealing with one systemic conversation at a time. However... While it may be one conversation, it's very much like an order in a restaurant kitchen. It's one order, but you're engaging several processes simultaneously. If someone orders a Bacon & Cheese Hamburger, you're toasting the bun, grilling the meat, cooking the bacon - all at the same time. Now, imagine a situation where everything about the preparation of that Back & Chesse Hamburger was being done in order. So, I start with grilling the meat and only after I'm done grilling the meat do I toast the bun. And only after I'm done toasting the bun to begin to fry the bacon. That kind of approach would be called a "Synchonous" process. Everything is being done in a specific order. "Asynchronous," on the other hand, means I'm multi-tasking. So, I'm grilling the meat, frying the bacon and toasting the bun all at the same time. It's a very efficient way of getting things done, but... ...it can lead to trouble if one of your processes outruns another that it's dependent on. If my meat is done cooking before the bun is ready, then I've got no place to put my beef patty. This is why you have to be careful when you're writing JavaScript because, while it is capable of running asynchronous code, it can be very unforgiving if you're not structuring your code so it's not triggering processes that require other functions to conclude before they start turning over. That said, take a look at what we just wrote: The part that's in bold is potentially problematic because

• the code just above it will continue to fire, even after we've sent out the response
• should something happen in the context of our EventListener that would otherwise affect the response which has already been sent, then that's going to be a problem

To solve that problem, the code that's in bold should be moved up into the EventListener code so it would look like this: req.on("end", () => { const parsedBody = Buffer.concat(body).toString(); const message = parsedBody.split("=")[1]; fs.writeFileSync("message.txt", message); res.statusCode = 302; res.setHeader("Location", "/"); return res.end(); }); } Problem is, though, that the EventListener is going to be registered, but the processing of the code in general will continue and we'll get the "My First Page" page. Moreover, you'll get an error message because the "res.SetHeader" code has fired and already written the headers. So, by the time Node goes back to process the "end" object, it can't and you'll get this: To do this correctly, you leave the order of the code intact, but you change the "fs.writeFileSync" line and convert it to a function that DOES NOT fire synchronously. Instead it fires as a proper call back. 1) Event Loop (back to top...) In order to understand what an "Event Loop" is, the first thing we need to do is get a grip on some basic terms and concepts. There's a smattering of things in the callout box to the right, including the difference between "compiled" code and "interpreted" code. First, however, let's take a look at what the "Callstack" is. a) Call Stack (back to top...) The Callstack - is a record of where we're at in the program. One thing that's significant about the way JavaScript works is that it "assembles" all of what you're doing before it actually fires. For example, take a look at the graphic below: If you look at the graphic above, you'll notice that the function being called is "printSquare(4)." So, that's added to the Call Stack at the very bottom, in that it's the first function being called. But within "printSquare," another function's being called which is "square," so that gets added to the Call Stack. Within "square," you're calling "multiply" so that is added to the stack resulting in a "stack" of functionality with "multiply" being on the very top. The "Call Stack" operates according to the LIFO dynamic which stands for, "Last In, First Out." That makes sense and it's a good thing because that's the only way in which console.log(squared) is going to display an accurate value. You have to multiply 4 * 4 in order for square to return a legitimate value and then that gives printSquare something to print to the console. Cool! b) Blocking (back to top...) "Blocking" is a term that's used to describe a part of the stack that tends to run slow. For example, a "network request" can be slow. That will slow down the entire process in that it will "clog" your call stack and prevent other functions from occuring. c) Concurrency & Web API's (back to top...) "Concurrency" means that multiple things are happening simultaneously. That becomes relevant to our discussion because, while JavaScript is a single thread, syncronous language, because of WebAPI's, it can function as something that handles more than one event asyncronously. i) Web APIs (back to top...) Web APIs are pieces of functionality that exist in the context of your web browser. Things like the DOM, AJAX and setTimeout. These are the "extra" pieces of the puzzle that JavaScript makes use of in order to deliver asyncronous processes (see diagram to the right). In the diagram you see below, you've got a setTimeout function that's going to be added to the stack, but then moved over to the API section where it will do its thing. Meanwhile, the Stack continues to function like it normally does in that it keeps moving things to the top and then discarding them as their respective functions are accomplished. BTW: What you see below is exactly the same with Node, only instead of Web API's, they're replaced with C++ API's which give you the same functionality, but without the web browser. That said, let's take a look at how this works... Here's our starting point. Notice the various "pieces" of the puzzle... The first piece of our program runs and is added to the Stack. In our Console we see, "Hi." Once that's concluded, it's removed from the Stack and we proceed. By the way, the LIFO dynamic isn't really relevant here because we're not calling a function within a function. That's where the LIFO hierarchy would apply. Here's it's pretty cut and dry. We're in and we're out. Next we call our setTimeout function. This is where our Web API's kick in. It's funneled over to the Web API section where it just sits and does it's thing. Meanwhile... setTimeout is removed from the stack and console.log makes its way into the stack and it does its thing. As soon as its done, it's removed and... You're left with the setTimeout still running. Once it's done, however, it can't just assert itself back into the stack without the risk of disturbing what's in the stack and creating a systemic mess. So, once that setTimeout is done... The setTimeout goes to the "Task Cue." Here is where we encounter the "Event Loop." The purpose of the "Event Loop" is to serve as a liason between the Call Stack and the Task Cue. If the Call Stack is empty and there's something in the Task Cue, the Event Loop will move it to the Call Stack. It's that simple. A "Call Back" is a function that, by definition, is going to be moved into the Task Cue and made to wait until the Call Stack is empty. It's not necessarily "wrong" to think of it as something that is attached to a setTimeout with a value of "0." After all, it's the setTimeout dynamic that's going to move it into the Web API box. But, you don't necessarily have to think about it that way, as long as you're recognizing the fact that the "Call Back" is being placed into the "Task Cue" and made to wait until the Stack has been depleted. You can see the video tutorial that breaks all this down by clicking here. 2) The "better code..." (back to top...) We're going to take the code that you see in grey and rewrite it like this: "return" acts as a "die," in some ways. In this case, it will force the Call Stack to empty itself and conclude whatever business it was doing. "All done!" That's what "return is doing in this instance. Then to make things wrap up with a nice, neat little bow, we put the res.statusCode = 302 etc. within the IF clause so the page goes back to its orginal look and feel. J) Blocking and Non-Blocking Code / writeFileSync vs writeFile (back to top...) Take a look at this line of code: fs.writeFileSync("message.txt", message); "Sync" stands for "syncronous." Bottom line: The next line of code won't fire until the "File" has been written. This isn't a problem in this instance, because we're writing a very shot file. If, on the other hand, we were writing a massive file, we wouldn't want this line to "block" the rest of the code from firing. Instead, we're going to use "writeFile." This takes three arguments, the third being an error. So, it will look like this: fs.writeFile('message.text', message, err => { res.statusCode = 302; res.setHeader("Location", "/"); return res.end(); }); Since we're not planning on an error, we're just going to let that object trigger the response we're planning on, so it will look like this: fs.writeFile("message.txt", message, err => { res.statusCode = 302; res.setHeader("Location", "/"); return res.end(); }); Perfect! K) Behind the Scenes (back to top...) 1) Worker Pool (back to top...) Having already discussed how JavaScript will offload Call Backs into the Task Cue which is then directed by the Event Loop to re-enter the Call Stack when appropriate, let's now consider the "Worker Pool." The diagram below shows how those tasks that involve some truly "heavy lifting" are routed to what's called the "Worker Pool." It's not that different from the Task Cue, but in those cases where you've got some time consuming tasks that might otherwise affect the user's experience, the Worker Pool is the place where those tasks are performed. Take a look: 2) Serious Event Loop (back to top...) The Event Loop is Node is a little more verbiose than what was discussed earlier. Take a look: L) Using the Node Modules System (back to top...) Just like you can use "require" and "include" in the context of a PHP environment and streamline your code so it's easier to follow, you can do the same thing in Node. Here's what you have now: Here's the way your "new" play.js looks now: Here's how the "routes.js" code looks: You can also export "requestHandler" by doing this... module.exports = { handler: requestHandler, someText: 'Pucketts is awesome!' } Now, when you go to import "requestHandler," you'll do that by writing: const server = http.createServer(routes.handler); ...and you can write to the console, by writing: console.log(routes.someText; You can do the same thing by writing: module.exports.handler=requestHandler; module.exports.someText='Some hard code'; ...and even: exports.handler=requestHandler; exports.someText='Some hard code'; M) Homework (back to top...) Homework...! A) NPM Scripts (back to top...) We've worked with this before. "NPM" stands for "Node Package Manager." It comes with Node, so you've already got it. With NPM, you can exploit some shortcuts that allow you to be more efficient in the way you write your code. The most common shortcut is "start." 1) npm init (back to top...) Start by typing "npm init in your console. Be sure you're in the correct directory! After you do that, you'll be given several questions to answer. Take a look: Once you click on "OK," a new file appears in your home directory. It's the "package.json" file. Now, watch this: You can write your own custom shortcuts, but be aware that what you see above works because "start" is a special word. Hence, they system understands, npm start. But, if under "scripts," you had this: "scripts": { "test": "echo \"Error: no test specified\" && exit 1", "start": "node play.js", "start-server":"node play.js" } If you were to try and type "npm start-server" in your console, you would get an error. For custom scripts, you have to write, "npm run start-server." Then everything is gold! B) Third Party Packages (back to top...) Rarely will you not have a number of 3rd party packages included in your application just because of the options and the uitlities that they bring to the table. They all live on the "NPM" website and you automatically access that resource by simply typing npm install 1) nodemon (back to top...) "nodemon" aids in streamlining your developmental processes by eliminating the need to manually restart the server every time you make a change to your code. To install it, all you need to do is type npm install nodemon. However... a) --save-dev (back to top...) Some packages, like "nodemon," are only relevant to your "dev" process. You don't want them included as part of your "prod" version. In that instance, you would type npm install --save -dev. b) -g (back to top...) A third option is to type npm install nodemon -g. That would result in "nodemon" being installed globally. After you type npm install nodemon --save -dev, you'll see all of the dependencies get installed in a new directory called, "node_modules." In addition, you'll see a new line on your "package.json" file that looks like this: "devDependencies": { "nodemon": "^1.18.9" } The "^" character means that if you were to run npm install, that character says that NPM would automatically install the newest version if you were to reinstall it. BTW: "package-lock.json" is a JSON file that lists your modules / dependencies according to their current version. This comes in handy when you hand your project off to another developer and they need to be using the version of a certain module that you initially used and not the most current one. 2) Core Concepts (back to top...) This comes right from the tutorial. It's a list of terms and concepts that were covered in this section... 3) Using Nodemon (back to top...) Now that you've got Nodemon installed, to use it we're just going to edit our package.json file so it's automatically triggered every time we go to start our app. Right now, our package.json file looks like this: We're going to change what's in blue to: "start": "nodemon play.js" Now, when we type npm start, the server will restart automatically. In addition, if we make any changes to our code, rather than having to restart the server manually, it will do so automatically. Not bad! As an aside, if you were try and run nodemon play.js from the terminal, you would get an error because "nodemon" isn't installed globally. Since it's installed only locally, you can only trigger it like what you've got above. This comes from the lecture and reinforces the whole concept of global vs local modules... C) Finding and Fixing Errors (back to top...) You've got three kinds of errors. Syntax, Runtime and Logic. Most of these errors you're going to be able to identify in the context of the color coding and characters displayed in Visual Studio. You can also use the Visual Studio Debugger to investigate errors in your logic. Click here and here for more information on how to use the Visual Studio Debugger. A) Quick Review - Setup a New File (back to top...) Real quick, we're going to start a new file just for the sake of keeping things real. So, set up a new directory and then from there... 1) npm init (back to top...) This is going to set up your json file where it will list all of your dependencies etc. 2) nodemon (back to top...) Here, you're going to type npm install nodemon --save -dev That's going to set your nodemon dynamic so you don't always have to manually restart your server. 3) shortcuts (back to top...) Now, set up your shortcut for your "start" command. Instead of having to type node start app.js, with this all you'll do is type "npm start." To make that happen, go to your JSON file and type... "scripts": { "test": "echo \"Error: no test specified\" && exit 1", "start": "nodemon app.js" }, B) Express Setup (back to top...) To set up Express, you're going to type this: npm install --save express. Once that's done, when you go to your "app.js" file, you'll do this: BTW: If you were to hover over the "express" word in the the const express = require("express");, press "Cntrl-click," it will take you to the "index.d.ts" file. There you'll see how "Express" is being exported as export = e;. That's why you can execute it as a function. It's also a valide request handler, which is is why you can pass it into "http.createServer." It sets up a certain way it handles incoming requests. C) Middleware (back to top...) Express functions as a kind of middleware in that it's processing incoming requests and funneling it through some code that we would otherwise have to write. Thank God for Express. Thank God for Middleware. This is the way it's going to get set up. Here's your "app.js" file: ❶ instantiate the express paradigm ❷ put the express package into a constant called "app" ❸ "use" is a method available to us via Express. It expects three arguments: request, response and "next." "next" is important and you'll see why in a minute. If you put "In the middleware" like you see it above, you'll get "In the middleware" in the console. However, if you do this: app.use((req, res, next) => { console.log("In the middleware"); }); app.use((req, res, next) => { console.log("In the middleware again"); }); The only thing you're going to get in the console is "In the middleware." You won't get "In the middleware | In the middleware again." You have to include "next" like this: app.use((req, res, next) => { console.log("In the middleware"); next(); // allows the request to continue to the next middleware in line }); app.use((req, res, next) => { console.log("In the middleware again"); }); Now the server knows to be going through your code in a way that anticipates another round of functionality. If you don't call, "next," your code will die at that point. D) How Middleware Works (back to top...) Right here... app.use((req, res, next) => { res.send('<h1>Hello from Express</>'); console.log("In the middleware again"); Rather than having to do res.write... and manually write all of the HTML header info etc., we can use "res.send" and Express will do all of that header information for us. So, instead of having to document all of those "write" chunks, Express sets up those HTML headers for us. E) Behind the Scenes (back to top...) If you head out to the GIT Repository for Express and click on "lib" and then look at the "response.js" code, you'll see where these shortcuts and snippets are coming from. Do a search for "send(" and you'll see how we're able to pull off "res.send()" like we did earlier, as far as the headers being crafted for us. This is line #141 of the response.js file: switch (typeof chunk) { // string defaulting to html case 'string': if (!this.get('Content-Type')) { this.type('html'); } Another healthy piece of background information is on the "application.js" file located also in the "lib" directory. This is coming from line #609 and #610: http.createServer(app).listen(80); * https.createServer({ ... }, app).listen(443); This is what allows us to make some additional "cuts" to our "app.js" code. Now, instead of this: const server = http.createServer(app); server.listen(3000); ... we can do this: app.listen(); Plus, we can also get ride of "const http = require("http"); BOOM! F) Different Routes (back to top...) If you go out to expressjs.com, you can see the documentation that pertains to "path." What we're looking at is app.use([path,] callback [, callback...]). Based on that, if we did this: app.use('/', (req, res, next) ...the addition of '/', means that we're now "routing" our user to the syntax that immediately follows that code. This, however, is the default. To get to that place where we can handle other routes, we do this: const express = require("express"); const app = express(); app.use("/add-product", (req, res, next) => { console.log('The "Add Product" Page'); res.send('<h1>The "Add Product" Page!</h1>); // if you put your customary "next" here, this route would not be acknowledged }); app.use("/", (req, res, next) => { console.log("In the middleware again"); res.send("<h1>Hello from Express</h1>"); }); app.listen(3000); The reason this works the way that it does is because Express reads the code top to bottom. If you put a "next" in the first clause, the code would continue and the "add-product" dynamic wouldn't register. In the absence of the "next" dynamic, you've got a legitimate routing clause. By the way, if we wanted to have some dynamic in place that always ran, regardless of the route, then you would simply put this on the top of the stack: app.use("/", (req, res, next) => { console.log("Always running, my man!"); next(); }); As a whole, it would look like this: Here's what our console is going to look like: Notice that while you're sending a response only once, the fact that we're writing to console based on the presence of the "/" character in a way that is constant is what produces the redundancy of that piece of the code. G) Parsing Incoming Requests (back to top...) With this we're going to have a form that posts to a particular route and then parse the incoming data using Express. What was kind of convolluted before, is now pretty streamlined. Check it out: ❶ You're going to have to install a new Express third party package called "bodyParser." You're going to do that by writing $ npm install --save body-parser This is going to do everything that we had to write by hand earlier. BTW: When you're getting ready to use a third party package, the first thing you're doing code-wise is "importing" it and storing it in an object (const). ❷ app.use(bodyParser.urlencoded()); "registers" the middleware and calls the "urlencoded" function which is going to split, parse and produce the data coming in through our form ❸ Prior to importing the "bodyParser" package, console.log(req.body) threw an error. With bodyParser, we get title: 'Muscular Christianity' H) Limiting Middleware Execution to POST Requests (back to top...) Right now, our code will parse both POST and GET requests, which isn't always going to be healthy. No biggie. Just change, "use," to "post" and you're all set. What's great about this is that, while our "product" route is purely for the sake of processing our form, by using "post," a user could go to out that page and not be confronted with an error because the page was looking for either a GET or a POST request. By using "post," now it's not triggered for anything other than an incoming form. So, while before we had: app.use("/product", (req, res, next) => { console.log(req.body); res.redirect("/"); }); ...now we've got: app.post("/product", (req, res, next) => { console.log(req.body); res.redirect("/"); }); I) Using Express Router (back to top...) To do the equivalent to "require" like you would in PHP to streamline your code, you're going to handle it like this: This is your code now: What you have in yellow is going to be your "admin.js" file and what you have in red is going to be your "shop.js" file. To pull this off, you're going to need the "routes" package and you'll also need to be sensitive to the order with which you place your various elements. First, let's take a look at what the "new" app.js file is going to look like: ❶ - you're going to create an object "adminRoutes" to hold the code coming from your new "admin.js" file. Notice you don't have to specify ".js." Express already assumes that. ❷ - here's your "shopRoutes" object that holds the colde coming from "shop.js." ❸ - order matters! Before you call your "adminRoutes" code, you need to have the bodyParser object in place ❹ - now you implement your adminRoutes code that's going to have the appropriate code to use the bodyParser etc ❺ - same thing with your shopRoutes Here's your "adminRoutes.js" file... ❶ import your express object ❷ import your Router object from Express ❸ notice how you're using "router.get" rather than "app.get" like you did previously because you're now having to incorporate the "router" dynamic ❹ same thing as #4 in that you're using "router.post" rather than "app.post" ❺ be sure to export your router object And here's your "shopRoutes.js" file... Same sort of concepts that we just went over with the "adminRoutes.js" file! J) Adding a 404 Error Page (back to top...) Up to this point, we don't have any way to handle bogus page requests. For example, if the URL the user wanted to use was localhost:3000/asdf, we would get an error that made it look like we didn't know what we were doing as programmers. This will solve that: app.use((req, res, next) => { res.status(404).send("<h1>Page not found</h1>"); }); Remember, our code is going to be read from top to bottom. At this point, we've got two different scenarios being accommodated. One is the "/" dynamic and the other is "/add-product." Anything else and our page is going to explode. However, by using what we have above, which is taking advantage of Express' "status" method, we can funnel any rogue URL's through this option that will produce a legitimate page as opposed to a bogus error. K) Filtering Paths (back to top...) We can streamline the manner in which we might better qualify some of our routes by deploying a little shorthand. Here's the admin.js file: We can actually deploy a little shorthand to make it less complicated by adding "admin" to our "app.js" file like what you've got here: app.use('/admin', adminRoutes); By including "/admin," Express knows to be looking for that qualifier in a way that will not require us to specify that like you see above. Bear in mind, though, that this piece: router.get("/add-product", (req, res, next) => { res.send( '>form action="/admin/add-product" method="Post">>input type="text" name="title">>button type="submit">Add Product>/button>>/form>' ); }); ...you'll still need to include "admin/" to your "form action." L) Writing HTML (back to top...) So, we'll start by creating a "Views" directory, since our app is going to follow the MVC architecture format, and then we'll create an "add-product.html" page and a "shop.html" page. One thing that Express does which is kind of nice is pictured to the right. As soon as your "html," you get a pulldown and you can select the "html-5" option which will automatically create an HTML 5 template. Once we have that template in place, we'll write some basic HTML which looks like this: M) Rendering HTML (back to top...) To render some the HTML pages we're starting to write, here's what we do, as far as our routes are concerned: ❶ start by importing the "path" package from Express ❷ use res.sendFile(path.join) to get things moving and then use __dirname, "../", "shop.html")); to concatenate the path that shop.js is going to use to be able to reach the shop.html file. N) Returning a 404 Page (back to top...) Let's use the "routing" dynamic to return a 404 page. Pretty straight forward, actually... Here's your app.js file: ❶ - import the "path" module ❷ - use the "sendFile" dynamic along with the conjugation of what represents a path to the 404.html page O) Navigation Helper Function (back to top...) This works: router.get("/", (req, res, next) => { res.sendFile(path.join(__dirname, "../", "views", "shop.html")); }); ...but the path dynamic is a little cumbersome. To streamline that, we'll use the "path" helper which is available through Express. It looks like this: First of all, set up a "routes.js" page in a directory we'll called "utility." On that page we'll write this: bring in the "path" module use the "dirname" function that's available to use within the "path" module as well as the whole path.dirname(process.mainModule.filename dynamic to settle on what it is that represents the home directory. Now, when I go to my "admin.js" file, I'll do this: You call the "path" module, you then use the "rootDir" dynamic that is now being made available by the path.js page. You can now introduce some shorthand that makes the routing syntax a lot shorter and cleaner. P) Serving Files Statically (CSS) (back to top...) In order for Node to recognize the typical <link rel="stylesheet" href="/css/main.css"> code, you've got to bring in the app.use(express.static(path.join(__dirname, "public"))); dynamic. "static" refers to the way in which it's going to process links to that particular directory, which, in this case is, "public." Whereas before a typical reference to the "main.css" page wouldn't work, now it will. A) Sharing Data Across Requests and Users (back to top...) The idea is to take the data that the user is inputting and putting it into an array that we can then manipulate. Here's how we're going to do it: ❶ - set up a variable that's going to hold an array ❷ - push the incoming form data into the "products" array ❸ - we're changing up the way we're exporting things now so we can export some data as well as the routes ❹ - exporting the "products" array now... We're exporting that "products" array in a manner where we can now capture that puppy in the "app.js" file. Here's what that looks like... ❶ - set up a new const and grab what's being exported from the admin.js file ❷ - grab the "products" piece from what's being exported B) Template Engines (back to top...) The first thing you're going to do is install the Pug, EJS and the Handlebars template engines... We're going to start with Pug, so the next thing we're going to do is adjust our code so it's looking for a Pug template rather than a HTML page. Here we go... app.js Add this to your app.js file so your system knows to be looking for the Pug template engine. app.set("view engine", "pug"); app.set("views", "views"); "set" is used to establish a global dynamic. You'll notice with "const," we've got to call some "const" values every time we start a new page. With "set," you're "once and done!" Notice, the "view engine" dynamic. That means every "view" is going to be processed as something that's going to be processed via Pug. app.set is "views" by default. We're going it here for the sake of drill. That being the case, you now have to set up a Pug file in your Views directory. Bear in mind that every "view" is now looking for a Pug file. You don't have to change anything in your routing... 2) Pug Code and Dynamic Content (back to top...) Here's the original HTML compared to your new Pug template. And here's the Pug template... ❶ You can kick off your Pug template the same way you did with your HTML docs in that you type "html" and you'll get a pulldown of possible HTML doctypes. Choose "5" and Express / Pug will give you a Pug HTML header. Notice that you're not using any delimiters with Pug. Also, indentation is key. You MUST indent in order for the code to be rendered / read accurately. Notice you're "title" tag. In your static HTML file, you've got this: <title>Add Product</title> In your Pug file, you've got this: ❷ title #{docTitle} This is coming from your admin.js / shop.js file. Remember? In your admin.js file, you've got this: You establish your "products" const. When we post something, we're "pushing" something into the products array and that "something" is whatever the value associated with the "title" input field may be... <input type="text" name="title" id="title"> - this is coming from the "add-product.html" page So, we push someting into that array and then we're exporting it at the bottom of the page by using this: exports.products = products; If there's something in that array, it will be available to us in the context of the "products" value it's exporting. Now, let's take a look at "shop.js..." we grab what's being exported from the "admin.js" file in the "routes" directory. That's going to include the "products" piece (exports.products = products;) now we grab the "products" from what's being exported by the "admin.js" page this is different! Notice the code that we've got commented out. This code is what's going to allow Pug to see the dynamic content we're sending over with "res.render." The first argument is the name of the Pug file that we're targeting which, in this case, is "shop." we're using curly braces to specify the variables we're sending over to the "shop.pug" file. In this case, we've got a variable called "prods" which has our "products" array and we're also including another variable called "docTitle." This is ❷ ! This is the original code we were using when we were simply calling an HTML file All of this is now properly packaged for the Pug file! The first thing that we did is grab the "docTitle" variable that was coming to us from "shop.js." That was ❷ . ❸ Next, you've got "main." Notice, no delimters and, again, indentation is huge. With ❺ , you've got a loop that's going to enumerate everything in the "prods" variable which was from "shop.js." In this case, the only key value pair is the "title -> book name" which, again, is coming from "shop.js" which is being generated from what's being exported from "admin.js." And finally, ❻ is your closing "if" statement in that if your array is empty, you'll get the "No Products" text. Let's take a look now at the "Add Product" page as a Pug doc... This is going to be rendered by the "admin.js" file like this... router.get("/add-product", (req, res, next) => { res.render("add-product", { pageTitle: "Add Product" }); }); And finally, you've got the "404.html" page. Here's how that looks as a Pug doc... And that's going to be rendered in your "app.js" file and that's going to look like this: app.use((req, res, next) => { //res.status(404).sendFile(path.join(__dirname, "views", "404.html")); res.status(404).render("404"); }); 2) Using Layouts / Extends (back to top...) This last piece shows how to use "extends" which gives you the opportunity to do something to like PHP's require when it comes to repetitive content. First, let's look at the "app.js" page: i) app.js (back to top...) ❶ you're passing the "pageTitle" variable into the "main-layout.png" file. ii) main-layout.pug (back to top...) In "views->layouts," you now have file called "main-layout.pug." Here's the way that looks: ❷ "block" represents a piece of code that Pug recognizes as a placeholder for forthcoming content. In this case, it's going to be your "styles" content ❸ some "if" shorthand that's evaluating the incoming "path" variable to determine whether or not the class needs to be "active" ❹ some more "if" shorthand that's evaluating the incoming "path" variable to determine whether or not the class needs to be "active" ❺ another "block." This is for your content. iii) admin.js (back to top...) For "admin.js," the only code you're altering here is the "pageTitle" variable that the "main-layout.pug" file is going to be looking for. router.get("/add-product", (req, res, next) => { res.render("add-product", { pageTitle: "Add Product", path: "/admin/add-product" }); }); ...same sort of thing for "shop.js..." iv) shop.js (back to top...) router.get("/", (req, res, next) => { const products = adminData.products; res.render("shop", { prods: products, pageTitle: "Shop", path: "/" }); //res.sendFile(path.join(rootDir, "views", "shop.html")); }); v) add-product.pug (back to top...) Here is where things start looking sharp! This is your "shop.pug" file: ❼ this first "block" is your styles ❽ - this is your content And here's your "Add-Product" page... Same kind of dynamic. Much cleaner and much easier! You get the idea! 3) Handlebars (back to top...) Handlebars is another template engine that uses a little more HTML and less markup. Here's how get that motor running in your "app.js" file: ❶ while Pug is automatically installed with Express, Handlebars is not and that's why you have to import it even after you install it ❷ now that the Handlebars engine has been imported, you still have to let Express know that it exists. You do that using the "engine" method that's a part of the "app" object. You're doing this a little bit differently than you did before. With Pug, you did this: app.set("view engine", "pug"); You did it that way because Pug comes with Express. With Handlebars, you've got specify it by using the "engine" method within the "app" (Express) object. The sytnax that you're using takes "expressHbs()," which Express understands to be the Handlebars library, and associates it with the first variable you specify in the line of code which, in this case is "hbs." That's going to be the extension of your "Handlebar" docs. ❸ Once you've got access to the Handlebars paradigm and you've got pointed it to the characters you're going to use to identify your "Handlebars" doc type, you set your global view dynamic to be such that it's looking for "hbs" file types. 4) Convert Project to Handlebars (back to top...) To convert our project to a Handlebars paradigm, we're going to do make the following changes... i) add-products.hbs (back to top...) To the "Add-Products" page, you're just going to uncomment what you had in terms of pure HTML and let that be your "add-product.hbs" page. Like this: That part is easy. For "shop.hbs," you've a couple of things that need to change, both with that file and with "shop.js." ii) shop.hbs (back to top...) For "shop.js," you've got this: ❹ not a big deal, but something to keep in mind for Handlebars. Handlebars doesn't look for the "length" of a particular value. Rather, it's going to be looking for boolean values - either "true" or "false." hasProducts: products.length >0 is an "if" statement that assigns the "hadProducts" variable either a "true" or "false" based on whether or not the lengh of your products array is greater than 0. That's important because of what comes next: This is your "shop.hbs" page... ❺ grabbing your page title dynamically ❻ here's the boolean value we set up in "shop.js" to determine whether or not you have to iterate through an array that may or may not exist ❼ here's how you loop through an array. In this case, we're iterating through "prods." ❽ here's how you close your "each" loop ❾ here's how you introduce an "else" dynamic ❿ here's how your close your "if" clause 5) Using Layouts in Handlebars (back to top...) Using Layouts in Handlebars in similiar to Pug, but with some minor tweaks. i) app.js (back to top...) First off, go to "app.js" and let the system know where to be looking for your layout files. You do that by adding this to your "app.engine" code: app.engine( "hbs", expressHbs({ layoutsDir: "views/layouts/", // where you're keeping your "layout" file defaultLayout: "main-layout", // the name of your default Layout file extname: "hbs" // something that is unique to Handlebars in that you have to define the extension name of the file you're using for your layout page }) ); Before, all you had was this: app.engine("hbs", expressHbs()); ii) main-layout.hbs (back to top...) Now, you're adding your "layouts" dynamic. We'll use the "404.html" page as our scaffolding... ❶ This is dynamic content You're passing your "pageTitle" in from your "shop.js," "admin.js" and your "app.js" files. ❷ Here you're doing something a little different because of the way "Handlebars" is wired. With Pug, you could do "block styles." With Handlebars, you need to throw some "if" clauses into the mix in order to accommodate the different styling you're going to want depending on the page you're on. An inline "if" clause that's grabbing the "active" variable and gauging it to determine whether or not the link in question needs to have the class of "active." Now, let's set up our other routes to declare the variables our "layout" is going to be looking for and then we'll craft our pages knowing that the new "layout" dynamic is in place. iii) admin.js (back to top...) The things that we're sensitive to here are in yellow: ...and you'll see those variables being plugged in as you see below. <title>{{ pageTitle }}</title> <link rel="stylesheet" href="/css/main.css"> {{#if formsCSS}} <link rel="stylesheet" href="/css/forms.css"> {{/if}} {{#if productCSS}} <link rel="stylesheet" href="/css/product.css"> {{/if}} and here... <li class="main-header__item"><a class="{{#if activeShop }}active{{/if}}" href="/">Shop</a></li> <li class="main-header__item"><a class="{{#if activeAddProduct }}active{{/if}}" href="/admin/add-product">Add Product</a></li> iv) shop.js (back to top...) To use the "layout" dynamic on the "shop.js" page, you'll do this: Now that you've got your routes squared away, specifically in terms of fowarding the expected variables to your "new and improved" hbs files that are now using the "main-layout.hbs" file, this is what you've got where your "add-product.hbs" page is concerned: v) add-product.hbs (back to top...) Pretty intuitive. Everything is now being handled by your "main-layout.hbs" file, as far as header information etc. You'll notice that you don't have to "call" that file like you had to do with Pug. And that's it! 6) EJS(back to top...) EJS stands for "Embedded JavaScript Templates," and is the template engine of choice in this tutorial. First thing, we're going to our "app.js" file and change our "view engine:" app.set("view engine", "ejs"); Notice this is a lot less cumbersome than "Handlebars" where you had to import the library, instantiate it, etc. Now that you've done that, Express knows to be looking for an "ejs" file for every page that needs to be rendered. One thing to be aware of is that we don't use "layouts" with EJS, but you still have access to an "include" dynamic and we'll get to that in a minute. Let's start with the "404" page... i) 404.ejs (back to top...) You'll notice that you can write a lot of pure JavaScript and HTML code with this paradigm... You'll notice the use of "include." This is EJS's way of referencing files that constitute common denominators when comparing one page to another. Here, as in the other pages, you see the "head.ejs," the "navigation.ejs" and the "end.ejs." Here are those files: - head.ejs (back to top...) ❶ The EJS code that you'll use in this situation is <%-. In a little bit we're going to be using <%=. The difference is that with <%= we're going for a value. With <%- we're letting the system know that it's getting ready to render some HTML rather than strict text. That said, it's obvious we're getting ready to render some HTML and here's how that's going to look like in our "head.ejs" template... grabbing the page title dynamically... - navigation.ejs (back to top...) ❷ Same kind of thing with our navigation. We're not printing text, we're rendering code as per the <%- dynamic. Here's that that "navigation.ejs" code: Notice the "if" statement that controls whether or not a particular link is "active." And that's going to be coming from the corresponding "js" file. So, for example, if you've got the "shop" page being rendered, the "shop.js" file has this: router.get("/", (req, res, next) => { const products = adminData.products; res.render("shop", { prods: products, pageTitle: "Shop", path: "/", hasProducts: products.length > 0, activeShop: true, productCSS: true }); We've gone through this before, but you know... - end.js (back to top...) </body> </html> ii) add-product.ejs (back to top...) Notice how you're grabbing the "common" files in your header, but you are grabbing the CSS files that are unique to this particular page. iii) shop.ejs (back to top...) ❶ looking to see if we've got anything in the "products" array which is coming from "admin.js..." ❷ If there's any content in the array, the code proceeds to iterate through the array ❸ Here's how you close the loop ❹ Here's how you close the "if" clause And that's it, baby! Here's another assignment and a great spot to do a review of how to set up an app and what code needs to be where in order to accomplish what we've looked at thus far... A) Setup (back to top...) To set up a new app, you're going to: set up the directory npm init - that initializes your project with Node and puts your "package.json" file in place install nodemon - you do that by entering npm install nodemon --save -dev Setup Shortcuts -pop the hood on your "package.json" file and set up your "start" shortcut with "start": "nodemon app.js" Install Express - you install express by typing npm install --save express i) Starting Point of a Working App (back to top...) Remember, when you install "Express," you're geting a lot of functionality in place by default. Your "bare bones" app.js file will look like this: const express = require("express"); const app = express(); app.listen(3000); console.log("good to go"); You don't have to declare your "http" object or your "server." Remember that because otherwise you'll get some errors! At this point, you've got a working page / app! Having said that, let's take a look at what our "app.js" file is going to look like and break it down... B) app.js (back to top...) require("path") const express=require('express'); const bodyParser = require('body-parser'); const app = express(); view engine create routes app.use(bodyParser.urlencoded()); express.static(path.join(__dirname, 'public')) app.use("/admin", adminData.routes); 404 page C) routes/admin.js (back to top...) The "routes" dynamic is what controls your content. Much like the "model" aspect of the MVC architecture, you're going to use this part of your app to dictate what is being displayed on your page. It's not just a URL. This has got some content and flow to it. Here we go... const path = require('path'); const express = require('express'); const rootDir = require('../utility/path'); const router = express.Router const products = [] here you're setting up the page content when you first access it. Here's how the code looks: here's how you're "posting" your data into the array that will be seen on your display page export.routes = router; export.products = products; D) routes/display.js (back to top...) Again, this is the "model" aspect of the app and this one is disseminating content to the "display" view that you're going to be creating in a minute. Let's take it apart: const path = require('path'); const express = require('express'); const rootDir = require('../utility/path'); const adminData = require('./admin'); const router = express.Router here is where you're "getting" your content and then exporting at the end of your page here is where you're "getting" your content and then exporting at the end of your page E) utility/path.js (back to top...) On your two "routes" pages (admin and display), we introduced a little shortcut for the "root" directory, remember? It looks like this: const rootDir = require("../utility/path"); To review this concept, click here. Bascially, what you're doing is using the "path" module that's a part of Node and then using the "dirname" function to represent what represents the "home" directory for your app. So, after you've created your "utility" directory, you'll write this for your "path.js" page: const path = require("path"); module.exports = path.dirname (process.mainModule.filename); F) header.ejs (back to top...) Now we're getting into our "Views." The first thing we're going to build is something that every page is going to share and that is the, "header." First, set up your "views" directory and then in that folder create an "includes" directory. In that directory, we'll put our "header.ejs" file. Remember, you can set up a "stunt" html file and use a function that "Express" offers, as far as being able to type "html" and "Express" will provide all the header code you need for an HTML 5 page. Click here for a refresher. Some of your content is going to be dynamic, so let's take a look at what your code is going to be: <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta http-equiv="X-UA-Compatible" content="ie=edge" /> <title><%= pageTitle %></title> dynamic content that will provide our "pageTitle" which we'll pass on as a variable <link rel="stylesheet" href="/css/main.css" /> </head> </html> G) footer.ejs (back to top...) Nothing especially noteworthy here. This is just the "caboose" for every page: </body> </html> H) navigation.ejs (back to top...) This is your third and last "include." This is the "navigation" bar. The one thing you want to be sensitive to here is the way in which the code dynamically asserts the "active" dynamic for the links... Navigation "IF Statement for "Index" Page Navigation "IF Statement for "Admin" Page I) public / css (back to top...) Not a whole lot to figure out here. You're just setting up a "public" folder in your main directory and putting your three CSS files in there. J) add-name.ejs (back to top...) Most of the above syntax has already been explained. Your "pageTitle" is dynamic content that's going to be coming from your "route" file, and we'll see that in just a minute. K) admin.js (back to top...) admin.js is the code that's publishing your names to the "display.js" page. Here's how it breaks down: const path = require("path"); const express = require("express"); const rootDir = require("../utility/path"); const router= express.Router(); const products=[]; router.get... router.post... exports.routes=router; exports.products=products; Up to now, we haven't taken the time to organize things according to what is referred to as a "separation of concerns." This is where you're separating your database functionality from your display functionality etc. A) The Controller (back to top...) By definition, the Controller is serving as the intermediary logic between the data and the view. Given that definition, you can see how we've been doing that very thing in the context of our routes. That's where we'll be grabbing some of the code and putting that into our new "controllers" directory. Also, while we've got a "shop.js" file and an "admin.js" file, the files overlap with one another in the way they interact with the "products" table. That's why you'll see "shop" and "admin" functionality on the one, new "products.js" file in the "controller" directory. Here we go... 1) admin.js (back to top...) This is the "admin.js" file as it currently exists: admin.js is the code that's publishing your names to the "display.js" page. Here's how it breaks down: Pause for a moment and reflect on the "content" of what you're looking at. Basically, you've got only two different scenarios to contend with: Your "get" and your "post." router.get... router.post... exports.routes = router exports.products = products router.get('/add-product', productsController.getAddProduct); Now, you're referencing the previously documented syntax in the context of your "productsController." The code itself is pretty intuitive. You've got the ('/route', nameofController.methodWithinController); The same goes for your "add-product" syntax and then you've got the "router," holding all your syntaxial excellence being exported. router.get('/add-product', productsController.postAddProduct); Just like we said in the above line - you're now referencing that code rather than explicity documenting here. module.exports = router; Whereas before you exporting the "products" dynamic, now you're just sending out what you've got represented by the "router." Here's how everything looks when it' side by side: 2) shop.js (back to top...) Here's what it did look like: const rootDir = require("../utility/path"); const adminData = require("./admin"); router.get router.get You see? Nothing's really changed with the exception that everything now is being grabbed from another page. Here's how it looks side by side: 3) product.js (back to top...) Here's the "product.js" page. Let's look at it and break it down: Most of the code should look familiar to you with the exception of how everything is being prefaced with the "exports" code. Here's the first "change" that we want to consider: exports.getAddProduct = (req, res, next) => { The original code looked like this when it was parked on the original "admin.js" page: router.get("/add-product", (req, res, next) => { res.render("add-name", { pageTitle: "Add Name", path: "/admin/add-name", formsCSS: true, productsCSS: true, activeAddProduct: true }); }); It's the same code with the exception of the first line: exports.getAddProduct. This makes sense! Instead of router.get("/add-product", (req, res, next), where you've got the route followed immediately by the actual syntax, now we've got router.get('/add-product', productsController.getAddProduct);. In other words, we're identifying the route and then calling the actual functionality associated with that route by referring to what is now on our "Controller" page (product.js). That code doesn't reference the route, it just refers to the code associated with that route. Look... The first part of the exports.getAddProduct=(req, res, next) => { is "exports." "exports" is an object that, by definition, is going to be a collection of properties and methods. We're going to be packing our "exports" object with all kinds of stuff! The first thing we're going to be packing into it is a method called "getAddProduct" and that explains the very next part of the code, exports.getAddProduct. That's the pattern that applies to everything we've done as far as "placing the actual code in the "product.js" file that was in the "admin.js file and referencing it as the name of the method in the Controller file and then assigning it to the "exports" object. exports.postAddProduct = (req, res, next) => { This was the "post" code that we had on "admin.js." Now, we're just reiterating the same code, calling it "postAddProduct" so the "admin.js" file knows how to refer to it in the context of the Controller dynamic (productsController.postAddProduct) and that's all there is to it! exports.getProducts=(req, res, next) => { This was code that we originally had our "shop.js" page. And just for the sake of review: exports.getProducts=(req, res, next) => { res.render("shop", { // this is the "shop.js" view page prods: products, pageTitle: "Shop", path: "/", hasProducts: products.length > 0, activeShop: true, productCSS: true }); }; Again, the "exports.getProducts" is now the name of our method in the Controller with the path being identified on our "shop.js" file. Just for the sake of establishing a sound line in the sand as far as the fact that right now we're looking at 100% accurate code, here's what we've got: app.js - this is your starting point. The change we made here was the way in which your "404" page was referred to. admin.js - change the "POST" and "GET" functionality. This is feeding your "add-product" route. shop.js - moving the "getProducts" code over to the Controller. This is feeding your "shop" route which is your default page. Here is your functionality in the "controllers" directory. There are only two files, here's the "products.js" file: products.js ...and here's your "error.js" file: error.js - easy peasy... B) The Model (back to top...) Just for the sake of making things crystal clear. When we first stated this tutorial, we were writing things in pure, hard-core Node.js. We then added the "Express" dynamic which gives us the opportunity to "write" a lot more with less code. We then began setting up our app with the routes and the includes that made sense. We're now going back and organizing our code into the three main categories that characterize the best practices / solid designs found in quality applications: MVC - Model, View, Controller. The "app.js" file is going to be the starting point for your application by importing your libraries, registering the appropriate objects, setting your view template and defining your routes. The "routes," for all intents and purposes, are what funnels your systemic flow to the appropriate Controllers. Your Controllers will reference your Models and that's what we're doing here. 1) product.js (controller) (back to top...) Here are the changes you're going to make in your current "product.js" file in your "controllers" directory: const product = new Product(req.body.title); product.save(); const products = Product.fetchAll(); 2) product.js (model) (back to top...) Here's your "product" Model. Look at things side by side. On the left you have the "products.js" page when we were "cheating" a little bit and allowing both the Model and the Controller categories of functionality to exist side by side. Here's what it's going to look like when we break it up: Couple that with the "products.js" model and you've got yourself a happening app! BOOM! Up to now, we've been storing our data in the "products" array. Now we're going to take whatever data has been inputted and writing it to a file on our desktop. This is going to involve the "fs" or "file system" module that comes with Node. Let's pop the hood on this thing and see how it works. A) How You're Going to Change the Model (back to top...) 1) File System (fs) (back to top...) Here are the initial changes you're making to the "save" method. 1) File System (fs) (back to top...) const fs = require("fs"); First thing we're going to do is import the "File System" module. 2) path (back to top...) Next thing you're doing is you're using the path module. Again, by definition, this is the facility within Node that gives you the ability to work with file paths and directories. a) join (back to top...) The join property is what you're using code-wise to join two different paths together. b) dirname (back to top...) dirname is what Node uses to identify the current URL / path of the current file. process.mainModule.filename is what you use to identify the whole URL of the application you're currently running. So, when you combine the whole gambit of that one chunk of code, what you're basically doing is identifying the path of the file you're writing to. That's a lot of code, but that's what it's doing! 3) readFile (back to top...)

3

readFile(p, (err, fileContent) => readFile is what Node uses to read a file on your computer. It takes two arguments: "err" and "data," or in this case, "fileContent." a) JSON.parse(fileContent) (back to top...) JSON.parse(fileContent) - the JSON module comes with Node, so you don't have to import it. On this line, you're parsing your file as a JSON object. 4) products.push(this) (back to top...) products.push(this) - "this" represents the entire object that is current in the method you're in right now. In this instance, it's the parsed JSON article that you've created in the previous line. 5) fs.writeFile (back to top...) fs.writeFile... this is going to either create or completely replace the file (the one that is referred to by "p" [the url of the current file]). "stringify writes the JSON object to a file. "readFile" translated your file into a JSON object and now it is writing it to a file. Take a minute and think about what you had before. save() was this: save() { products.push(this); } Now, it's everything that you see above. So, here's a "before" and "after" look: A) static fetchAll(); (back to top...) Right now, our fetchAll() code is very brief: static fetchAll() { return products; } It's a static function that is simply returning the "products" array which will be parsed by our "shop.ejs" file in our "views" directory. We have to change that up a bit now, because the JSON file isn't going to be read the same way an associate array would be processed. Now, we've got use "readFile." static fetchAll(); - it's a static function and therefore, by default, we can call it without having to create an instance of the class beforehand. 1) path.join (back to top...) const p = path.join( - you're setting up "p" as a variable and letting that represent the URL of the document you're targeting on your system. You're going to "join" the path of the app you're running (process.mainModule.filename) with the "data" directory and the actual name of the doc you're reading (products.json). 2) process.mainModule.filename (back to top...) path.dirname(process.mainModule.filename),( - again, a repeat of something we've gone over before. This is the tip of a glorious iceberg that helps the system identify the URL / path of the application you're currently running. It's a combo of "path.join" and this syntax which results in the complete path of the doc you're getting ready to read. 3) readFile (back to top...) - we've gone over this command before. This is a Node command that allows you to read a file that's sitting in your system as opposed to something that's in a web-based directory. 4) return JSON.parse(fileContent); (back to top...) return JSON.parse(fileContent) - right now, you've got some text and you need to convert that into a JavaScript object. You do that with JSON.parse C) Callback - The Sequel Also, as a quick "pop the hood" kind of moment: What is a "callback?" This was covered to a certain extent earlier, however... JavaScript is "asynchronous." That means that while the code is being read by the system in the manner that you would expect, as far as it being processed top to bottom, it doesn't wait for a function to wait before it moves on to the next block of code. In some cases, that's good because you want to keep things moving. But it can also be a problem if the next block of code depends on a result that's coming from the previous piece of syntax. In other words, if you're going down the line and you suddenly enounter a function that is expecting something that has yet to be calculated by a chunk of code that has yet to finish running, you're going to have a problem. That's where "callback" becomes so helpful and, in some instances, so necessary. In addition to what we've talked about beforehand, know this:

• Callbacks in JavaScript are functions that are passed as arguments to other functions.
• Callbacks enforce the order of how a particular piece of syntax operates
• You will hear people refer to a function as a "callback" if it's something that will obviously take a moment to finish.

Now, let's take a look at what we've got with this exercise and take it apart. 1) inner function (back to top...) Here's what we had and what we're going to use now: static fetchAll() { const p = path.join( path.dirname(process.mainModule.filename), "data", "products.json" ); fs.readFile(p, (err, fileContent) => { if (err) { return[]; } return JSON.parse(fileContent); }); } There are two things going on here that are worth mentioning. First, fs.readFile is, by default a "callback." Remember, fs is the "File System" module within Node. readFile is a function within that module that's going to take some time to process, hence it is a "callback." In addition, fs.readFile is a function within a function and is therefore referred to as an "inner function." Having an "inner function" is not a big deal, but in this case it's problematic because everything that's being returned is coming from the inner function. That's fine, but we're calling fetchAll and because you don't have a "return" that corresponds to that particular part of the function, nothing's being returned. So, here's how we fix all of this... What we started with is on the left and what we have now with the callback is on the right. Remember, the initial problem is that you've got a callback as an inner function that's not returning anything. To remedy that problem, we're going to accept a function as an argument that will now return something - be it an empty array or an actual result. Either way, we're going to have something our code can measure as far as it's length. That's our Model. Let's look at the way we're now calling this from our Controller. The Model is now expecting a function (cb). That's how we're dictating the flow of how things are going to be processed. Before, "products" was coming up empty because it was tied to an inner function that was a callback. As a result, the system had already asked for "products" before "products" could be gauged. Now, we're structuring things in a way where "products" is going to be defined by either an empty array or JSON.parse(fileContent). To visualize it, think of it this way: When you've got cb([]);, what you actually have is: [] => { res.render('shop', { prods: [], pageTitle: 'Shop', path: '/', hasProducts: products.length > 0, activeShop: true, productCSS: true }); ...and when you don't have an "err," you've got this: JSON.parse(fileContent) => { res.render('shop', { prods: JSON.parse(fileContent), pageTitle: 'Shop', path: '/', hasProducts: products.length > 0, activeShop: true, productCSS: true }); When you're looking at this function: products => { res.render('shop', { prods: products, pageTitle: 'Shop', path: '/', hasProducts: products.length > 0, activeShop: true, productCSS: true }); ...it's tempting to see products as the name of the function. It isn't. It's an anonymous function and "products" is actually your argument. So, when you hit the "products.js" model file and you see "cb(something...)," what you're seeing is the above function and "products" is really nothing more than a placeholder. In this example, it's going to be either "[]" or "JSON.parse(fileContent). The bottom line is that entire function is expecting "something" in the place of the "products" variable. A) Helper Function (back to top...) The first thing we're doing is adding a Helper Function. For those of you who don't know what a Helper Function is, it looks like this: A Helper Function is going to "assist" another function. Here's a basic example: What you're doing here is basically building on the foundation established by another function. You can see that dynamic played out with helper(5). The helper function, rather than returning a generic result, actually returns the help function with a little extra syntax thrown in. While this particular example is so simplistic that the "helper" dynamic doesn't seem to be that much of a "help," imagine if the help function was extremely complex. At that point, the helper becomes a real Godsend in the way you can add some incremental elements without having to reproduce the entire help function from scratch. The reason this is significant is because our current code in our Model has some redundancies. In other words, you've got some repetition and when you have that, you want to do some refactoring so it's more streamlined. Not just from the standpoint of aesthetics, but it becomes much easier to troubleshoot for the guy coming after you. Our current code is on the left and our "new and improved" code is on the right: When you compare the original with the new and improved, a couple of things stand out. we establish the "p" constant as a global variable so it doesn't have to be declared and defined every time it's used. Before we move on in our assessment of how things compare before and after the "helper" function is being used, remember that the function expression being passed to the fetchAll function is actually defined in our controller. So, when you see "cb" in this context, don't be confused by the absence of: products => { res.render("shop", { prods: products, pageTitle: "Shop", path: "/", hasProducts: products.length > 0, activeShop: true, productCSS: true }); That's in the "products.js" (controller) file. This is our "helper" function. This is what was introduced as a way to streamline our code and avoid what would otherwise be some redundancy. The "helper" function is now assuming all of what was originally happeing in your fetchAll function which looked like this: static fetchAll(cb) { const p = path.join( path.dirname(process.mainModule.filename), "data", "products.json" ); fs.readFile(p, (err, fileContent) => { if (err) { return cb([]); } cb(JSON.parse(fileContent)); }); } Now, it looks like this: static fetchAll(cb) { getProductsFromFile(cb); } Head out to the Captain's Log for more info. We're using the same stuff that we did before, only we're passing a slightly different expression into our callback. Take a look at the two expressions as they're presented side by side so you can better appreciate and understand the differences. The key to understanding this is to remember that "products" is a variable. If you try to process it as the name of a function, it will throw you off. The way that this is being interjected looks like this: // here's your expression... (products) => { products.push(this); fs.writeFile(p, JSON.stringify(products), err => { console.log(err); }); } A) Add a Route (back to top...) We're going to start by adding some additional pages. First thing, then, is going to be adding some additional routes. Here's an example: router.get("/orders", shopController.getOrders); So, the URL is going to be "/orders." Then you've got the "shop.js" file located in the "Controllers" directory and we're looking for a method called, "getOrders." B) Add a Method to the Controller (back to top...) Cake and Ice Cream, baby! This is your "getOrders" method that's going to render the "shop/orders" view. The code passes the path and the pageTitle as variables into the View directory. The system understands the above as the "orders.js" file located in the "view/shop" directory. C) Basic HTML vs Content (callback review) (back to top...) 1) Basic HTML (back to top...) Let's revisit the "product-list.js" file in the "views/shop" directory. That content is coming from the "getProducts" method in the "shop.js" controller. If "product-list.js" was nothing but basic HTML, the "getProducts" method would look something like this: exports.getProducts = (req, res, next) => { res.render("shop/orders", { path: "/orders", pageTitle: "Your Orders" }); That's what we just did in the previous section. But we're not doing just HTMLs. Instead, we're grabbing our content from the "products.json" file. All of that content is being retrieved through the "products.js" file in the "models" directory. 2) Dynamic Content (back to top...) Here's the router that's dictating the content of our user's page based on the path they've selected... router.get("/products", shopController.getProducts); a) Controller (back to top...) That's going to trigger the "product.js" file in the Controller directory and it's going to hit the "getProducts" method which looks like this: const Product = require("../models/product"); exports.getProducts = (req, res, next) => { Product.fetchAll(products => { res.render("shop/product-list", { prods: products, pageTitle: "All Products", path: "/products" }); }); }; Notice the "product.js" file in the "models" directory referenced at the top. Notice also the way in which everything that's in bold is a function that's being passed into the "fetchAll" method as an argument. That, by definition, is a callback. static fetchAll(cb) { getProductsFromFile(cb); } The "cb" is the function: products => { res.render("shop/product-list", { prods: products, pageTitle: "All Products", path: "/products" }); } Remember, this is an anonymous function written in the ES6 format. Normally, it would be written like this: function(products) => { res.render("shop/product-list", { prods: products, pageTitle: "All Products", path: "/products" }); } This is so incredibly important, it has to be put in its own text box! Our fetchAll method is passing that function into the getProductsFromFile method. const getProductsFromFile = cb => { fs.readFile(p, (err, fileContent) => { if (err) { return cb([]); } cb(JSON.parse(fileContent)); }); }; What's in bold is the (products) variable. b) View (back to top...) Here's where it really starts making sense: Thanks to this: function(products) => { res.render("shop/product-list", { prods: products, pageTitle: "All Products", path: "/products" }); } ...and the way that it was positioned as a callback, "products" is now a bonafide value that is now being read into the "shop/product-list" view file... Notice how it's looking for "products...?" <% if(prods.length>0) { %> Again, refer to the Captain's Log page to get a refresher. A) Add Button (back to top...) To add the Detail Button, we'll go into your "product-list.ejs" file in the Views directory and do this: The <%=product.id %> element is going to come from what represents a "new and improved" way of creating an ID for every product we add. That's going to look like this... B) Add ID (back to top...) To add an ID to our existing product, we'll do this in the "products.js" file in the "models" directory: We defined all of the basic elements in the context of our constructor. Now we'll ad the Math.random().toString() piece to what is the "products" variable and that's how we'll save our stuff to what will be a more elaborate "products.json" file. It now looks like this: [ { "id": "7747", "title": "Muscular Christianity", "imageUrl": "http://muscularchristianityonline.com/forum/wp-content/uploads/2017/04/book_display.jpg", "description": "A great workout program!", "price": "10.99" } ] With the "id" in place, we now have the ability to display a specific file and that's what the <%=product.id %> syntax is carrying! C) Retrieve ID (back to top...) 1) The Order of Your Routes (back to top...) Here's what you're going to add to your routes.js file: router.get('/products:productID'); Notice the ":productID" part. That's your dynamic content. That's what you're going to use to retrieve the value that will show up in that space. One thing to keep in mind is that you want to position this route correctly. The system reads things top to bottom. If you place ":productID" at the top, your page won't be routed appropriately. For example, if you did this: router.get('/products:productID'); router.get('/products/delete'); ...you would never fire "/products/delete" because the system would treat the dynamic content as "delete" so you would never get to that point. That being the case, you always want to put your dynamic content last. A) The Controller (back to top...) Here's the code you're using in the Controller... exports.getProduct = (req, res, next) => { const prodId = req.params.productId; Product.findById(prodId, product => { console.log(product); }); res.redirect("/"); }; The new element is the "findById" method. You've got two arguments: One is the "prodId," which we've already retrieved and then we've got a function we're passing in as a callback. Basically, what we're doing with the callback is just publishing all of our info about the product on to the console. B) The Model (back to top...) Here's the code as it's being drafted in the Model... static findById(id, cb) { getProductsFromFile(products => { const product = products.find(p => p.id === id); cb(product); }); } What's in bold is an abbreviated IF statement. That's something you want to be aware of. Also, in findById, you've got two parameters; an id and a callback. And then you're passing a function as a parameter into the getProductsFromFile function, so you've got a couple of dynamics working siumultaneously. The getProductsFromFile looks like this: const getProductsFromFile = cb => { fs.readFile(p, (err, fileContent) => { if (err) { return cb([]); } cb(JSON.parse(fileContent)); }); }; That structure is going to return all of the data that corresponds to every product that's in the "products.json" file. So, now "products" as it's documented in the method is being "mined" by this: const product = products.find(p => p.id === id); ...and const product becomes the array that corresponds to the id that we intitially grabbed and all that is being posted to the console with: Product.findById(prodId, product => { console.log(product); }); C) The View (back to top...) Here's what we're going to use in our Controller to trigger and display the "product-detail.ejs" file for our View: exports.getProduct = (req, res, next) => { const prodId = req.params.productId; Product.findById(prodId, product => { res.render("shop/product-detail", { product: product, pageTitle: product.title, path: "/products" }); }); }; The product variable is now a full fledged array loaded with data pertaining to the product represented by the product id in the URL. All of that is coming from... static findById(id, cb) { getProductsFromFile(products => { const product = products.find(p => p.id === id); cb(product); }); } ...in our Model. We pass the "pageTitle" and "path" like we did with the other views and we're gold! We've gone over how we're going to facilitate the "Product Detail" page by including the "id" in the URL so we can grab that and then display the corresponding product appropriately. Now we need to so something similar when we add a product to the Cart. To do that, you need to think of two scenarios:

• one where you're including the "add to cart" button as part of a list of products
• the other where you're on the product detail page and you're only looking at one product

Here's how you're going to pull those two situations off... A) Add to Cart (back to top...) To add an item to the cart, you're going to "post" the ID of that product to the "cart" page. That being the case, it's going to look like this: 1) The View (back to top...) We'll start with the View. Here's how we're going to capture the ID of the product we're getting ready to add to the Cart... <form action="/cart" method="POST"> <button class="btn">Add to Cart</button> <input type="hidden" name="productId" value="<%=product.id %>" /> </form> Look at the "action." We're posting our data to the "cart" page, so let's set up your route... 2) The Route (back to top...) "/cart" is our route, so... router.post("/cart", shopController.postCart); ...and then we'll need a Controller and a method called "postCart." We don't have those built yet, but that's going to be the flow, so let's set up those elements in our Controller now. 3) The Controller (back to top...) We were flying by the seat of your pants a moment ago and just naming the Controller, knowing that we were going to need one. So, we're in the "shop.js" file and we're going to add a method called, "postCart." Here's how that's going to look: exports.postCart = (req, res, next) => { const prodId = req.body.productId; console.log(prodId); // for training purposes res.redirect("/cart"); }; This line: const prodId = req.body.productId; is what we use when we're wanting to grab some data that's being "posted" to a page. "productId" is this form that we just set up in our View a moment ago. <form action="/cart" method="POST"> <button class="btn">Add to Cart</button> <input type="hidden" name="productId" value="<%=product.id %>" /> </form> B) Add to Cart as an Include (back to top...) You can use the above code throughout your app by positioning it as an include. So, we'll add: <form action="/cart" method="POST"> <button class="btn">Add to Cart</button> <input type="hidden" name="productId" value="<%=product.id %>" /> </form> ...to our "product-list.ejs," "product-detail.ejs" and the "index.ejs" pages. One thing to keep in mind... When we assert this code as an include - like this: <%- include('../includes/add-to-cart', {product: product})%> We've got remain congnizant of the fact that an include doesn't pick up the "product" object like we can when we're writing straight code in the context of a loop. So, this: ...will work just fine. However, when we attempt to use our "include" dynamic like this: ...will not work. Reason being is that because you're using an include, the "product" object doesn't get passed into the "include" automatically. You have to pass the "product" object into the include as an object. You'll get a "product is not defined" error message. To remedy that, you need to adjust your "include" syntax by passing your "product" object in as an argument like this: <%- include('../includes/add-to-cart', {product: product})%>, Now you're gold! A) Laying Down Some Basics (back to top...) To get our new "Cart" model up and running, let's review some basics. 1) const fs (back to top...) First of all, we're going to import our "fs" object as well as our "file path." const fs = require("fs"); // the "file system" object is something that's part of Node. Click here for review 2) const p (back to top...) Now, bring in your "path" object. Again, this is from the Node library. const path = require("path"); Now define that path so that it's pointing to your "cart.json" file. const p = path.join( // we're copying this syntax from our "product.js" model path.dirname(process.mainModule.filename), "data", "cart.json" // new data file ); B) Adding a Product to Your Cart (exploded view) (back to top...) 1) err -> callback (back to top...) static addProduct(id) { //fetch the previous cart fs.readFile(p, (err, fileContent) => { if(!err) { cart = JSON.parse(fileContent); } }); } We've gone through callbacks now, so we can better recognize the format of what we've got above. In this first line, you've got "readFile" and then you're passing a callback after the "p" (path) argument. This is "stock" Node, so there's no real cause for concern, as far as how you're going to code this because it's pretty standard. The first part is the "err," which stands for "error." In this instance, it will indicate whether or not we have a "cart" already in place. Now, let's get serious... 2) fetching, analyzing, adding -> exploded view (back to top...) Here's our "addProduct" method broken down and explained in its various parts. Be aware of the "find" function as well as the "spread operator." fs.readFile(p, (err, fileContent) => { let cart = { products: [], totalPrice: 0 }; if (!err) { cart = JSON.parse(fileContent); } With this first piece of the method, you're reading the "cart.json" file which is represented by the "p" which was defined earlier on the page as the path to the "cart.json" file. let cart = { products:[], totalPrice:0 } is the "cart.json" file if there's an error, which will be triggered if there is no file. At that point, "cart" will be that object consisting of the "products array" property and the "totalPrice" property. If there is no error - if there is a "cart.json" file - then we'll invoke the JSON.parse method which will convert whatever it is we're looking at into a JSON object which we can then read for the sake of functionality we'll need down the road. you're setting up a variable called "existingProductIndex" and we're going to loop through all of the products in the current "products" array and see if the product id number of the resource we're getting ready to add to our cart already exists. If it does, we'll get the "index" or the specific location within the array that the product id exists. i) find function (back to top...) Before we get into the "findIndex" function, here's the JavaScript "find" function. It looks like this: var array1 = [5, 12, 8, 130, 44]; var found = array1.find(function(element) { return element > 10; }); console.log(found); // expected output: 12 We're writing "function(element)" as an arrow function so the way this is going to be broken down is akin to this: for(products as prod) { if(prod.id=id) { //we've got a match } else { //undefined... } } Now, given that background, ES6 allows you to write the same kind of thing with less code. Let's take a look at it in the context of needing to find, not just if the value exists, but where specifically does the value show up in the array. In other words, what is the index of the value in the current array. That code is going to look like this: let arr = ['a','b','c']; arr.findIndex(k => k=='b'); // 1 Don't be too distracted by the syntax itself. Just know what's happening and what's being returned. const existingProduct = cart.products[existingProductIndex]; - with the correct index identified, we can now hone in on the precise product in the "cart.json" file that we're getting ready to edit if that is, in fact, the product that has been selected. set up a new variable representing the updated cart. Not only do you have an id and a description etc., you also have a "quantity" property. That brings us to something called the "spread operator." ii) spread operator (back to top...) We're going to use the next generation (ES6) spread operator to create a new object with all the same properties as an already existing object. You can click on the aforementioned link or on the "Captain's Log" graphic to get some more detail. updatedProduct.qty = updatedProduct.qty + 1; - we've got an "existing product." In other words, the product the user has clicked on already exists in the "cart.json" file. In order to update that, we started by creating a copy of the "existingProduct" array which is the array of elements corresponding to the productId of the product the user just selected. By using the "spread operator," we've got a copy of that array, as far as the indexes and the values. Now we're going to update the "qty" index of that array by 1. cart.products = [...cart.products]; cart.products[existingProductIndex] = updatedProduct; We created a copy of the "existingProduct" array in order to update it. Now we're going to create a copy of the entire "cart" array so we can update it with the new products array that's just been updated. iii) concatenate array (ES6 using spread operator) (back to top...) updatedProduct = { id: id, qty: 1 }; cart.products = [...cart.products, updatedProduct]; We're now looking at a scenario where there wasn't a product in the "cart.json" file that matched the product the user clicked on. So, we're going to establish a new "updatedProduct" object with an id property and a qty property. Then we're going to use the spread operator again to create a copy of the "cart.products" object (which is an array). We're going to update that array with the values represented by the "updatedProduct" object. When you get to cart.products = [...cart.products, updatedProduct];, you're using the "spread operator" to duplicate the structure of the current products array which is the first property in your cart object. You're then using the ES6 version of array concatenation to update all of the values in the "cart.products" array to whatever you have in the "updatedProduct" array. Your "cart" object consists of two properties: The first one is "products" which is an empty array that has two values in it: "id" and "quantity." The second property is "totalPrice" which has a value of 0. The "price" and "id" of the product being added to the cart is represented by the two arguments coming in as part of the overarching "addProduct" method. cart.totalPrice = cart.totalPrice + +productPrice; fs.writeFile(p, JSON.stringify(cart), err => { console.log(err); }); We're now finished processing the two scenarios we're going to contend with and we're wrapping up now by updating the "totalPrice" which is coming to us from the original method: static addProduct(id, productPrice) ...and the "cart" object that's been edited in the context of the "products" object / array. The part that you see in bold is a change that we made to the "productPrice" variable so it doesn't get processed as a string. We finish by writing to the "cart.json" file the new information as it's been processed by the "addProduct" method! We're going to set things up in such a way where we can edit our products. A) Router (back to top...) Start by setting up our route knowing that we're going to have some dynamic content involved, hence the semicolon: router.get("/edit-product/:productId", adminController.getEditProduct); B) Controller (back to top...) 1) "Edit" Query Parameter (back to top...) we're setting up a constant that will capture that part of the URL that designates it as an "edit" route. The actual URL is going to look something like this: admin/edit-product/7747?edit=true "req.query.edit" is grabbing the "edit" parameter. This is our "query parameter." And just for the sake of correct verbiage...

• "query" is an object that we have available to us through Express
• "edit" is our key. That's the piece that we're actually looking for and the value corresponding to that key is what will determine how things will be processed

if the "edit" value is either nonexistent or it returns false, then the user is redirected to the index page. Otherwise you're routed to the "edit-product" view. C) View (back to top...) Our "view" is already established for the most part having copied "add-product.ejs" and made it "edit-product.ejs" and then burning our ships and eliminating "add-product" altogether. The one thing we're going to add now, however, is a little "IF" clause that will capture the "editing" variable that's being passed to our view via the Controller. I'm talking about this: editing: editMode Now, when we get to the View, we've got this little gem that's going to display the right button... <button class="btn" type="submit"><% if (editing) { %> Update Product<% } else { %> Add Product <% } %></button> Cool! A) Controller (back to top...) Most of what you see above has already been covered. The material that rates further explanation / reinforcement is below. the "productId" is the variable that we established in our route: router.get("/edit-product/:productId", adminController.getEditProduct); "Product" is our model which we referenced earlier on the page. We're grabbing the "findById" method and passing two arguments into the function. One being the "prodId," the other being a callback that captures the array of data corresponding to our "prodId" that we're going to retrieve thanks to the "findById" method. Let's take another look at that "callback" anomaly. Here's the "findById" method: static findById(id, cb) { getProductsFromFile(products => { const product = products.find(p => p.id === id); cb(product); }); } You'll notice that it is also incorporating a "callback" dynamic as far as the "getProductsFromFile" method. That looks like this: const getProductsFromFile = cb => { fs.readFile(p, (err, fileContent) => { if (err) { return cb([]); } cb(JSON.parse(fileContent)); }); }; So, in a couple of sentences: You hit findById and you've got the id of your product and the function that's going to feed your view as a callback. getProductsFromFile is a constant that fires code that returns the contents of the file referenced by the "p" path as "products." The next line of that coce sets up "product" as the variable that will store the info pertaining to the selected product id (id) and that information will be the argument that feeds into the findById's callback which is the code that feeds the view. And that's that! using some dynamic content to dictate the flow of the page - whether we're adding a product or editing one using <%= to render the elements located in the "product" array being served to us by our findById method in our "product.js" model using some dynamic content to define whether or now we're adding a product or editing one. A) product.ejs (back to top...) This is pretty easy. All you're going to do is use EJS to write... <a href="/admin/edit-product/<%=product.id%>?edit=true" class="btn">Edit</a> That will do the trick! A) Router (back to top...) In no particular order, here's how our router is going to look: router.post("/edit-product", adminController.postEditProduct); We're not having to worry about any dynamic content in the route since everything is going to be "posted." Let's take a look at what your Controller is going to do. B) Controller (back to top...) You're going to start by capturing all of your incoming posted data. That's going to include the "prod.id" value which we incorporated into our "edit-product.ejs" file with this: <% if(editing) { %> <input type="hidden" name="productId" value="<%=product.id %>"> <% } %> Next, you're going to utilize the functionality represented in the "products.js" model file (located in the "models" directory). You have a class called "Product" and with this one line of code you're instantiating a new Product object with all of the data (prodId, Title, etc) matching the constructs in the "save" method (we'll look at all that detail in a moment). calling the "save" method that's now associated with the "updatedProduct" object which is an instance of the "Product" class. redirecting to the "admin/products" page after you're all done where you're going to see the results of the edits you just made. C) Model (back to top...) Here's the Product Class along with the "save" method. "exports" is something that shows up everywhere. For the sake of making sure we've got a comprehensive appreciation for what that term means, know that it's just a very efficient way of bundling up all the functionality on that one page and delivering it in one, tight little package. Click here for more information. 1) construct You've instantiated a new Class and you have within that class a series of constructs. A constructor is something you've seen before in PHP. It's not an uncommon thing at all. A "constructor" is a digital mechanism that's used to create variables that can be used by all the methods within that Class. Click on the "Captain's Log" graphic to the right to see it in more detail. Bottom line: You're populating those constructs with the variables that are coming from form fields. Bear in mind that on your Controller, you instantiated the Class. You've done more than create a variable containing an array of information. updatedProduct.save(); is an instance of the Product Class, so you can now use it to call the "save" method. Pretty cool, actually, in that you're not only calling the "save" method, but you're also populating those constructs with some practical data. So you've called the "save" method. You've populated the previous constructs with data and that's going to be handy in just a minute when you use "prod.id" to determine whether or not you're adding a product or updating one. But before we get to that, let's pause and appreciate the flow of the syntax in general. Right out of the chute you're invoking the functionality attached to the "getProductsFromFile" const. That looks like this: const getProductsFromFile = cb => { fs.readFile(p, (err, fileContent) => { if (err) { return cb([]); } cb(JSON.parse(fileContent)); }); }; That's going to replace the "products" variable I've got highlighted in bold with either a blank array or the parsed content coming from the path leading to the "products.json" file. if(this.id) - we're using this to determine the flow of the "save" method. If there's an id present (because of the id that's coming from the form), then we're going to be in "edit" mode. Otherwise, we're adding a new product. findIndex is a JavaScript code that's going to return the first index in an array that matches the search criteria. Click here for more information. we're using the spread operator to create an "edit-able" copy of the "products" array that's been returned by the "getProductsFromFile" method. We've talked about this before and you can review it by clicking here. after having created an "edit-able" version of the "products" array and specifying which specific record within that array we want to target (existingProductIndex), we replace it with this which is going to be all of the info we gathered with the initial constructs. And that's that! A) Router (back to top...) Time to get rid of a product, both from the "product.json" file and the "cart.json" file. First, let's set up our route... router.post("/delete-product", adminController.postDeleteProduct); Since we're "posting," we won't need to concern ourselves with any dynamic content in the route. BTW: When we write our routes, fact is, we've already constructed some of the Controller which is why you'll see that piece already documented. Here's the Controller: B) Controller (back to top...) exports.postDeleteProduct = (req, res, next) => { const prodId = req.body.productId; Product.deleteById(prodId); res.redirect("/admin/products"); }; Pretty straight forward. We're grabbing our product id and sending that as "prodId" to the "deleteById" method in the "product.js" file in the "models" directory. C) Model (back to top...) We've got two "models" to consider in that we're deleting a product from the "products.json" file and the "cart.json" file. 1) product.js (back to top...) Here we go: "static" means that we're calling the method on the Class itself rather than an instance of the Class. In "postEditProduct," for example, you see "save" being called on the const, "updatedProduct" which is an instance of the "Product" class... With the "static" dynamic, we don't have to instantiate the Class, we can call it from the Controller with Product.deleteById(prodId);. Click here for more info. again, we've got a callback. With getProductsFromFile, you're going to be reading from fs.readFile(p, (err, fileContent) and then dropping the results of that file into the "products" variable. Whether it's "find" or "filter" or "findIndex," know that this piece: prod=>prod.id===id; ...conceptually is the same as this: for (products as prod) { if (prod.id === id) { //we've got a match return prod; } } return undefined; One thing to keep in mind is the difference between "==" and "===." As a quick aside, you'll never see a single "=" in JavaScript. It'll never happen. But as far as the difference between "==" and "===," it boils down to one word: explicit. "===" is going to look for an equivalent in the context of both the value and the data type. So, if you have "1" as an integer and "1" as a string, "===" will return a value of "false." On the other hand, "1" as an integer compared to "1" as an integer will return "true." "==" doesn't care about datatype. "1" as an integer compared to "1" as a string will return "true." Click here for more information. with "filter," you're creating a new array with all of the elements that satisfy the specified condition. In this case, you're creating an array with all of the products that DON'T have the posted product id. write to the "product.JSON" file the new group of products sans the resource with the id that was posted. if you don't have an error, we're going to now delete that product from the Cart 1) cart.js (back to top...) Here's your "deleteFileById" method in the "cart.js" file: using the spread operator on the JSON.parse(fileContent). A little different than what we've encountered up to this point, but it works because the "JSON.parse" command is going to convert the "cart.json" file, which by definition is a string, into a JavaScript object which is going to be a collection of key / value pairs. At that point, you'll be able to read it! you're using "find" which is going to find the first element in your array that matches the specified criteria. It differs from "findIndex" in that you're returning an array whereas "findIndex" is simply going to return the index. Click here to learn more. A) Router (back to top...) Your router piece is already in place, but for the sake of review it looks like this: router.get("/cart", shopController.getCart); B) Controller (back to top...) Your Controller is a litte more involved just because you've got two callbacks in quick succession... you're calling "getCart" from your "cart" model which is going to replace the highlighted cart variable with the parsed result of the "cart.json" file here you're calling the "fetchAll" method from you "products" model which is going to replace the highlighted products variable with the contents of the "products.json" file establish an empty array called "cartProducts." That's going to be the digital container that will hold all of the data that's currently in our cart here's where the magic begins. You're doing a "for" loop where you're indentifying which of the products in the database are actually in your cart. "product" in the "for product piece could be named anything. It just needs to be consistent because "product" is going to be holding all of the key / value pairs that make up that particular product in the database. In other words, "id," "description," "title" can now be retrieved as "product.id," product.description" etc. your "cart.json" file looks like this: Conseqently, when you call cart.products, remember to make the distinction between the "products" object that's coming from your "products.json" file and the situation here where it's one of the keys in your "cart.json" file. On this line you're locating the product id in the "products.json" file that corresponds to the product id in the "cart.json" file. With that info, you can retrieve the quantity of the product that was ordered. with this "IF" clause, you can grab all of the product info from the "product.json" file based on the fact that the product id in the "cart.json" file matches something in the "product.json" file. If there's a match, you'll "push" all of the product data coming from the "product.json" file that corresponds to the matching product id to the "productData" key value and the quantity ordered will be "pushed" to the "qty" key value. A) Router (back to top...) router.post("cart/delete-item", shopControler.postCartDeleteProduct); B) Controller (back to top...) grab the incoming product id you position "Cart.deleteProduct" as a callback because otherwise JavaScript will start processing that function without first securing the needed information from the "cart.json" file that corresponds to the incoming prodId. That's how you're going to be able to adjust the total price tag after you've made your changes. C) Model Fix (slight bug repair to the "deleteProductd" function) (back to top...) The "deleteProduct" function had one bug in it that needed to be repaired. The changes that were made are highlighted in yellow... The reason this change was needed is because up to this point we were coding assuming that there was a product in the Cart. That may not always be the case, however. Consequently, you need what's highlighted above in order to avoid an error when the code goes to delete a product that's not in the Cart. A) SQL (back to top...) While this is familiar, let's just go over some basic terms and concepts...

• SQL - stands for Structured Query Language
• tables are set up in a way where there is a "relational" dynamic between them in terms of
  • one to one
  • one to many
  • many to many

B) NoSQL (back to top...) NoSql is different from SQL in ways that are illustrated according to the graphic below:

• different terminology
  • "tables" are called "collections"
  • "records" (rows) are called "documents"
• no consistent schema - if you look at the graphic above, you'll notice that you have don't have the same "column names" for every document. It can, and often does, vary.
• not relational - whereas in SQL, you'll have a "foreign key" that you an use to connect different tables based on a shared characteristic, with NoSql, you simply have duplicate data

C) Differences and Advantages (back to top...) The bottom line is and the nature of your queries. 1) ACID (back to top...) SQL Databases are based on the RDBMS system (Relational Database Management System) which is defined by the relational dynamic referred to earlier. One term that you'll hear when talking about the "essence" SQL databases is ACID which stands for Atomicity, Consistency, Isolation and Durability. Here's a great explanation from stackoverflow: If you could take all of that and boil it down to one sentence it would be "all or nothing." Your query is going to work completely for fail entirely. NoSql tends to be a little more flexible because you've got duplicate data and the absence of relationships that have to be intact in order for you query to succeed. 2) Scalability (back to top...) In addition, you have the issue of scalability. An table in an open source SQL database can handle (roughly) one million rows. An enterprise level SQL server can handle (roughly) fifty million rows. A NoSql database can handle hundreds of millions of rows and the reason for that is scalability. "Scalability" is the process by which your server is expanded to handle more traffic / data. Imagine a truck hauling a trailer. As that trailer gets bigger and heavier, with SQL server, you're going to make your engine bigger. With NoSql, you're going to add another truck. Here's a "graphic" summary of the differences: A) Installing MySql Package (back to top...) Install the mysql package by entering this on your terminal: Now your app can use and understand a MySql paradigm! 1) MySql Workbench Notes (back to top...) Downloading MySql Workbench is pretty intuitive.

• you don't need an account. When you get to that place that asks you to either login or set up an account, just click on the link that says, "No thanks, just start my download.
• you'll want the "custom" installation where you can select just the server and the workbench. Should you go with some of the other options, you'll inevitably get a version that's designed to work in conjuction with Visual Studio and that can be a problem if you don't have the correct version of VS. Just go with the server and the workbench

B) Establishing Database Connection (back to top...) The first thing you're going to do is import the "mysql2" package and store it in a "const." We'll do that by creating a new file called "database.js" and storing it in our "utility" directory. The code will look like this: here you're importing the "mysql2" pacakge into that application and storing it in the "mysql" const "connection pooling" is a process by which a bunch of connections are made available so that you're not having to initialize and authenticate a new database connection every time one is needed. The default number of connections that are created right out of the box is 10, but you can adjust that with a simple line of code (see image to the right). a "promise" is similar to an IF / ELSE scenario where you're running a callback and proceeding based on the success of that callback. If something goes south, with the "catch" dynamic, you have an error handler by default. Click here for more information. Notice you've got all of your database credentials in place. After all that is documented, you export your database pool with the attached "promised" dynamic and you're set. To make this available in a "global" context, you'll write this in your "app.js" file: const db = require("./utility/database"); BOOM! C) Creating a Table (back to top...) This is a pretty intuitve process, as far as setting up a table in MySql Workbench, but... ...the fields going across the top of the above graphic: PK -> Primary Key NN -> Not Null UQ -> Unique Index (your Id needs to be unique) B -> Is Binary Column UN -> Unsigned Data Type ZF -> fill up that column with zeroes if that column is numeric AI -> Auto Increment G -> Generated Column For your "id" field, you'll need to have: PK NN UQ UN (you don't want any negative integers) AI ...and that will take care of your Primary Key. Everything else as far as "title" etc. is pretty intuitive. D) SELECT Statement (back to top...) Thus far we've imported the "mysql" package into our app with const db = require("./utility/database"); and that, of course, references the "database.js" file in the "utility" directory, we're now ready to start drawing from the "node-complete" database for our product information. The way this is going to look is this: db.execute('SELECT * FROM products') .then(result => { console.log(result[0], result[1]); }) .catch(err => { console.log(err); }); The results of your SELECT are coming back to you in the context of a Promise with two nested arrays contained within your "next" element. Those two arrays look like this: The first array is pretty obvious, as far as it being the information about the products in the table. The second array is information about the table itself and you can learn more about that by clicking here. We're going to structure our SELECT statement in a way that incorporates the "promise" dynamic we discussed earlier. This is an "IF / ELSE" scenario that handles a callback in a way that's both elegant and easy to understand and provides a "catch" scenario so we've got the ability to handle errors by default. The "result" comes back as an array which we can display in the console in a way that's a little more organized than what it would be otherwise by specifying the index. The second array isn't necessary, but it's good to know for the sake of theory. Here's the way it's going to show up in practice... 1) Model (back to top...) static fetchAll() { return db.execute("SELECT * FROM products"); } Pretty straight forward... Now, here's our Controller: 2) Controller (back to top...) exports.getIndex = (req, res, next) => { Product.fetchAll() .then(([rows]) => { res.render("shop/index", { prods: rows, pageTitle: "Shop", path: "/" }); }) .catch(err => console.log(err)); }; BOOM! E) INSERT Statement 1) Model (back to top...) It's pretty impressive on how the actual code that you're going to use is a lot less cumbersome. Here's our Controller code: save() { return db.execute( "INSERT INTO products (title, price, description, imageUrl) VALUES (?, ?, ?, ?)", [this.title, this.price, this.description, this.imageUrl] ); } We're using "?" so as to avoid any chance of SQL Injection. Everything else is pretty streamlined. Don't forget to "return" the result of your executed statement .You'll need that for your "then" object (see below). Otherwise, you'll an error message that says, "then" is not defined. 2) Controller (back to top...) Very similiar to what we had before, we're just introducing our Promise with the "save" function. exports.postAddProduct = (req, res, next) => { const title = req.body.title; const description = req.body.description; const imageUrl = req.body.imageUrl; const price = req.body.price; const product = new Product(null, title, imageUrl, description, price); product .save() .then(() => { res.redirect("/"); }) .catch(err => console.log(err)); }; Do you smell that? That's the aroma of excellence! E) View Details (back to top...) Here's how you're going to view the details of a particular product using SQL... 1) Model Here's your Model: static findById(id) { return db.execute("SELECT * FROM products WHERE products.id = ?", [id]); } 2) Controller Here's your Controller: exports.getProduct = (req, res, next) => { const prodId = req.params.productId; Product.findById(prodId) .then(([product]) => { res.render("shop/product-detail", { product: product[0], // here's how you limit what's returned to the first array as opposed to the "FieldData" that's also going to be included pageTitle: "product.title", path: "/products" }); }) .catch(err => console.log(err)); }; A) Definition (back to top...) Basically, "Sequelize" is a third party package that allows you to write and retrieve SQL statements as JavaScript objects. See graphic below: The basic idea behind Sequelize looks like this: B) Connecting to Database (back to top...) Start by installing the Sequelize package: BTW: MySql needs to be installed. In this case, we've already done that, but note to self! Sequelize is going to do a lot of what we did with our initial MySql connection setup, but it will do it automatically. For example, it will set up the connection pool. Again, it's less code, yet you're writing more syntax. Here's the code for the connection: const Sequelize = require('sequelize'); const sequelize = new Sequelize('node-complete', 'root', '', { dialect: 'mysql', host: 'localhost' }); module.exports = sequelize; C) Defining a Model (back to top...) We're in our "product.js" model file and we're going to write this: For more info about Sequelize datatypes, click here. Once you've got that table / Model defined, you write this in your app.js file: const sequelize = require("./utility/database"); sequelize .sync() // this command here is going to build your table based on the model you defined in your "product.js" file .then(result => { console.listen(3000); }) .catch(err => { console.log(err); }); When you run start up your app, you'll see in your console based on the above code: Notice the additional columns: "createdAt" and "updatedAt" that we get by default. Pretty cool... D) Creating and Inserting a Product (back to top...) On our "admin.js" file, here's the "before" and "after" code for adding a product given the fact that we're not using Sequelize as opposed to straight MySql. D) Retrieving Products (back to top...) We're just going to use the Sequelize "findAll" function that comes with Sequelize right out of the box. It will look like this: exports.getProducts = (req, res, next) => { Product.findAll() .then(products => { // you can name "products" anything you want res.render("shop/index", { prods: products, pageTitle: "Shop", path: "/" }); }) .catch(err => { console.log(err); }); }; E) Retrieving One Product (back to top...) 1) findByPk (back to top...) There are two ways to retrieve an individual product. One is with "findByPk..." exports.getProduct = (req, res, next) => { const prodId = req.params.productId; Product.findByPk(prodId) .then(product => { // instead of .then(([product]) res.render("shop/product-detail", { product: product, // instead of product[0] pageTitle: "product.title", path: "/products" }); }) .catch(err => console.log(err)); }; It's almost the same code that we were using before with the exception of "findByPk" and also we're not getting any nested arrays back as a result, just one array. 2) where: { id: prodId } (back to top...) exports.getProduct = (req, res, next) => { const prodId = req.params.productId; Product.findAll({ where: { id: prodId } }) .then(products => { // indexed array res.render("shop/product-detail", { product: products[0], // indexed array pageTitle: "products[0].title", path: "/products" }); }) You're getting an indexed array so you have to document / retrieve it as such. F) Editing a Product (back to top...) Here's how you're going to edit a product using Sequelize: G) Deleting a Product (back to top...) Here's how you delete a product: Pretty straight forward! H) Adding a One to Many Relationship (back to top...) We've set up a User model and that's going to be created or at least confirmed when we first hit the app.js file. To establish relationships (or Associations as its called in Sequelize) like what you've got in SQL, you do it like this: simply us referening and the "product" and the "user" models here we're defining the relationships between the "Product" and the "User" tables. We're stating that the user creates the products in the products table. with this, we're "forcing" the syncronization of the two tables. This way, if a user is deleted, all of the products associated with that user will be deleted as well. What's great about this approach is that when the app fires up, the "products" table, which would not be touched if there were already products documented, but because we've got the sync({ force: true }) in place, that table will be made from scratch AND will include a new "user_id" field. H) Adding a Dummy User (back to top...) To add a "dummy" user, you're going to add this to your "app.js" file: sequelize //.sync({ force: true }) .sync() .then(result => { return User.findByPk(1);// looking to see if there's anything in the user table }) .then(user => { if (!user) { "user" is coming from your User model where the "user" variable is defined User.create({ name: "Bruce", email: "bruce@brucegust.com" }); // new user is created if nothing exists } return user; // you're going to return your result instead of introducing another promise }) .then(user => { // here's your last "promise." If everything is either added or recognized, then we'll log it in our console console.log(user); app.listen(3000); }) .catch(err => { console.log(err); }); 1) Establishing User as Part of the Request Object (back to top...) By making our user a part of the "request" object, we've got access to a Sequelize object with all of the corresponding information throughout our app. It's kind of like a convenient session variable. Here's how you do it and to refresh your memory about "Middleware," click here app.use((req, res, next) => { User.findByPk(1) // because this is middleware, it will run after your "sequelize" command finishes and establishe the database connection etc .then(user => { req.user = user; // here is where you're associating your "user" from the above "findByPk" function with the "req" (request) object next(); // here you include the "next" element so your code is allowed to continue }) .catch(err => { console.log(err); }); }); I) Using Magic Methods To add a product, you need to change things a little bit just because you now have the extra "user_id" column. To do that, you would simply code this: exports.postAddProduct = (req, res, next) => { const title = req.body.title; const description = req.body.description; const imageUrl = req.body.imageUrl; const price = req.body.price; Product.create({ title: title, price: price, imageUrl: imageUrl, description: description, userId: req.user.id }) .then(result => { //console.log(result); console.log("Created Product!"); res.redirect("/admin/products"); }) .catch(err => { console.log(err); }); }; That's it! But with Sequelize, you have a more streamlined and elegant way to pull this off just because of the way the Associations within Sequelize are set up. It looks like this: exports.getEditProduct = (req, res, next) => { const editMode = req.query.edit; if (!editMode) { return res.redirect("/"); } const prodId = req.params.productId; req.user // grab user thing .getProducts({ where: { id: prodId } }) // here's your new code and then you just string your "then's" afterwards like you did before .then(products => { const product = products[0]; // you need to grab the first indexed array if (!product) { return res.redirect("/"); } res.render("admin/edit-product", { pageTitle: "Edit Product", path: "/admin/edit-product", editing: editMode, product: product }); }) .catch(err => { console.log(err); }); }; We're going to change our "getProducts" on the "admin.js" page a little bit by limiting the displayed products to the ones that correspond to the user id... exports.getProducts = (req, res, next) => { req.user .getProducts() .then(products => { res.render("admin/products", { prods: products, pageTitle: "Admin Products", path: "/admin/products" }); }) .catch(err => { console.log(err); }); }; J) One to Many & Many to Many Relationships (back to top...) We're going to start from scratch, as far as the "cart.js" file. Here's the original code: Here's what we have now: What you're doing her is adding a couple new tables and defining the relationship between them. import the new models as they're documented in the "models" directory A single product can show up in multiple carts and a single cart can have multiple products. To link these two tables together, you establish a "through" dynamic that identifies the model that holds data from both tables and, in so doing, links them together. In this instance, that table is the "cartitems" table which is the "CartItem" model. K) Creating and Fetching a Cart (back to top...) 1) Create Cart (back to top...) With the highlighed code, we're creating an empty, but neverthless present "cart" for the user. If you don't have some kind of cart, your code will return an "undefined" when you go to the Cart page. You don't want that... Now that you've got your "cart" model, here's how you would retrieve the contents of that cart. 2) Retrieve Cart (back to top...) "getCart" is understood by Sequelize as a special kind of method that's in place because of the associations we put in place that exist between the "user" and the "cart" tables. this is one of the "magic methods" that Sequelize provides based on the relationship that exists between the "cart" and the "products" table... Cart.belongsToMany(Product, { through: CartItem }); One thing to keep in mind is that the above code is actually cart.getProducts().then... Click here for more information. BTW: The "magic" is happening when you code things like cart.getProducts(). Otherwise, you're going to be referencing the "getProducts" method that was originally written earlier (you can see that by recognizing the fact that the other "getProducts" is rendering the "Shop" page). L) Adding Products to the Cart (back to top...) 1) Adding a Brand New Product (back to top...) To add a brand new product to the cart, we're going to change things to the Sequelize dynamic and that's going to look like this: shop.js... we're going to set up a variable that will hold the current cart information. What follows is what we were looking at in the previous example. provided we have a "cart" based on "req.user.getCart," we'll store the results of that query in "fetchedCart." Again, the reason this works is because of what you have in your "app.js" file, specifically the way you have your tables / relationships set up between the "cart" and the "products" table: Cart.belongsToMany(Product, { through: CartItem }); ...as a result, return cart.getProducts({ where: { id: prodId } }); is processed as a SELECT with an INNER JOIN on "prodId." A couple of important things about tables / queries: When you set up your model for a table, regardless of how you define your table, it will automaticaly be named according to the plural version of that model name... // disable the modification of table names; By default, sequelize will automatically // transform all passed model names (first parameter of define) into plural. // if you don't want that, set the following freezeTableName: true, Click here to see that in the Sequelize documentation. What we're doing with this particular line of code we're looking to see if the product the user has selected is already in the cart. if our cart.getProducts query is successful, then were going to set up a "product" variable" and store the results of the query in that variable. put the first part of the products array into the "product" variable grabbing the product id of the product that has been selected by the shopper. provided we get a result from the previous SELECT (findByPK), we'll prime the pump for what the next line of code where we'll enter in the new product into the database another Magic Method that allows us to insert into the appropriate table last part of the INSERT statement that establishes the last field which is "quantity." The "cart" table will be populated with the user_id and the product id, but this last step is what populates the "quantity" field. cart.ejs... You don't need any "productData" anymore. That's the array the previous round of code was having to drill down into to get the right value. 1) Adding an Existing Product (back to top...) you can see the SELECT that's being triggered by going to the console. Here's what it looks like: Executing (default): SELECT `id`, `quantity`, `createdAt`, `updatedAt`, `cartId`, `productId` FROM `cartItems` AS `cartItem` WHERE `cartItem`.`cartId` = 1 AND `cartIte`.`productId` IN (1); the "then" block based on the successful completion of the previous function. In this case, it's the successful retrieval of the cart that's associated with this user. if we've got a cart for this user, then we're going to store the first indexed array of the returned result in a variable called "product." This is going to be the actual product info you've got in the cart that matched the product id of the resource the user clicked on. if you've got a match, you're going to store the current "quantity" in the database that corresponds to this product id in a const called, "oldQuantity" and that's going to be accessed by "product.cartItem.quantity." You're going to add "1" to that value and then "return." That's the end of what amounts to an "IF" clause. if the previous block of code didn't get "returned," then you're at this point where you're going to return the product information that corresponds to the posted product id. you're either adding new product info or you're updating what's currently in the database. And it does that all by itself! Here's the code that's being run based on the IF statement that qualifies things as being either a new product or simply updating what's already there: Executing (default): UPDATE `cartItems` SET `quantity`=?,`updatedAt`=? WHERE `cartId` = ? AND `productId` = ? And this is all a result of Magic Methods! M) Deleting Products From the Cart (back to top...) To delete a product from the Cart, it's pretty straight forward... you're getting this from the hidden field "productId" getting your cart using Magic Method that's based on your userId retrieving the products from the product table that coincide with the posted product id provided you've got a successful query, we're grabbing the first part of the returned "products" array. Once we've got access to that piece, we're "destroying" the element that goes along with the "cartItem" dynamic which is going to be your productId N) Adding an Order (back to top...) We've got a Cart, now let's set things up in a way where we can view and delete orders. 1) Setting up Model (back to top...) First thing you're going to do is set up your Model and the appropriate relationships. You'll need "order.js..." ...and "order-item.js..." Absolutely no big deal. Now, let's look at our "app.js" file and consider the relationships: First, you'll import the actual model: const Order = require("./models/order"); const OrderItem = require("./models/order-item"); ...and then you'll define their relationships. Order.belongsTo(User); // each order has only one user User.hasMany(Order); // a user can conceivably have many orders Order.belongsToMany(Product, { through: OrderItem }); // one order can have many products and it's the "order-item" table that has the column headings that provide the "link" between those two tables 1) Setting up Router and Controller (back to top...) Here's your router: router.post("/create-order", shopController.postOrder); Your Controller looks like this: get all of the products in the current cart that correspond to the current user upon successful completion of the "cart / products " query, we now move all of the items in the cart to the "order" and "order-items" table. because of the relationship that exists between the order table and the user, we can create a new order by referencing the user id. when you do a console.log(product), you get this: Notice that the "quantity" field then we're needing in the "cart-item" field is referenced as "cart-item" and not the actual quantity value. Because of that we need to do a little calculation for every value in our array. For that, we'll use map - a function we have available to us in JavaScript. now that we've got the cartItem value, we can plug it in as the "quantity" value Once that's in place, while it won't show up on our "order" page, it will show up in our console as a completed order. Yay! O) Resetting the Cart and Outputting Orders (back to top...) 1) Reset the Cart (back to top...) After you post the order from the "cart" to the "order" table, you want to reset the Cart so it's empty. You do that by using this code: .then(result => { return fetchedCart.setProducts(null); }) This will clean out the "cart-item" table. You'll still have your user in the "cart" table. 2) Router Error (back to top...) At one point, I got this error: It was referring to a route that didn't have a corresponding Controller. I had deleted a superflous route in the Controller, but left the same route in the router. That will throw an error! Once I delete the route in the route.js file, it was all good! 3) Outputting Orders (back to top...) When you output products, based on the Magic Methods available through Sequelize, you get this: Because of the relationship between the "products" table and the "orders" table: Order.belongsToMany(Product, { through: OrderItem }); Your product info is going to be represented by a multi-dimensional array and you're not going to be able to access it without something called, "Eager Loading." It sounds technical, but it's just a term used to describe a comprehensive approach to loading data. Here's a good explanation: In this case, "eager loading" is going to be looping through every "products" array that occurs. And that's what you have with "orders.ejs:" And that's it! A) Basics (back to top...) 1) BSON (back to top...) Here's the way data is stored in Mongo (think JSON): BSON stands for "Binary JSON." It can hold embedded documents (multi-dimensional arrays), objects and all kinds of things... 2) Relationships (back to top...) What makes Mongo quicker is that you're only retrieving the data you need. Because of it being "schema-less," you're not having to grab all of the information that might otherwise be stored in a table. Also, your relationships are less involved because you're not obligated to create JOINS every time you're needing some info because you could very well have all the info you need in a particular document without having to go all over the database to get what you need. 3) Installation (back to top...) You'll go out to the Mongo website and

• sign up for a free account
• sign up for a free "Atlas" database
• add a user that can read and write to the database. You won't sign up for a database administrator, you'll just want to read and write to your tables
• add an IP address, make it your local IP address since you're just working on a local application
• once it's finished setting up, now you'll install your driver

Once that's in place, you write npm install --save mongo db to install the MongoDB driver. 4) Connection (back to top...) You've got your package and your driver installed, now you need to set up your connection and you'll use your "database.js" file to do that. Here's how that file looks: import the MongoDB package extract the MongoClient constructor from the MongoDB package using an arrow function and a callback to retrive the database connection this is the connection info that you'll copy from the Mongo website when you click on the "connect" button in the "cluster" tab (see image to the right) i) Connection Pool (back to top...) We're going to alter things a bit in order to accommodate something called the "Connection Pool." You've seen this before with MySql and Sequelize. Here's the altered "database.js" code: establish a new variable called "_db" within the MongoClient string, you've got a "db" object which is the name of the database itself. In this case, it's "shop. You can read more about this element by clicking here. you're invoking your callback just like you did before. But you're not passing an argument this time. "throw" is a way in which you customize your errors ES6 Arrow Function without any argument "throw" is something JavaScript offers as a way in which you can customize errors. Click on the "Captain's Log" graphic to the right to see more information about errors as far as how to customize them and how to interpret them when generated by the system. whereas before you had only one method with which you could connect to the database, now you have two. The first one connects to the database, the second one stores that connection. B) Using Database Connection (back to top...) Now that we've got a database connection happening, let's use it! Let's start with the "products.js" Model... 1) products.js (back to top...) Pretty intuitive at this point. Now, here's your Controller 2) admin.js (back to top...) The first part of your "Product" class in your Model looks like this: class Product { constructor(title, price, description, imageUrl) { this.title = title; this.price = price; this.description = description; this.imageUrl = imageUrl; } We're "feeding" those entities with the first part of our code here in our Controller. Here's your "save" functionality on your "products.js" Model: save() { const db = getDb(); //grab your connection return db .collection("products") //choose / establish your collection .insertOne(this) // grabbing the data coming in via the constrcutors .then(result => { console.log(result); }) .catch(err => { console.log(err); }); } } Pretty straight forward...! Right now, you can't see the new product in our application, however, you can see evidence of it having been added in our console... C) Mongo DB Compass (back to top...) Download Mongo Compass by heading out to https://www.mongodb.com/download-center/compass?jmp=hero Once the installer has finished downloading, you'll find the actual ".exe" file in the "C:\Program Files (x86)\MongoDB Compass Installer" directory. Once you've got the app open, you'll now need to connect to your database. To do that, you'll go out to the Mongo webpage where you have your Clusters and click on "Connect." At that point, you'll then click on "Connect with MongoDB Compass" (see image to the right). Answer the questions and then click on the link they provide. If your Compass app is open when you do this, you'll get a prompt that says it "senses" a connnection. Click "yes" and several fields will be populated automatically. Enter your password and then you'll be able to see your database. Click on the "products" collection and you'll see the product you just entered. Cool! D) Retrieving Products (back to top...) 1) Model static fetchAll() { const db = getDb(); //grab your connection return db .collection("products") .find() // you can add parameters like {title: "A great title"} to qualify your search .toArray() // reserved for smaller bits of information .then(products => { console.log(products); return products; }) .catch(err => { console.log(err); }); } ...and here's your Controller: 2) Controller exports.getProducts = (req, res, next) => { Product.fetchAll() // make sure you're referring to the proper method (fetchAll) .then(products => { res.render("shop/product-list", { prods: products, pageTitle: "All Products", path: "/products" }); }) .catch(err => { console.log(err); }); }; Adjust your routes and you're good to go! This works because you didn't change any property names. E) Fetching a Single Product (back to top...) 1) Cursor (back to top...) A cursor is a starting point in a database. A regular SELECT is going to retrieve all of your results and throw it in a table. A cursor is going to "point" to your results and wait for the system to ask for them before they make them available for display. Of course, that's a little inefficient so Mongo makes a compromise and offers the first 101 results by default. In this example, you're going to want to reign in the whole "cursor" dynamic by letting it know you only want one row. We do that with the "next" functionality. All that's going to do is advance the cursor one row and stop. In this case, that's the one and only row that we want. Not that there's any more rows to consider, but that's how you hone in on the one row that's needed in the case of wanting to retrieve a single row. 2) ObjectId (back to top...) Mongo's Id field (_id) - the "Primary Key," so to speak - is represented by the ObjectId. In order to compare that to other variables, you need to introduce the "mongodb" package that will transform your strings into something that can be "understood." For example... In this part of our Controller, we've got this: .find({ _id: prodId }) This won't work because the "_id" field is part of the "ObjectId" dynamic and won't be processed as a string. Hence, the "prodId," doesn't have a chance of being accurately compared to any value in the database. To solve that malady, we do this: .find({ _id: new mongodb.ObjectId(prodId) }) Now, we have a winner! Here's our Model: 3) Model (back to top...) ...and here's our Controller: 4) Controller (back to top...) ONE IMPORTANT NOTE: Our "prodID," both in the "index.ejs" and the "product-list.ejs" file needs to be altered, as far as the "product.id" value to now be the "product._id" value! F) Editing a Product (back to top...) While we can view a single product now for the sake of the product details, now we need to do the same kind of thing from an administrative standpoint so we can edit that product. Here we go: Here's your new Controller with the changes highlighted: 1) Controller (Product Display) (back to top...) Beforehand we were using Sequelize and basing our retrieval on the "user" object, so it looked like this: req.user .getProducts({ where: {id: prodId }) .then(products => { const product = products[0]; Now, we're simply doing a query according to our Mongo database protocol. Everything else is going to be the same, pretty much. Although we do want to make sure that our "id" in our View is documented now as "_id." Also, the "findById" is something we looked at earlier. That will do it, as far as being able to display the product. 2) Controller (Product Edit) (back to top...) here's where we're getting our values from what's been posted positioning the values we want to pass into our Model in the proper order we don't have to convert our prodId value just yet. We'll do that in our Model 3) Model (Product Edit) (back to top...) Here's your Model: you're going to need the "mongodb" package for the sake of the "mongodb.ObjectId" piece. your constructor! Notice the the order of your properties / values are in the same order as your Controller! here's where you do your conversion from you incoming prodId as a string to a Mongo object. Again, click here for a review. looking to see if the "_id" value / variable is present. If it is, then you're go into "edit" mode. If not, you're in "insert" mode. your basic Mongo update code G) Deleting a Product (back to top...) 1) Model (back to top...) This is getting easier! Here's your Model: grab you database connection standard Mongo delete function. You can read about this and other CRUD operations by referring to the Mongo docs. 2) Controller (back to top...) Your Controller is similar to what you had before with the exception of the way you retrieve the prodId: exports.postDeleteProduct = (req, res, next) => { const prodId = req.body.productId; Product.deleteById(prodId) .then(result => { console.log("product is deleted"); res.redirect("/admin/products"); }) .catch(err => { console.log(err); }); }; Be sure to reinstate your "delete-product" routes and you'll be set! H) Ternary "IF" Change on save() (back to top...) After deleting the one product that we had, an issue with adding a product surfaced and it was because of the way we positioned our "this._if" dynamic. Initially, we had things set up like this: Because of the way we had originally set things up, "this._id" was always processed as a value of some kind. Even an "empty" value can be converted to a Mongo Object. By introducing the ternary "IF" statement, we can now return a legitimate "null" value and now have our processes routed correctly so we can insert a new product. I) Adding a User (back to top...) To add a user, you'll first add a new collection in your Mongo database using the "Compass" application. Then you'll go ahead an manually enter a user, just for the sake of drill. Now, let's set up some syntax that looks for a particular user right after the app spins up. 1) Model (user.js) (back to top...) Here's the Model. Pretty straight forward... a ternary IF statement that assigns the "._id" property with a value if one is being passed in as an argument. Otherwise, it's assigned a "null" value you can use this code: .find({ _id: new ObjectId(userId) }) .next(); ...but if you know you're only going to return one row, "findOne" works just fine In both instances, though, be mindful of the fact that you've converted your incoming value, which is arriving as a string, into a Mongo object - a datatype that Mongo can understand. 2) Controller (app.js) (back to top...) Since we're going for what amounts to a "global" variable here, we're using "app.js" as our Controller. Here's how it looks: app.use((req, res, next) => { User.findById("5cd4670dd87e8f06e4411b6d") .then(user => { req.user = user; console.log(user); next(); }) .catch(err => { console.log(err); }); }); We're just "finding" one that we know to be in existence. The part that is highlighted represents the "user" object. We've got access to every piece of info that's cataloged in our database that belongs to that user. That will come to bear in just a minute. J) Adding a Product w/ User (back to top...) We're now going to edit our "add product" code to include a user id so we can know what user added the product in question. Here's our Controller: 1) Controller (admin.js) (back to top...) The highlighted portion shows us including the id of the user (which is a string at this point) is being thrown into the stream of what will be intercepted as a series of properties / constructs in our Model. Remember, "req.user_.id" is coming from our "app.js" file: app.use((req, res, next) => { User.findById("5cd4670dd87e8f06e4411b6d") .then(user => { req.user = user; console.log(user); next(); }) .catch(err => { console.log(err); }); }); Granted, we just went over that, but it bears repeating... 2) Model (product.js) (back to top...) This is an abbreviated version of what the new "product.js" file looks like, but all that's needed to be acknowledged as something new is what you see highlighted in yellow... class Product { constructor(title, price, description, imageUrl, id, userId) { this.title = title; this.price = price; this.description = description; this.imageUrl = imageUrl; this._id = id ? new mongodb.ObjectId(id) : null; this.userId = userId; Basically, we're just grabbing the incoming userId and adding as a property in our Constructor. Perfect. We don't have to set up a new field in the "products" collection. Just run the code and it's all good! K) Cart Items & Orders (back to top...) Right out of the chute, let's go ahead and establish that our Cart is based on the User object. That said, let's take a look at the User Model (user.js): 1) User Model (user.js) (back to top...) const updatedCart is an object that holds a property called "items." "items" is an array that holds only one object. That object contains all of the properties contained in the incoming "product" object and then, using the "spread operator," we're overwriting and / or adding the property of "quantity" and its corresponding value of "1." One thing: You can use an alternative way to look to see if the current cart is anywhere in the "users" table... const CartProduct = this.cart.items.findIndex(cp => { return cp._id === product._id; }); this.cart.items refers to the "items" that's a part of the "cart" array. "findIndex" is a JavaScript function that's going to evaluate every item in the "items" array. "cp" represents the products in the "items" array. If "cp._id equals the current product id, then it will return "true." We'll get into that more later, but just be aware of that for now. you're going to update the "cart" value in the "users" collection to the info we've got now assembled in the "updatedCart" object. To do that, you're going to start by grabbing your database connection (getDb) and then focusing on the "users" collection. At that point, you're now going to "updateOne" row that belongs to the row matching the user id that we've got coming into our Class({_id: new ObjectId(this._id)},) and then "setting" ($set) the cart value to the "updatedCart" object. 2) app.js (add more substance to "req.user") (back to top...) initially, when you were using req.user = user; in our "app.js" file, we had this: app.use((req, res, next) => { User.findById("5cd4670dd87e8f06e4411b6d") .then(user => { req.user = user; console.log(user); next(); }) .catch(err => { console.log(err); }); }); When you looked at the output of "console.log(user)," you had this: That's exactly what you should be getting, However, if you were to pump that data as arguments to our "user" class, you could get more database than just the name and the email address. So, now we've got this: This works! Although, when you take a look at the document that's now in our "users" collection, you'll see all of the product data which is somewhat redundant. To do that, we'll change this: const updatedCart = { items: [{ ...product, quantity: 1 }] }; ...to this: items: [{ productId: new ObjectId(product._id), quantity: 1 }] So, instead of bringing the all of the properties belonging to the "product" object to bear, we'll just grab the "_id." L) Storing Multiple Items in the Cart (back to top...) Here's our code now: as has been mentioned before, you're using "findIndex" method which will return the index of the element in the array that matches whatever criteria you specify. you're going to return whatever index ([0], [1], etc) that matches the id of the item being added to the cart. You're also using "toString" in order to ensure that you're comparing apples to apples. The "product._id" is going to be that weird BSON nonsense. establishing a default quantity value creating a duplicate copy of the properties and values belonging to the current cart if the "cartProductIndex" is greater than or equal to zero, we've got a product in our cart that matches the item we're getting ready to add establishing the new quantity value by adding "1" to the current quantity value attaching that new quantity value to the appropriate row in the cart rowset using "push" to add what is now known as a new item to the cart to the existing cart using the Mongo method of "updateOne" to update the current row in the database or to add a new row to the collection M) Displaying Cart (back to top...) To display the cart, we're going into our "users.js" model file and doing this: Before we break this down, let's take a look at the highlighted code because that represents our target. db.collection('products')... We're doing a SELECT of all of the products. But we only want those products that in our user's cart, so we do a "find" and base our "search criteria" on the productIds that we have in our current cart. That's where the Mongo "find" method comes into play. We want to find all of the products in the "products" collection that match the productIds in our current Cart. Part of what makes this "SELECT" a little different is that we're not just looking for one "_id," we want all of the "_id" values that match all of the "productIds" in the Cart and that's where "$in" comes in handy. It's very similiar to the SQL "in" syntax. It's going to evaluate an array of elements - in this case, productIds - and return the matching values as an array. So, that's what we need in place to evaluate. We need an array of all of the productIds that are in our current cart and that's where we start with ❶ ... the JavaScript map method creates a new array with the results of calling a function for every array element. Here's we're taking "items," which is the object in our "user" collection that corresponds to our current user, and returning the productId of every product that's in that array. >return db.collection('products').find({_id: {$in: productIds}}).toArray() - this is the main machine that we commented on a moment ago. We're taking the "productIds" constant that we built in the previous line and using that as a filter via the "$in" dynamic and then, with the "inArray" method, we're converting that result to an array. we've got a cursor pointing to our "products" collection that's comprised of all the products that match what's in our cart. Now, we've got to take those results and attach the appropriate quantity to each one. to attach the appropriate quantity values to each of our products, we use "map" to execute a function on every member of our array which we represent with the letter "p." We start by exacting the "spread operator" on our product array and add a new "product" quantity. That value has to be attached to the correct product in our products array which is the products we have in our cart. That's why... return products.map(p => { return { ...p, quantity: this.cart.items.find(i => { return i.productId.toString() === p._id.toString(); }).quantity }; }) works! "find" is a built in JavaScript function that's going to look at all of the items in the cart and match the product in the product database to the product in the cart. In the end we have the product, but it's the last piece - the ".quantity" part - that we want and that's what we grab to add to our product listing in the Cart. One quick bug fix: Redirect the user to the "cart" after adding an item to the Cart... N) Deleting Cart Items (back to top...) Here's our "user.js" Model file: this.cart.items.filter... First off, just for the sake of review - "this.cart.items." That's coming from your constructor at the top of your Class. In your "app.js" file, you're importing the "User" model and there's a method that's a part of establishing the session user... app.use((req, res, next) => { User.findById("5cd4670dd87e8f06e4411b6d") .then(user => { //req.user = user; req.user = new User(user.name, user.email, user.cart, user._id); /*the reason this is different is because you're invoking the User class which is going to respond with ALL of the info that it is going to retrieve rather than just the info coming from "findById"*/ //console.log(req.user.email); next(); }) .catch(err => { console.log(err); }); }); If the user has added anything to the Cart, that info is going to be a part of the user's class. "items" is going to be an object with two parameters: productId and quantity: productId: new ObjectId(product._id), quantity: newQuantity // line 31-32 from the "user.js" file The "filter" function is something that we've discussed before that's available through regular JavaScript. It's going to filter out all of the items that match the defined criteria. In this case, we're getting all of the items that DON'T match the productId we want to delete. These are the two parameters that we've asserted into our typical Mongo "update" code." { _id: new ObjectId(this._id) }, { $set: { cart: { items: updatedCartItems } } } ); The first is the "productId," which qualifies which document we're actually targeting. The second parameter starts with the "$set" character. IT's updating the "cart" object and specifically highlighting the "items" object that's a part of the cart. And that's how it gets done! O) Adding an Order (back to top...) 1) users.js (model) (back to top...) I'm establishing my database connection you'll need to return the result of the "then" block so your controller has a result to publish. That part of the Controller looks like this: exports.getOrders = (req, res, next) => { req.user .getOrders() .then(orders => { res.render("shop/orders", { path: "/orders", pageTitle: "Your Orders", orders: orders }); }) .catch(err => console.log(err)); }; In addition, the result of the "getCart" is going to be all of the data that's coming from the "getCart" method which includes the productId and the quantity. You'll throw that in the "items" object and then populate the user object with the properties and values coming from the stored user id. Like this... "const order = { }" - when you see that, know that what's positioned between the two curly braces is an "object." An object, by definition, is a collection of properties and values, although you can have an object within an object as well. You see that here. In this case, "items" is a property and "products" is your value, which in this example, just happens to be an array. "user" is an object with the properties being "_id," "name" and "email" and the values being what's coming from the the properties and values that came from the constructor at the top of the class: class User { constructor(username, email, cart, id) { this.name = username; this.email = email; this.cart = cart; // {items: []} this._id = id; } the "return" that you used with was for the sake of your Controller so it had something to display. This "return" is just a part of your typical Mongo insertion syntax. this "then" block is happening in the case that the first "then" block was completed successfully. In this case what's happening is your emptying the items that correspond to this user's cart as well as the cart items that were documented in the "users" table. 2) shop.js (controller) (back to top...) exports.postOrder = (req, res, next) => { req.user .addOrder() .then(result => { res.redirect("/orders"); }) .catch(err => { console.log(err); }); }; This is really straight forward. You're grabbing the "addOrder" method as per the current user object, doing what needs to be done and then, based on a positive result, sending the user to the "orders" page. A) ORM vs ODM (back to top...) ORM stands for "Object Relational Mapping Library." ODM stands for "Object Document Mapping Library." The bottom line is that Mongoose is to Mongo what Sequelize is to SQL. You're able to interact with you database a lot more efficiently in that you're not having to write as much code. B) Installing Mongoose and Connecting to the Database (back to top...) 1) Install Mongoose (back to top...) First of all, you can access the Mongoose docs by heading out to https://mongoosejs.com/docs/guide.html. You install Mongoose like this: 2) Using Mongoose to Connect to the Database (back to top...) Mongoose takes care of your connection in a very convenient way! This is the code you use in your "app.js" file! mongoose .connect( '"mongodb+srv://brucegust:M1ch3ll3@brucegust-qhxnz.mongodb.net/test?retryWrites=true' ) .then(result => { app.listen(3000); }) .catch(err => { console.log(err); }); C) Creating the Schema (back to top...) Mongo is "schema-less!" So why do we kick things off with a schema? Because it's a good starting point. Plus, it can be overriden, although in the example below you'll see how we made all of our fields required. That can't be overriden. Still, we get some flexibility that's worth a mild compromise that we're making by establishing these fields as required. This is the "product.js" model... D) Save a Product (back to top...) Here's what your "admin.js" Controller. Notice that we're not needing a Model! You'll see that explanation at ! you're using pretty much the same code as you were with straight Mongo with the exception of using a JavaScript object here at "new Product." You're just hooking things up as key / value pairs. the "save" function, here, is something that's coming from Mongoose and not a separate function that you're having to call from a Model and a Mongo function listed separately. E) Fetch All Products (back to top...) Again, we don't have to concern ourselves with a Model. This is the "shop.js" Controller... One example of just how cool Mongoose can be. The code is pretty much the same, but instead of having to rely on a Mongoose based method in the Model, we can just use the Mongoose "find()" function. F) Fetch A Single Product (back to top...) This, again, is real easy given the fact that "findById" is actually a Mongoose function so all we need to do is adjust the "shop.js" Controller. exports.getProduct = (req, res, next) => { const prodId = req.params.productId; Product.findById(prodId) .then(product => { res.render("shop/product-detail", { product: product, pageTitle: product.title, path: "/products" }); }) .catch(err => console.log(err)); }; G) Edit A Product (back to top...) Again, just the Controller! This is "admin.js..." H) Delete A Product (back to top...) To delete a product, again, all you'll need is the "admin.js" Controller since the "product.js" Model is nothing more than the schema, but... ...it's documented in the context of a Mongoose which is what all of this stuff flows as easilyl as it does. Here's your "admin.js" Controller: I) Adding and Using a User Model (back to top...) 1) user.js Model (back to top...) Here's your "user.js" Model. Notice, again, that it's just a schema. Also, notice how when we go to export this, it's module.exports = mongoose.model("User", userSchema); The "User" portion is going to be processed by Mongoose as the name of the collection, but in all lower case letters and the plural form of the word. So, the resulting table is going to be "users." 2) app.js (back to top...) So, here's our "app.js" file. Similar concept as what we were doing with Mongo, just using the "findById" method that comes with Mongoose. Later on in the same file, we assert that user just before we establish the "listen" code: you're defaulting to what amounts to nothing more than the schema at this point. "findOne" is a Mongoose function. If there's not criteria specifiefd, "findOne" will just return the first document in the collection. In this instance, if there is no user in the collection, then a new one is created. J) Using Relations in Mongoose (back to top...) Pretty straight forward and downright easy when you compare it to its Mongo counterpart! Let's start with the "product.js" Model... 2) product.js (back to top...) You're adding the highlighted column to your schema and by using the "type" and the "ref," you're automatically defining the relationship between the "users" and the "products" table. Remember a "relationship" is technically defined as an "embedded" document when you're talking about a Mongo database. You'll here "relationship," but just bear in mind that "relationship" is typically used to describe the "join" dynamic betwee two databases in a RDMBS (Relational Database Management System). Just to further break down the above. The type: Schema.Types.ObjectId could conceivably be anything, but when you include ref: "User", you're letting the Mongoose system to set up an embedded document scenario with the "users" table (module.exports = mongoose.model("User", userSchema); [from the "user.js" model). That's all you need to do! 3) admin.js (back to top...) Here's your "admin.js" file: "req.user" is coming from your "app.js" file. For the sake of review, feel free to click here to see how that's generated. Bottom line is that you have a "req.user" object generated on line #23. When you get to the bottom of the page, part of the code that establishes the database connection looks for a document in the "users" collection. If there's one there, it moves on. Understand that piece of code exists only for the sake of the app. You generate a new document only if there's nothing in the database and then you've got to hardcode the "_id" into the code on line #23. product.save is making use of the Mongoose "save" functionality that's being coupled to the "product" model / schema. K) Additional Notes for Managing Relations in Mongoose (back to top...) 1) Retrieving the Entire User Object (back to top...) When you do this: exports.getProducts = (req, res, next) => { Product.find() .then(products => { console.log(products); res.render("admin/products", { prods: products, pageTitle: "Admin Products", path: "/admin/products" }); }) .catch(err => { console.log(err); }); }; You get this: Notice the "userId." That's the only piece of the "user" data that you're going to get because that's all that's included in the "products" collection. However, if you wanted to get all of the "user" data, you could do this: exports.getProducts = (req, res, next) => { Product.find() .populate("userId") .then(products => { console.log(products); res.render("admin/products", { prods: products, pageTitle: "Admin Products", path: "/admin/products" }); }) .catch(err => { console.log(err); }); }; Now look at what you have: Now you've got all of the user data. 2) Specifying Which Data You Want to Retrieve (back to top...) You can also specify which data you want to retrieve. Like this: with .select(title price -_id"), you're limiting what's being displayed to "title" and "price" and you're also explicitly eliminating the "_id" field. with .populate("userId", "name") you're restricting the "user" object to just those two properties BOOM! L) Adding User Data to the Shopping Cart (back to top...) Now we're going to add the user's information to the cart when they order something. 1) shop.js Controller (back to top...) Here's the shop.js Controller: "return" means that you're taking an intentional left hand turn where the flow of your function is concerned. It ends the execution of a statement and specifies a value. In this case, you're getting ready to specify a value based on what comes back from the "addToCart" method. 2) user.js Model (back to top...) userSchema.methods... this is code that is understood by Mongoose as a method that's tailored for this particular Model. In this case, we're looking at the "user" model so "addToCart" is going to be referenced as such with return req.user.addToCart(product);. That's the code that we used in our "user.js" Controller. (product) is going to be the product object we passed into the method in our "user.us" controller as an argument. as has been mentioned before, you're using "findIndex to find the index of the element you're looking for which, in this case, is the "this" index of the current cart's products. if you find a matching productId, you return that value and the loop stops with the value that's being returned establish a new variabgle representing the starting point for whatever quantity value you have use the spread operator to create a duplicate of the items in your current cart object if you've got an index value greater than zero, they you increase the current quanity value by 1 and then you update the items object with the new quantity value if you're dealing with a new product, then you're going to update the "updatedCartItems" object with the new productId and quantity value up to this point, you're been working with the "items" object. You need to reposition that as a property within the "cart" object. Now you can update it correctly. M) Loading the Cart w/ Product Information (populate) (back to top...) Here's we're going to use a featuring in Mongoose called "populate." Here's your code from the "shop.js" Controller: "populate" leverages the fact that you've got an embedded "product" document in the "users" collection. It's basically used to "populate" the data within your reference. If we look at what gets logged into our console, we get this: Notice the "productId" object. See how we're getting all of our "product" information. You can see how "populate" is working. That being the case, when we go out to our "cart.ejs" file, we've got a to make a couple of changes because of how the data is being stacked. This is only part of the code. The changes have been highlighted: <% if(products.length >0) { %> <ul class="cart__item-list"> <% products.forEach(p => { %> <li class="cart__item"> <p></p><%=p.productId.title %> (<%=p.quantity%>)</p> <form action="/cart-delete-item" method="Post"> <input type="hidden" name="productId" value="<%=p.productId._id %>"> <button class="btn" type="submit">Delete</button> </form> </li> <% }) %> Now, it will fly because we've addressed the way that data is now "stacked" in the incoming recordset. N) Delete Cart Item(back to top...) Here's your code. This is going to be in the "user.js" Controller file: This is comparable to what we've done in the past as far as creating a copy of the current cart, filtering out all of the items that do NOT equal the productId of the selected item and everything that's left over is saved. O) Add Order (back to top...) First, we need to add a "user.js" for the sake of a new table. That code looks like this: 1) user collection (back to top...) Now, here's the "shop.js" Controller (we imported the new "user" model at the top of the page): We're taking everything from the current cart that corresponds to this user and creating a new object that contains that info and inserting that into our users table. This first part of the code that's in the "dotted line" box, creates a "products" object that includes all of the product data along with the correct quanities based on what's currently in the cart. First thing you're doing is populating the "orders" collection with the product information that corresponds to the products in the current cart. "populate" has been covered before with Retrieving the Entire User Object Basically, it's very similiar to a join. We're grabbing all of the product info that corresponds to the productId, "embedding" all of it into the "users" table. So, whereas before we might've had just the productId, now we have the "title," the "productId" as well as the "description" etc. Click here for more information. Bear in mind that in your "users" table, your product information will all be stored as an object that's associated with the productId value. although it may seem weird that "req.user" and "user" are the same, remember that "user" gets established when you first fire up the app in "app.js..." "req.user" gets established later... app.use((req, res, next) => { User.findById("5cddf37ccb51de2c140c3638") .then(user => { //req.user = user; req.user = user; next(); }) .catch(err => { console.log(err); }); }); The reason for this, I'm assuming, is for training purposes since there aren't any other users. But, for now, just know that the two are the same. we begin by setting up a constant called "products." "products" is going to be an object that holds two properties and their corresponding values. Map, if you remember, creates a new array with the results of calling a function for every array element. We're going through all of the "items" in our user's document in the "users" collection. It looks like this: _id: 5cddf37ccb51de2c140c3638 name: "Bruce" email:"bruce@brucegust.com" cart: Object items: Array 0: Object _id: 5ce8136eae40ce3714edeb06 productId: 5cdda90bd2b7fb230c24b6b4 quantity: 1 Notice, the "items" array. The "map" will go through every object in that array and, in this case, create an array that will then be introduced into the "orders" collection and it will look like this: The red arrow is what results from . The blue arrow is what results from: const products = user.cart.items.map(i => { return { quantity: i.quantity, product: { ...i.productId._doc } }; }); You see how it's working? The returned value is an object with a "quantity" property and a "product" property. The "quantity" property, according to the "items" object, is going to have a value of "1," and the "product" property is going to be an array of all the productd properties and values associated with the productId. There's one thing about this code that's worth looking at and that's the "_doc." This is a feature that Mongoose offers, although there's not a whole lot of documentation out there that explains it. To understand it, let's go back to the way this code was originally written. At first, we did this: const products = user.cart.items.map(i => { return { quantity: i.quantity, product: productId }; }); "productId" does, in fact, hold all of the data that's associated with that id in the user's table, but only because of the relationship that exists between the "user" and the "product" collection. When you go to the complete product profile, though, to store it into the "order" collection, you only get the productId like what you see to the right. To get to the data that's embedded, you want to use "_doc." It's going to look like this: const products = user.cart.items.map(i => { return { quantity: i.quantity, product: { ...i.productId._doc } }; }); You turn the "i.productId" entity into a JavaScript object by using the spread operator and then the "_doc" method. Now, you're able to pop the hood on the table relationships that exist between the "user" and the "product" collection and get the data you want to insert into the "cart" collection. Compare the difference between the "products" array in the first example and what you have to the right. start up a new instance of the "orders" collection. You're adding a "users" object and another object which is the "products" array. save the order clear the current cart associated with the current user object redirect the user back to the "orders" table P) Display Orders (back to top...) Pretty straight forward. Here's the "shop.js" Controller: exports.getOrders = (req, res, next) => { Order.find({ "user.userId": req.user._id }) .then(orders => { res.render("shop/orders", { path: "/orders", pageTitle: "Your Orders", orders: orders }); }) .catch(err => console.log(err)); }; ...and getOrders is an automatic method provided by Mongoose. A) Cookie Defined (back to top...) Data that's stored in the Browser - the Client Side. B) Add Login Button (back to top...) This was something I wanted to document, just because it's a quick and easy way to position a button on the far right side of the screen while simultaneously having buttons on the left side (see image to the right). Here's the CSS for the navbar: .main-header__nav { height: 100%; width: 100%; display: flex; align-items: center; justify-content: space-between; } Note the changes... And then here's the actual "navbar.js" file: B) Creating the Login Form (back to top...) 1) Create Your Route (back to top...) We're setting up a brand new route file to handle everything that can be categorized as a secure transaction between the user and the site. const rootDir = require("../utility/path"); const router = express.Router(); router.get("/login", (req, res, next) => { }); module.exports = router; 2) Register Your Route in app.js (back to top...) const authRoutes = require("./routes/auth"); ... app.use(authRoutes); 3) Create Your Controller (back to top...) exports.getLogin = (req, res, next) => { res.render("auth/login", { path: "/login", pageTitle: "Login" }); }; This is pointing to your View located in "auth/login..." 4) Create Your View (back to top...) This is "login.ejs" located in views -> auth -> login.ejs C) Creating a Cookie (back to top...) So, you can potentially create a variable that is then passed on through the rest of the app similiar to what you did with "user" in your "app.js" file: app.use((req, res, next) => { User.findById("5cddf37ccb51de2c140c3638") .then(user => { req.user = user; next(); }) .catch(err => { console.log(err); }); }); The problem, however, is two-fold. First, when you do this: exports.postLogin = (req, res, next) => { req.isLoggedIn = true; res.redirect("/"); }; ...it doesn't work because once you do a redirect, you're dealing with an entirely new "request" object. So everything you've specified previously is now dead. It works within your "app.js" dynamic because it's a global entity. There's no "redirect" in your "app.js" code that kills the "req.user" value so it remains intact. To get around that, you create a cookie and you use Express to get it done. Like this: exports.postLogin = (req, res, next) => { res.setHeader("Set-Cookie", "loggedIn=true"); res.redirect("/"); }; Notice you're not just setting a variable that will be eliminated once you do a redirect. By using res.setHeader, you're embedding info into the browser that remains intact throughout the user's session. When you adjust your "getLogin" method in your "auth.js" Controller to this: exports.getLogin = (req, res, next) => { console.log(req.get("Cookie")); res.render("auth/login", { path: "/login", pageTitle: "Login", isAuthenticated: req.isLoggedIn }); }; You see this in your console: Notice that you've got more than one Cookie we're needing, we have to streamline things a bit and we can do it like this... First of all, let's take a look at our Headers. To do that, open up your Dev Tools in Chrome. Click on any page and then do an "inspect." Open up the "Network" tab and then click on the page that you just accessed. Like this: You'll notice that you've got several cookies... To get to the value of our "loggedIn" cookie, we do this: const isLoggedIn = req .get("Cookie") .split(";")[7] .trim() .split("=")[1]; It looks complicated, but we're basically just splitting the initial "pile" of cookies to get to the one we need and then we're splitting that key / value pair so we can get to the "true" value. Now, isLoggedIn is a const with a discernible value attached to it. D) Manipulating a Cookie (Max-Age, Secure, HttpOnly) (back to top...) You can also manipulate your cookies in some useful ways. For example, you can set an expiration date / time: res.setHeader("Set-Cookie", "loggedIn=true; Max-Age=10"); You can also dictate whether or not a user can login based on if the server is secure: res.setHeader("Set-Cookie", "loggedIn=true; Secure"); Another useful metrix is "HttpOnly." res.setHeader("Set-Cookie", "loggedIn=true; HttpOnly"); This prevents any cookie info from being accessible from the browser. This is especially relevant to the prevention of "Cross Site Scripting." Click here to read more. E) Sessions (back to top...) The difference between Cookies and Sessions can be summed up by saying that your Cookies are stored in your Browser whereas your Session variables are going to be stored on the server side (backend). Also, the Session ID will be exclusive to that user. Unlike a cookie that's stored on the browser that can be manipulated, server side variables can't be impacted in the same way. We're still going to make use of the Cookie dynamic, but it will be encrypted so only the server can verify it as being authentic. F) Installing Session Middleware (back to top...) We're going to install "express-session" by running npm install --save express-session. After that, we'll introduce the following lines of code in our "app.js" file: const session = require("express-session"); ...and app.use( session({ secret: "my secret", resave: false, saveUninitialized: false }) ); To get more info about the various settings you can utilize at this point, click here. The most important setting is the "secret," which should be a long line of text. This will be used as part of your "hash" value. G) Using Session Middleware (back to top...) Now that we've got our session middleware installed, now we'll actually put it to use. The highlighted section shows how you can establish any session variable that you want, set it to "true" and you're gold! Again, this will be unique to every user and it's stored on the server side of the equation so it can't be manipulated by the user themselves. H) Using MongoDB to Store Sessions (back to top...) Now that we can create Session data, the next thing is to store it in the database. To do that, we'll use a very cool utility that Express provides called, "MongoDB Session." If you head out here, you can see the different packages that Express can use to store session variables in different types of databases. Of course, we're going to use the "MongoDB" option. To install it, we do this: 1) app.js (back to top...) Once you're got it installed, you'll first import the "MongoDB Session" package into the "app.js" page and create a new constant that holds your Mongo database connection info. Like this: this is the middleware we installed earlier that gives us the ability to set up session variables import the "MongoDB Session" package. Again, this is what allows us to store session data in a Mongo database set up a constant called "MONGODB_URI" to store your connection data. By the way, URI stands for "Uniform Resource Identifier." establishing "store" as a constant that holds the machine that will store our session variables. This is all done automatically and is too, too cool! here's where we're using our "store" constant to store the session id this isn't anything new, we just replaced the original database login info with the new MONGODB_URI constant. 2) auth.js (back to top...) Here's the code that allows you to see what's being stored in the database: exports.getLogin = (req, res, next) => { console.log(req.session.isLoggedIn); res.render("auth/login", { path: "/login", pageTitle: "Login", isAuthenticated: false }); }; exports.postLogin = (req, res, next) => { //res.setHeader("Set-Cookie", "loggedIn=true; Max-Age=10"); req.session.isLoggedIn = true; res.redirect("/"); }; ...and here's what it looks like in Compass (see image to the right): BTW: The Cookie is established automatically by Express. I) Deleting a Cookie (Logout) (back to top...) To logout, you want to create a button that triggers the Express method that "destroys" your current session. You'll do it like this... 1) nav.ejs (your button) (back to top...) Here's your button: <li class="main-header__item"> <form action="/logout" method="post"> <button type="submit">Logout</button> </form> </li> 2) auth.js (your route) (back to top...) Here's your route: router.post("/logout", authController.postLogout); 3) auth.js (your Controller) (back to top...) ...and here's your Controller: exports.postLogout = (req, res, next) => { req.session.destroy(err => { console.log(err); res.redirect("/"); }); }; J) Fixing Some Bugs (back to top...) When you don't have a valid session, you're going to run into problems. Here's how we fixed that: 1) navigation.ejs (back to top...) This is an incremental yet an important fix. We're going to limit the display of some links based on the presence of a valid session id. In other words, you have to be logged in before any of these links show up. Refer to the highlighted sections of the code below to see the changes. Now, only the admin links are displayed if the user is authenticated. Also, you don't see "logout" unless you're logged in and vice versa. You also see that with the "add to cart" buttons. 2) Display Cart (back to top...) When you went to display the Cart, you got an error that said, "req.session.user.addToCart is not a function." The reason for that error is because you no longer have a "req.session.user" like you did before. We were storing the user in the "req" object. Now, it's in the database as a session. The "store" function that we've got in the "app.js" file... app.use( session({ secret: "my secret", resave: false, saveUninitialized: false, store: store }) ); ...isn't grabbing the info that we need. To fix that, we'll do this in our "app.js" file: app.use((req, res, next) => { if (!req.session.user) { // we put this in place because if we didn't have a session id, even logging out would be a problem because this code wasn't set up to accommodate anything other than a valid session id. Now, it just "moves along" so something like logging out doesn't become a problem return next(); } User.findById(req.session.user._id) .then(user => { req.user = user; next(); }) .catch(err => console.log(err)); }); Now, if we've got a "req.session.user," we keep moving. Otherwise, we grab the user object from the database that was put in place by our "auth.js" file. Now, if we go back to our initial problem with "shop.js" file, before we were basing our method on "req.session.user." Again, that wasn't a bad thing, but we were storing our session user differently. Now, our code will look like this (this is just one example of what we had in "store.js." We had to do this throughout the app...): exports.getCart = (req, res, next) => { req.user // this used to be "req.session.user" .populate("cart.items.productId") .execPopulate() .then(user => { // console.log(req.user); const products = user.cart.items; res.render("shop/cart", { path: "/cart", pageTitle: "Your Cart", products: products, isAuthenticated: req.session.isLoggedIn }); }) .catch(err => console.log(err)); }; The order of your elements in app.js matters! This is the real world project I was tasked with building that transformed a working PHP application into a MERN app. A) Basic Setup (back to top...) To get started, I referred to the list I've got documented here. 1) app.js (back to top...) app.js: 2) start.js (route) (back to top...) Here's your "start.js" route file: The highlighted sections are what you want to pay attention to in that they're directing your basic routing to the index page and the login page which you'll qualify in the next step, as far as security is concerned. 3) start.js (controller) (back to top...) Here's your "start" controller... exports.getIndex = (req, res, next) => { res.render("index", { pageTitle: "Login", path: "/" }); }; ...and here's your "auth" controller: exports.getLogin = (req, res, next) => { res.render("login", { pageTitle: "Login", path: "/login" }); }; 4) index.ejs / login.ejs (view) (back to top...) And here's your views: index.ejs <%-include('includes/header.ejs') %> </head> <body> <%-include('includes/top.ejs') %> <%-include('includes/navigation.ejs') %> <main> Hello </main> <%-include('includes/footer.ejs') %> login.ejs B) Security (back to top...) 1) Necessary Middleware and Packages Here are your necessary packages as well as the "app.js" code that imports and registers them. a) Mongoose (back to top...) npm install --save mongoose i) app.js Here's the code that will need to be in place on your "app.js" file: const mongoose = require("mongoose"); // import the package const MONGODB_URI = "mongodb+srv://brucegust:M1ch3ll3@brucegust-qhxnz.mongodb.net/test"; // define your connection and collection mongoose .connect(MONGODB_URI) .then(result => { app.listen(3001); }) .catch(err => { console.log(err); }); // establish your connection and then "listen" on your perscribed port b) Express Session (back to top...) Here's what we'll use to create Session data... npm install --save express-session i) app.js (back to top...) In our "app.js" file, we'll import it and register it like this: this first parameter - "secret" - is the only required paramater, although you can obviously incorporate several others. Once this in place, all the requests to the app routes are now using sessions. "secret" is the only required parameter. It should be a unique string for your application. You can read more about this by clicking here. Remember, you're using this to create a session variable. The next app will actually store it in a database. That's where is coming from. c) MongoDB Session (back to top...) Now that we can create Session data, here's what we need in order to store it. npm install --save connect-mongodb-session i) app.js Here's the way it looks like in our "app.js" file... click here for a reminder on what all that was about d) bcryptjs (back to top...) npm install --save bycryptjs i) auth.js (back to top...) You'll put this in your "auth.js" controller... Once those are in place, you want to set up your users table... A) Signup Form and Insert Code (back to top...) 1) signup.ejs (back to top...) Here's the signup.ejs page: 2) auth.js (Controller) (back to top...) Here's your Controller: notice the convention of the code. By that I mean that the "ejs" file has the form action as "/signup." In order to propertly connect the dots, your Controller has to be set up as "postSignup" in order for the code to be triggered... And that's because your route looks like this: router.post('/signup', authController.postSignup); Nothing complicated, but something to be aware of nevertheless. FYI: We changed the schema of the "users" table by eliminating the "name" column. B) Encryption / bcryptjs (back to top...) To encrypt the password, start by importing the "bcryptjs" package: Once that's in place, here's how your "auth.js" Controller is going to look: import the bcryptjs package encrypt the incoming password from your form insert the newly encrypted password along with your other user data C) auth.js Controller (back to top...) Here's your login Controller (auth.js)... you had to have this "return" in place, otherwise the code just kept moving down the line and you're redirected to the login page and nothing really happens :( D) Route Protection (back to top...) 1) Using a Line by Line Approach (back to top...) If you wanted to protect a route, you could do it like this: Pretty straight forward. But if you wanted to do it this way, you would have to write this code with every route you wanted to protect. You can do it a more scaleable way using Middleware... 2) Using Middleware (back to top...) Start by creating a "middleware" folder and then adding this as an "is-auth.js" file... module.exports = (req, res, next) => { if (!req.session.isLoggedIn) { return res.redirect("/login"); } next(); }; Now, you're going to import that into your "admin" and your "shop" route pages and it will look like this: E) Understanding and Preventing CSRF Attacks (back to top...) CSRF stands for "Cross Site Request Forgery." Basically, someone makes a site that looks just like yours. They think they're interacting with your site and, in a way, they are, as far as the backend is concerned. But the frontend has them doing things they wouldn't normally do and the result can be disasterous. To prevent that from happening, we're going to use a package called, "csurf." Start by installing that... Once that's in place, you'll need to import that package using your "app.js" file. Also, you're going to incorporate something called "locals." This gives you the ability to declare your "authenticated" and your "token" variables on a global scale. Once that's in place, you'll have to go back through your site and add a hidden field to any form dynamic where a CSRF attack would be possible. For example, your "logout" button... <li class="main-header__item"> <form action="/logout" method="post"> <input type="hidden" name="_csrf" value="<%= csrfToken %>" /> <button type="submit">Logout</button> </form> </li> F) Providing User Feedback (back to top...) Right now, when a user fails to login successfully, they're redirected to a login page or an index page, but there's no feedback. To solve that we're going to use a package called, "connect-flash." 1) Import / Register it in "app.js" (back to top...) With that installed, we now import it into our "app.js" file by first storing it in a constant: const flash = require("connect-flash"); ...and then registering it AFTER the session has been defined: app.use( session({ secret: "my secret", resave: false, saveUninitialized: false, store: store }) );// after session... app.use(csrfProtection); app.use(flash()); 2) Add it to postLogin on "auth.js" Controller (back to top...) Once that's in place, we're now looking at the "auth.js" Controller: 3) Add it to the "login.ejs" View (back to top...) A) sendgrid.com (back to top...) You'll start by setting up a free account with sendgrid.com and then installing their package into your app like this: B) auth.js (back to top...) Here's the code: import nodemailer import sendgridTransport document your sendgridTransport credentials redirect to your login page first before you run your email script so you don't slow things down your actual email script BTW: The order of and is significant because if you're sending out a bunch of emails, it will slow the process down. The way things are set up here is sound. A) Resetting Passwords (back to top...) 1) reset-password.ejs (back to top...) Most of this is just a "copy and paste" from you login page with the email field omitted. this is important, obviously, and we'll come back to that in a minute 2) getReset Controller (back to top...) 3) postReset Controller (back to top...) Here's your Controller: exports.getReset = (req, res, next) => { let message = req.flash("error"); if (message.length > 0) { message = message[0]; } else { message = null; } res.render("auth/reset", { path: "/reset", pageTitle: "Reset Password", errorMessage: message }); }; Cake and ice cream... "crypto" is a library within Node.js that allows you to create uniqe and secure random values. "32" is the number of bytes. Provided everyting is working smoothly, you get a "buffer..." What's a buffer? JavaScript is a unicode friendly environment. In other words, it processes every letter in the alphabet as a number. Binary data is just one's and zeroes. Ultimately, that's how a computer processes every command, but the two don't really play well together (click here to see how a computer converts text into Binary code). While you can get into some serious detail when it comes to the definition of a "buffer," the bottom line is that you're creating a digital space for binary data that would otherwise cause your JavaScript app to blow a fuse. Transmission Control Protocol (TCP), the way data is being moved back and forth on the internet, including octet streams (attachments are usually octet-streams) need to be handled differently by JavaScript because of their Binary basis. You can read more about it here. So...you need a buffer and that's what this is. Provided it gets set up properly, you're going to take a binary value that is 32 bytes and convert that to a string using a hexadecimal dynamic. find your user according to the email address that the user entered you're adding a resetToken and a resetTokenExpiration value to the document so as to ensure a timely and secure update sending an email to the user that will include a link connecting them to a page where they can reset their password 4) getNewPassword Controller (back to top...) a) reset password link / route (back to top...) This is the link / text that was sent to the user via email: Click this <a href="localhost:3000/reset/${token}">link</a>>to set a new password. The token was the random number we generated using "crypto." So, here's the route that will accommodate that link: router.get("/reset/:token", authController.getNewPassword); Notice the "/" character before your parameter. That's crucial... b) the Controller (back to top...) Here's your Controller. Notice how it's grabbing the param from your URL... req.params.token - "token" is what allows the system to match that with router.get("/reset/:token", authController.getNewPassword); pass the userId into your view... pass the passwordToken (which was stored in the database at the very beginning of this process) into your view c) the reset-password view (back to top...) Here's the page that the user gets when they click on the email that they've received thanks to the Controller that we just covered. 5) postNewPassword Controller temporary variable that you'll use to house the current user you've found the current user in the database based on the incoming password token and assuming that it hasn't expired and the incoming userId matches as well, we're going to store the matching user in the "resetUser" variable and create an encrypted version of the new password save everything and reset the token and the tokenExpiration value to undefined B) Adding Authorization (back to top...) 1) Displaying Products (back to top...) To ensure that only the user who added a product is able to delete it or edit it, you want to limit the products that are being displayed in your "getProducts" method on your "admin.js" Controller like this: exports.getProducts = (req, res, next) => { Product.find({ userId: req.user._id }) .then(products => { console.log(products); res.render("admin/products", { prods: products, pageTitle: "Admin Products", path: "/admin/products", isAuthenticated: req.session.isLoggedIn }); }) .catch(err => console.log(err)); }; 2) Editing Products (back to top...) Notice on line #13 how the ".then" block is separate from the first ".then" block? This is going to be a problem because if the user._id field does NOT match, then the user is going to get re-routed to the "index" page, correct? Wrong! This goes back to the basics, somewhat, but it's worth repeating. JavaScript is a ">Single Thread dynamic which means that we start at the top and we keep going till we're done. We don't pause or wait for anything to finish. "Callbacks" allow us the opportunity to tweak that dynamic a little bit so we can circumvent JavaScript's otherwise strict approach to code execution. The "Promise" is part of that "callback" dynamic in that we can place ".then" blocks and dictate how code is going to flow based on the successful completion of a particular task. But you need to be aware that those ".then" blocks have a bit of a liability attached to them. Take a look at the diagram below: Every ".then" block is going to be executed, regardless if you have a "return" within that particular ".then" configuration. JS will go through every one of the ".then" blocks before it jumps back into the Call Stack. That's why we had to move the last ".then" block from here: exports.postEditProduct = (req, res, next) => { const prodId = req.body.productId; const updatedTitle = req.body.title; const updatedPrice = req.body.price; const updatedImageUrl = req.body.imageUrl; const updatedDesc = req.body.description; Product.findById(prodId) .then(product => { if(product.userId !== req.user._id) { return res.redirect('/'); } product.title = updatedTitle; product.price = updatedPrice; product.description = updatedDesc; product.imageUrl = updatedImageUrl; return product.save(); }) .then(result => { console.log("UPDATED PRODUCT!"); res.redirect("/admin/products"); }) .catch(err => console.log(err)); }; ...to here: exports.postEditProduct = (req, res, next) => { const prodId = req.body.productId; const updatedTitle = req.body.title; const updatedPrice = req.body.price; const updatedImageUrl = req.body.imageUrl; const updatedDesc = req.body.description; Product.findById(prodId) .then(product => { ❶ if (product.userId.toString() !== req.user._id.toString()) { return res.redirect('/'); } product.title = updatedTitle; product.price = updatedPrice; product.description = updatedDesc; product.imageUrl = updatedImageUrl; return product.save() .then(result => { console.log("UPDATED PRODUCT!"); res.redirect("/admin/products"); }) }) .catch(err => console.log(err)); }; It is now "nested" in the first ".then" block so the "return" will ne honored. Now, even if a user would be able to somehow access a product, if they try to edit it, they'll be redirected and the changes won't be saved. BTW: BTW: you need to add ".toString()" in order to accommodate the fact that you're looking for both value and datatype. 3) Deleting Products (back to top...) This is pretty easy. You're just changing your "FindOne" query into something that's looking for things based on the productId as well as the user._id field. exports.postDeleteProduct = (req, res, next) => { const prodId = req.body.productId; //Product.findByIdAndRemove(prodId) Product.deleteOne({ _id: prodId, usesrId: req.user._id }) .then(() => { console.log("DESTROYED PRODUCT"); res.redirect("/admin/products"); }) .catch(err => console.log(err)); }; A) Basic Email Validation (back to top...) Start by installing express-validator with this command: 1) auth.js Routes (back to top...) This is the "basic" version where you're just going to get a system generated message. It's good though because it will alert the user of a bad email if they didn't use the "@" sign. No, once you have installed the "express-validator" package, you're going to import it on your "auth.js" routes page. const { check } = require("express-validator/check"); Notice how you're only importing a sub-package from the "express-validator" package. Here you're using a technique called "Destructuring" which is a shorthand way of storing variables from within an array. After importing that package, you'll do this on your actual, "post signup" route. router.post("/signup", check("email").isEmail(), authController.postSignup); You're using the middleware represented by the "check" variable to see if what the user entered is a valid email address. 2) auth.js Controller (back to top...) import the "validationResult" object that's available from the "express-validator/express" package const { validationResult } = require("express-validator/check"); ..and then for your actual "postSignup" method, you'll do this: ...and that will get you this result when you type in a bad email... storing the validationResults in the "errors" constant if you've got some errors, you're going to render the "signup" view with a 422 status this is the errorMessage that you had originally used as part of your "flash" dynamic. We're going to use that in a minute... B) Using the Error Message Field (back to top...) When you look at your terminal to see the actual error that is being generated from your "express-validator" package, you see this: You're getting in this array the value that was entered, the parameter (which matches the "name" of the field" and the location of the actual field itself. The thing we want to harness is the "msg." Here's why: If the user doesn't add ANY email address, they won't get a message that reminds them they need to add an "@" sign, instead they'll get the errors.array() which is currently assigned to the errorMessage variable. The problem is, it's an array and we need to be more specific. Right now, the error looks like what you see to the right. To remedy that, we're going to change above to this: errorMessage: errors.array()[0].msg ...and now we get this (Invalid Email): Now, if we wanted to customize that message so we weren't limited to just the default message coming from the "express-validation" package, we could do this: router.post( "/signup", check("email") .isEmail() .withMessage("Please enter a valid email."), authController.postSignup ); When you do that, the user will see this: C) Custom Validator Fields (back to top...) You can create your own custom validation dynamics! Take a look at what's below: You're just going to follow the format that you see highlighted above and that's all there is to it. Be sure to return "true" at the end as that will allow the code to continue. D) More Validators (back to top...) Here we're looking to see if the password is long enough and there aren't anything other than alphanumeric characters. bringing into the mix another aspect of the "express-validator" package and that is the "body" dynamic. This allows you to look for and identify criteria within the body of the document. This is where we're going to find the password. &looking for the password within the body of the document that we're evaluating (as opposed to the header...) this is a great way of defining an error message for all of the checks you're getting ready to do against the password field checking for the length of the password and you're using a JQuery object as part of your evaluation. BTW: A JQuery Object is something you've been working with, but weren't necessarily aware of its name when you were looking at it. Here's the way the JavaScript Object is defined on W3Schools... var person = {firstName:"John", lastName:"Doe", age:50, eyeColor:"blue"}; The content between the curly braces is your Object. Here's some more info from smashingmagazine.com And that's how you do it! Now you've got validation in place for your password that looks for the length and the type of characters that have been entered. E) Equality (back to top...) To check for form field equality, we'll do something like this: Pretty straight forward! F) Async Validation (back to top...) To make this happen, you're going to incorporate a "Promise Reject" dynamic and it's going to look like this: Now that you're doing this on the "route" side of the picture, you're not going to use what you had in your "route.js" Controller, so... You got rid of your "User.findOne()" function and you launched immediately into your "bcrypt" function. After that, you just got rid of the extra curly braces etc. And there you go! F) Keep User Input (back to top...) Should a user attempt to login and they're told that their email doesn't match or any kind of error for that matter, this functionality preserves the info they originally inputted so they don't have to start all over again. 1) signup.ejs (back to top...) Here's the code you're using with your "ejs" file. Basically you're just adding the value tag with the EJS syntax that grabs the "oldInput" stuff. 2) auth.js Controller (back to top...) H) Conditional CSS Classes (back to top...) 1) auth.js Controller (back to top...) First thing you're going to do when you want to enhance what we just did, as far as preserving the data that the user just entered although something went south, is to add the "validationErrors" variable that you see highlighted below. Now, implement that into your "signup.ejs" file... 2) signup.ejs Controller (back to top...) 3) forms.css (back to top...) Your "forms.css" file will look like this: .invalid { border-color: red; } I) Sanitizing Data (back to top...) By "sanitizing," we're referring to ensuring that the email address is valid, convert any uppercase letters to lowercase (normalizeEmail), eliminate any superflous spaces etc. You're going to do that on your router page. In this case, it will be "auth.js" and the code looks like this: J) Validating Product Info (back to top...) 1) Validator Package (back to top...) While this may have been covered in the past, it's good to recap. To institute any kind of validation, you're going to need the "Express Validator" package. We're validating the user's input data as they go to enter a new product. So, we're on the "admin.js" route page. The first thing we're doing is importing the "validator" package at the top of the page: const { body } = require('express-validator/check') Again, for the sake of review, you're looking at an approach to coding called "destructuring that's basically incorporating some shorcuts that you can review by clicking here. Basically what you're doing here is telling to break apart or "destructure" the incoming data to whatever it is that you specify. In this instance, you're asking Node to break things down to what's represented by the "body" object. 1) Validator Package (back to top...) You're going to incorporate this code into the syntax you use to both insert and edit product info. Here's a "before / after..." Before... router.get("/edit-product/:productId", isAuth, adminController.getEditProduct); After 2) admin.js Controller (back to top...) The only other thing that I had to be concerned about was what I've got highlighted below... You've got different kinds of errors: Technical Errors, "Expected Errors" (possible retry, file can't be read etc.), Bugs and Logical Errors You've got an "error" object built into Node. This is something that is thrown by the system when there's a system error. Here's a comprehensive graphic that details the kinds of errors you're bound to encounter and how you're going to handle them... The left side would be a "technical" error. The right side are more for custom validators etc. A) Error Theory (back to top...) 1) throw (back to top...) Here's the definition of "throw" from w3 schools... The throw statement throws (generates) an error. When an error occurs, JavaScript will normally stop, and generate an error message. The technical term for this is: JavaScript will throw an error. The throw statement allows you to create a custom error. The technical term for this is: throw an exception. The exception can be a JavaScript String, a Number, a Boolean or an Object. Here's an example: The "throw new Error('Invalid argments')" will look like this in your console: The thing you want to take note of is that when an error is "thrown," your app crashes and burns. 2) try /catch (syncronous) If your code is being executed syncronously (meaning line by line - it's not waiting for anything like a file being uploaded or a row in a database being retrieved), you can use the "try / catch" approach. Check it out! Here's your code: When you run this, you'll get the following: You get the error we put in place in the context of the "try / catch" dynamic and then the other stuff we saw earlier. The thing to bear in mind is that we can proceed if we want to simply by removing the "thrown" error. If you get rid of the throw new Error("Invalid arguments");, the app would continue to run. That's something to keep in mind when you're wanting to maintain an elegant flow to your code even if something goes south. For the asyncronous dynamic, you do what we've been doing throughout our app as far as the "then" block. Know that the "catch" portion of the "then" block is going to render all of the errors specified in your "then" clause. B) Throwing Errors in Code (app.js) (back to top...) Here's what we did to a portion of the app.js file. First here's the "before..." Now, here's what we did to enhance it: By the way... next() just means to proceed to the "next" block of code. Sometimes you see it coded as "next" like you see in , other times you see it written as return next(); like in . When you use"return," you're typically "returning" a value from whatever function you're working with. In this context, however, it's a little different in that you're using "return" with middleware. Here you're telling your code to jump to the next piece of middleware (app.use...). In this case, we've got a return next(); in the first piece of middleware. It's asking if we've got a session user in place. If we don't, we're moving to the next piece of middleware. We're not going to look for a user. If you didn't code this using "return," your code would simply move to the next piece of middleware BUT it would try to execute the next piece of code in your current middleware and it would crash. With next(); you're going to the next piece of middleware or whatever represents the next piece of code in your stack. Without next();, your execution would stop at that point and you would be stuck. C) Returning Error Pages (back to top...) So, we're going to go to your admin page and temporarily import the mongoose package and use that to cause an intentional error when we attempt to add a product.... We're going to use the feature from the newly imported Mongoose package to establish an ID that's already in the database. That's going to throw an error! 1) Regular Page (back to top...) So, in this instance, a good way to handle this error is to use what we had going on with the "edit-product" dynamic and we're just going to copy and paste that code where we were normally just showing an error in the console. Like this: 2) 500 Page (back to top...) In case something goes south systemically, however, you want a legitimate 500 page. To do that you need to do the following: Create the page in your "views." You'll just copy and paste the code you used for your "404" page. Add the following to your "error.js" controller: We added this to our "app.js" file - this is going to define our controller... app.use(errorController.get404); app.get("/500", errorController.get500); One thing to note here is the way in which we defined the route as well as the controller to use with the "/500, errorController.get500)" thingy... And then finally, throw this into your "admin.js" Controller... .catch(err => { //console.log(err); // return res.status(500).render("admin/edit-product", { // pageTitle: "Add Product", // path: "/admin/add-product", // editing: false, // hasError: true, // product: { // title: title, // imageUrl: imageUrl, // price: price, // description: description // }, // errorMessage: "Database operation failed, please try again.", // validationErrors: [] // }); res.redirect("/500"); }); D) Using Express Middleware for Errors (back to top...) You can save yourself a lot of time and code by using the Express dynamic that's built in to handle errors. You'll do it like this: In your "admin.js" file, rather than res.redirect('/500');, you'll do this: const error = new Error(err); error.httpStatusCode = 500; return next(error); When Express sees, "return next(error)," it processes that as a cue to refer to the "app.js" file where it sees this: app.use((error, req, res, next) => { res.redirect("/500"); }); Notice you've got four arguments: error, req, res, next. This is your "error handler!" The bottom portion of the app. js file looks like this: NOTICE THE ORDER! app.get('/500', errorController.get500 has to proceed your "get404" code, otherwise the code will give you the 404 error before it gets to your 500 page. I found that out the hard way! E) Using Express Middleware for Errors-> Correctly (back to top...) While the built in Express method of handling errors is very cool, you have to wield that power correctly in order for it to function correctly. For example... If you throw an error within your "app.js" file and you do so within an asynconous loop like what you have here: app.use((req, res, next) => { if (!req.session.user) { return next(); } User.findById(req.session.user._id) .then(user => { if (!user) { return next(); } req.user = user; next(); }) .catch(err => { throw new Error(err); }); }); ...you'll never reach the error handling middleware. You'll just get lost in an eternal loop. If you were to look in your console, you have this: If you were to throw the error in more of an async fashion like this: app.use((req, res, next) => { throw new Error(err); if (!req.session.user) { return next(); } User.findById(req.session.user._id) .then(user => { if (!user) { return next(); } req.user = user; next(); }) .catch(err => { throw new Error(err); }); }); ... you again encounter an infinite loop but not because your error is getting lost in the weeds. Instead, your code is being generated with each request. So when it goes to run the 500 page, it has to hit the initial "app.use" code which is asking for the 500 page and thus begins a circle that never concludes. To get around that, you need to do three things: First, render the 500 page right in your app;js code as opposed to redirecting it to a View... So, you took the code that was in your "error.js" Controller and placed it directly in your "app.js" file. The other thing you need to do is reposition your csrf Token so it fires before you actually require it in the context of your 500 page which is looking for a Session ID (I think...). The other thing you need to do is adjust the way in which you're calling your Express Error code in the way it operates in the context of a promise. What's in bold is what you want to do! F) Errors & Http Response Codes (back to top...) Here's a basic breakdown:

• 2XX -> Success
• 3XX -> Redirect
• 4XX-> Client Side Error
• 5XX-> Server Side Error

You can see a full list by heading out to https:httpstatuses.com A) What Are They? (back to top...) A good example is the Udemy Course page. You've got minimal HTML. Rather, it's just a collection of divs and JavaScript code which is a browser-side scripting language. But while JavaScript is rendering the page and altering the DOM, the actual data is coming from an API - a page whose sole purpose is to churn out data but without the GUI. The bottom line is that the front end is "de-coupled" from the front end. This is the API paradigm! And it's most often facilitated by the REST dynamic which stands for "Representational State Transfer." Here your URL is triggering your functionality and we'll see how that works in just a minute. B) Data Formats and Routing (back to top...) 1) JSON (back to top...) You've got four main choices when it comes to data formats: HTML, Plain Text, XML and JSON. JSON is your best option because the machine can read it and it's fairly easy to understand from a human stanpoint as well. The other three formats vary in complexity, but it's their readability from the machine's standpoint that is key. 2) Routing In this diagram you're seeing the way in which a route is "directing traffic." You're also seeing what represents a very common part of the RESTful API conversation and that is "API Endpoints." It's basically a fancy name for whatever action you're taking against the database. There's several options, actually. Here's a diagram that illustrates what you have access to: C) Core Principles (back to top...) The diagram below outlines an excellente summary of the Core Principles that characterize RESTful APIs.

• UI -> we've already dealt with that somewhat in the context of OpenAPIs
• Stateless Interactions -> no session variables
• Cacheable -> some info can be stored in the apps head
• Client - Server -> persistent data / storage refers to data that is stored in the system after the user has powered down their app
• Layered System -> in the event you're dealing with an app that is utilizing multiple APIs<'li>
• Code on Demand -> very rare!

D) Sending Requests and Responses | CORS Errors (back to top...) app.js... Most of this is pretty familiar, except for one thing: CORS stands for "Cross Origin Resource Sharing." Without this information being put in the header, you're going to get an error should you receiving a request from a different server. You've got three different dynamics that need to be addressed: Origin, Methods and Content Type. feed.js (routes) feed.js (controller) Using Postman, you can proof these operations first by using http:localhost:8080/feed/posts With that you'll get: This is the content you specified in your "feed.js" controller: exports.getPosts = (req, res, next) => { res.status(200).json({ posts: [{ title: "First", content: "This is the first post!" }] }); }; You can also check your "post" dynamic by using the same URL, adjusting Postman to accommodate a "Post" rather than a "Get," and then choosing "Body -> Raw -> JSON" and entering: { "title": "My first post", "content": "This is the content of my post" } Your "feed.js" controller processes that using: exports.createPost = (req, res, next) => { const title = req.body.title; const content = req.body.content; res.status(201).json({ message: "Post created successfully", post: { id: new Date().toISOString(), title: title, content: content } }); }; ...and give you the JSON response, "Post created successfully" etc. 1) Codepen (back to top...) Using Codepen to test this puppy, you did this: HTML: JS: Same kind of thing with a POST request with a couple of differences in the way you structure the HTML: you have to convert what would otherwise be plain text into JSON so it can be detected and read correctly. you have to change the content type into JSON, again so the content can be read by the application. This is a practical application involving a React UI with a real live API dynamic! A) Retrieving Posts (back to top...) 1) Feed.js (React) (back to top...) Here's the adjustment we made to the "Feed.js" file on the React side. This is part of the "loadPosts" function: fetch('http://localhost:8080/feed/posts') 2) feed.js (Node Controller) (back to top...) Here's what we did on the Node side in the "feed.js" file: exports.getPosts = (req, res, next) => { res.status(200).json({ posts: [ { _id: "1", title: "First", content: "This is the first post!", imageUrl: "images/conjuction_junction.jpg", creator: { name: "Bruce" }, createdAt: new Date() } ] }); }; B) Creating Posts (back to top...) To create a post, you're going to change up the "Feed.js" file in your React application like this (this is a portion of the "finishEditHandler" method): And then you've got edit the "createPost" method that you currently have in place with your API to provide the needed fields and values that React is expecting. Like this: C) Adding Validation (back to top...) We're going to start by adding the Express Validation package that we've worked with before, but real quick...React has some validation happening and it's worth it to look at that... 1) React Validation (back to top...) This is from "FeedEdit.js" which is in react/src/components/Feed/FeedEdit... 2) Adding Server Side Validation (back to top...) Most of this has already been discussed, but here you go: feed.js (router) import the Express Validator package here's your validator code feed.js (controller here's where you bring in an "IF" statement to see if you've got any errors. D) Adding a Database (back to top...) post.js (model) app.js const bodyParser = require("body-parser"); const mongoose = require("mongoose"); ... mongoose .connect( "mongodb+srv://brucegust:M1ch3ll3@brucegust-qhxnz.mongodb.net/messages" ) .then(result => { app.listen(8080); }) .catch(err => console.log(err)); And here's your feed.js Controller: import your model here's your new record as it's coming in from your "body" here's your "save" functionality complete with your "catch" in case something goes south E) Static Images and Error Handling (back to top...) 1) Static Images Start by importing the "path" package into app.js: const path = require("path"); And then registering it in a way where every "/images" path is processed as a static directory that constitutes an absolute path to "images." app.use("/images", express.static(path.join(__dirname, "images"))); 2) Elegant Errors First, register the Express Error Handling Middleware on your app.js file: Now, make it happen on your feed.js Controller page. There are two places where it's going to happen: notice how you're "throwing" an error here as opposed to... the way in which you're routing things using "next(err)." To review the difference between "throw" and "next(err)," click here. F) Displaying a Single Post (back to top...) To display a single post, you'll do this: For your feed.js Route, you'll do this: router.get("/post/:postId", feedController.getPost); ...and then for your Controller you'll do this: Finally, on your "SinglePost.js" file located in src/pages/feed/SinglePost, you'll make this little change: G) Uploading an Image (back to top...) A couple of things about this puppy... Here's your app.js elements. You're going to use something called, "multer." And here's your Controller (feed.js): "multer" is going to sense whether or not you're in the zone of a "multi-form" kind of posting. If you are, that will kick in automatically and you're now processing your binary files appropriately. One thing that surfaced in the midst of all this is that when you're using multer in a Windows format is that you have to use "filename." I have that highlighted, but that was something different than what was presented in the tutorial.The tutorial also had a data being attached to the end of the file, but it was positioned after the file extension, so I just deleted it and it worked fine! H) Updating Posts (back to top...) To update a post you'll use the code I've got below. Here's your route: feed.js (router) Here's your Controller: feed.js (Controller) ...and here's your app.js file: app.js I) Deleting Posts (back to top...) First of all, establish your route in your "api" directory. Remember, your "react" content is nothing other than your GUI. The "nuts and bolts" of your app is primarily your "api" code. 1) feed.js (route) (back to top...) In your "api" code, you've go this for your feed.js in your router directory: router.delete("/post/:postId", feedController.deletePost); 2) feed.js (controller) (back to top...) Here's what we've got for our Controller... "return," in the context of conventional function would route the code in a way that ignores whatever follows. At that point, you're out the door. Here, however, you're using "return" in the context of a callback / promise. As a result, it's throught more in terms of how the next line of code is going to be receiving whatever proceeds it. In this case, the next "then" clause is receiving the result from "findByIdAndRemove." J) Pagination (back to top...) We're going to limit the number of records we return and then make use of some of the code that's already been written on our front end. Take a look: 1) feed.js (front end) (back to top...) Feed.js (react->src->Pages->feed) The portion of the above code that you have highlighted? That's being passed into your backend... 2) feed.js (Controller) (back to top...) establish a currentPage value to the incoming "page" value. Use the "||" shortcut to signify that if the incoming "page" dynamic doesn't exist, the system defaults to page "1." the "perPage" value refers to the number of rows you're going to have displayed on your page todal. variable that will house the total number of rows that you're going to be retirieving function that counts the number of incoming records. If that function is successful, the code proceeds to the next block where... the "totalItems" variable is assigned the value of "count," or what came out of the "countDocuments" function. I then am going to "return" ther result of "Post.find." Bear in mind that while you may have grown comfortable processing "return" as an obligatory" disruption of the code, the same thing is happening, but... ...you're operating in the context of several "chained" functions that are coupled together. So, now a "return" is going to simply transport the result of that functionality to the next block of code. Here's a little more info about all that from EE: skip lets you "skip" over a specified number of rows. In this case, I know I've got 2 rows per page. So, if I'm on page 2, that means there's a total of 4 rows that I need to skip in order to ensure that when I advance to the next page, I'll be looking at the fifth row. But... If I'm on page 1, which is my starting point, I don't want to begin with the 3rd row. So to keep everything accurate, I'll subtract "1" from whatever represents my "currentPage" value and that will ensure an accurate starting point for every page. "limit" allows me to limit the number of rows and I'm using my "perPage" value to dictate the number of rows I'm going to display at one time. we're going to respond with not only some data, but also the "totalItems" variable which our front end is expecting in this line: totalPosts: resData.totalItems As far as where your "next" and your "previous" buttons are coming from, you can find that in your "Paginator.js" file. K) Building a User Model (back to top...) Easy! Here we go: auth.js (routes) const express = require("express"); const router = express.Router(); router.put("/signup"); module.exports = router; user.js (model) app.js const authRoutes = require("./routes/auth"); ... app.use("/auth", authRoutes); L) Adding User Validation (back to top...) Here's your auth.js route where you're checking to see if the incoming email already exists and then you're checking for flawed entries: anything specified in the context of the body object is going to be evaluated. Errors will be captured in the "validationResult" object which you'll look at in the "auth.js" Controller... ...and here's the relevant portion of your app.js file: app.use((error, req, res, next) => { console.log(error); const status = error.statusCode || 500; const message = error.message; const data = error.data; res.status(status).json({ message: message, data: data }); }); M) Signing Users Up (back to top...) 1) bcryptjs (back to top...) Start by installing bcryptjs for the sake of encrypting your incoming data. npm install --save bcyrptjs 2) auth.js (Controller) (back to top...) After the validation piece, we now grab the incoming data which has now been vetted and we insert it into the database. Here's the entire auth.js code thus far with the newest addtions highlighted: 3) App.js (front end)(back to top...) On your "App.js" file, start by resetting the "isAuth" value to false, which is at the top of the page: class App extends Component { state = { showBackdrop: false, showMobileNav: false, isAuth: false, token: null, userId: null, authLoading: false, error: null }; ...and then you've got these adjustments you've made to your "signupHandler..." N) How Validation Works (JWT) (back to top...) The term "stateless" refers to the way in which APIs don't store session data. Whereas in the context of a more conventional web app you had session variables, with this dynamic you have instead JWT - Jason Web Tokens. YOu can see that illustrated below... The token itself is going to be a collection of JSON data including the "signature" and the "payload." O) Validating User Login (back to top...) 1) auth.js (Controller) (back to top...) Here's the first piece of the authentication pie... establish the "loadedUser" variable find a row in the database that matches the incoming email if an email is found to match, then assign the user object to "loadedUser" return the result of the comparison between the incoming password and the password that's in the database if the returned value "isn't equal," then throw an error. If we're good to go, then we move forward with establishing a JWT... P) Logging in and Creating JSON Web Tokens (JWTs) (back to top...) 1) auth.js (route) (back to top...) Your route is pretty straight forward... router.post('/login', authController.login); 2) auth.js (controller) (back to top...) Again, pretty straight forward... 3) App.js (front end) Front end... BAM! Q) Using and Validating the Token (back to top...) 1) Feed.js) (back to top...) You're generating a token, now you've got to ensure that it exists and that it's valid. To do that, you're going to first adjust your "Feed.js" file in your "react" application so that your header includes the "Authorization" dynamic. This is in your "src/Pages/feed" directory. This was enabled in your "app.js" file in your "api" in your "app.js" file: app.use((req, res, next) => { res.setHeader("Access-Control-Allow-Origin", "*"); res.setHeader( "Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE" ); res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization"); next(); }); Here's the way your "Feed.js" file is going to look with the new "header..." So, there's your header which you recognize from the work that you've done before with Fitbit. 2) is-auth.js (back to top...) Your "is-auth.js" page is Middleware which is kept in the brand new Middleware directory you need to make in your "api" project. Here's your file: bring in your "jsonwebtoken" package. You're going to need that... make sure there IS an incoming token. Otherwise, throw an error... here comes your token via the header that you set up earlier (Authorization: 'Bearer ' + this.props.token) here's where you're unpacking your token and seeing if it's valid. For that you're going to need the signature that was defined earlier in your "auth.js" file within your "api" directory (see below). if something goes south with your attempt to decode the incoming token, throw an error you've successfully decoded the incoming token, but you've not been verified, so you're not going anywhere all is well and you're moving foward as a validated user! 3) feed.js (route) (back to top...) You're going to include this new "is-auth.js" file in the context of your "feed.js" route. This is middleware. We've talked about this before, but for the sake of review, remember that with middleware you're accessing the request and the response objects as well as what represents the "next" middleware function in the application's request-response cycle. Here's your new "feed.js" route with the new additions highlighted: R) Adding Auth Middleware to All Routes and Methods (back to top...) 1) Feed.js (front end) (back to top...) To add the authorization dynamic that we just installed to all routes / front end, it's going to look like this. Basically, you're adding Authorization to the edit and delete functionality. 1) SinglePost.js Here's your SinglePost.js "single post" display front end: S) Connecting Posts to Users (back to top...) 1) post.js (model) (back to top...) To connect users to their corresponding posts, you're going to start with your "post.js" model in your back end (api/models). post.js 2) feed.js (controller) (back to top...) Now that you've got your model squared away, let's hit the "feed.js" controller... this is the first thing you're going to adjust. Rather than the creator being a hard coded name, you're going to retrieve the user from the "user" table. To do that, you're going to need the userId which is now available thanks to your newly installed "authorization" dynamic via the "is-auth.js" code... req.userID = decodedToken.userId; So, now "creator" is set to "req.userId." Now, as part of the "saving" process, we're going to look up the user info based on the userId. We've got the User model referenced at the top of the page now... const User = require("../models/user"); ...so now, with that little bit of code, "User.findById(req.userId)," we've got access to all that info contanined within that row of data. If you refer back to your User model, you've got this: posts: [ { type: Schema.Types.ObjectId, ref: "Post" } ] By doing user.posts.push(post);, you're pushing the postId into the "user" table. Node takes care of all the heavy lifting. add a "creator" variable that's uninitialized that we're going to use at ❺ now you're going to pack all of the elements contained with the "user" object into the "creator" variable now, with a new "creator" variable in place that has all of my "user" info, I'm going to set up "creator" as a key and then with my curly braces, assign some accessible pieces of info including the "_id" and the "name" of the user that just added a post. T) Adding Authorization Checks (back to top...) To ensure that only the user who created the resource in question is allowed to either update it or delete it, we add the code that you see highlighted below. It's pretty straight forward. Basically, we're just throwing an error if the userID associated with the post doesn't match the Id of the user that's currently logged in. U) Clearing Post-User Relations (back to top...) This is not difficult. You simply include the highlighted code that you see below: V) Getting Rid of "Unexpected token < in JSON at position 0" (back to top...) You're going to start by adding a new route just so you can see what's going on. "auth.js" is going to look like this: Don't forget that the actual route for this page is going ot be "auth/status" because of what you've got set up in your "app.js" file within your "api" project (of course). const feedRoutes = require("./routes/feed"); const profileRoutes = require("./routes/profile"); const authRoutes = require("./routes/auth"); Here's what we've got for our "auth.js" controller. We added two new functions... ...and then on our front end, we changed the URL in our "Feed.js" file: With Async Await, you're still using ".then" blocks, but they're now operating behind the scenes using the code you see below. Here are some more examples of "before" and "after" where transforming the existing code to an "await" dynamic... Before (just look at all of your major functionality)... After... A) Intro (back to top...) According to your normal paradgim, your http client is sending a request to the server and the server responds. With this dynamic, the server is sending data to the client without it being initiated by the client. That may not make a whole lot of sense, but it's a very cool tool to have in your backpocket like what you're getting ready to see with this example. You know how you can have two users on the same app and one adds a product and the other user won't know something's been added unless they refresh their page? With websockets the screen refreshes automatically! Very nice! B) socket.io (back to top...) There are a lot of options to choose from where websockets are concerned, but we're going to use something called, "socket.io. C) Making it Work (back to top...) 1) Installation (back to top...) i) app.js (api) (back to top...) Use this to install the "socket.io" package... ...and then you're going to incorporate it into your "app.js" code like this: ii) Feed.js (react) (back to top...) Now, you're going to import the front end counterpart to the backend "socket.io" with this: You'll then put this near the top of your page... import openSocket from 'socket.io-client'; ...and then add this to the tail end of the "class Feed extends Component" code: When you run this, you'll get "Client connected" on your terminal. D) Identifying Realtime Potential (back to top...) We're going to move into a more "practical" application of our code and we're going to kick it off by grabbing this code that was provided by the tutorial and simply plug it into our "Feed.js" file. It's "addPost..." That will go right after openSocket('http://localhost:8080');. E) Sharing the IO Instance Across Files (back to top...) To share this websocket dynamic across multiple files, we're going to set up a "socket.js" file and position that in our home directory. That file is going to look like this: No big deal. Now we're going to reference it as part of our "app.js" file like this: mongoose .connect( "mongodb+srv://brucegust:M1ch3ll3@brucegust-qhxnz.mongodb.net/messages" ) .then(result => { const server = app.listen(8080); const io = require('./socket.io').init(server); io.on('connection', socket => { console.log('client connected'); }); }) .catch(err => console.log(err) ); F) Synchronizing POST Additions (back to top...) 1) Adding IO to feed.js (Controller) (back to top...) So, now when we go to our "feed.js" Controller, we'll import it at the top of the page: const io = require('../socket'); ...and that's referencing the "socket.js" file we created a moment ago. And that file is a continuation of what was initialized on the "app.js" file: mongoose .connect( "mongodb+srv://brucegust:M1ch3ll3@brucegust-qhxnz.mongodb.net/messages" ) .then(result => { const server = app.listen(8080); const io = require('./socket').init(server); io.on('connection', socket => { console.log('Client connected'); }); }) .catch(err => console.log(err)); Now, I'm going to use that as part of my "createPost" method. What will happen now is that all connected clients will be alerted to the fact that a new post was just created. Here's how you're going to code that: 2) Feed.js (front end) (back to top...) Here's the code you need for the "component didMount" piece: G) Adding Name to Posts (back to top...) Here's a little tweak to our "feed.js" page that corrects the fact that that name wasn't being properly displayed. populate is a Mongo DB function that looks up whaqt amounts to a related field in another table. In this case, "posts" is related to "users" via the field "creator" which holds the ObjectID of the "user." The _doc field lets you access the “raw” document directly, which was delivered through the mongodb driver, bypassing mongoose. There's not a whole lot of info about it. H) Updating Posts on All Connected Clients (back to top...) 1) Controller (back to top...) Here's your Controller: we're using the MongoDB "populate" method to look up and make available the info coming from the users table based on the object ID located in the "creator" column. emit the results of what's just been updated. 2) Feed.js (front end) (back to top...) Here's your "Feed.js" file. This first piece is a new piece of functionality that we added after the "addPost" method. We also changed the componentDidMount function like this: And that will do it! I) Sorting Correctly (back to top...) To sort the list of posts according to their timestamp where the most recently added posts show up first, you do this: J) Deleting Posts (back to top...) 1) feed.js Controller (back to top...) Here's your backend (feed.js / Controller) 2) Feed.js (front end) (back to top...) A) What is GraphQL (back to top...) GraphQL is a stateless (no session variables), client-independent API for exchanging data with higher query flexibility. Check out the graphic below... With a conventional REST API dynamic, you've got some limitations in that you're going to retrieve a row based on an ID and you're going to get all of the the corresponding information (findById). What the above graphic demonstrates is that if you want specific information, you need to change the endpoint and that can become cumbersome, especially if it's a large app and your query shows up in multiple places. With GraphQL, you've got more flexibility. How? With GraphQL, you only have one endpoint and it's within that endpoint that you'll specify what it is you're trying to do... Here's an example of what a typical GraphQL query is going to look like: Notice you've got your "Operation Type," your endpoint and then you've got your "Requested Fields." It's in the context of your "Requested Fields" that the utility of GraphQL can really be appreciated. As far as "Operation Types," here's a breakdown: To sum it up, here's a graphic that shows the "flow" of GraphQL and how your Operation Types can be thought of as Routes and your Resolvers (which we'll get into in a minute) can be throught of as Controllers... B) Setup and Our First Query 1) Setup (back to top...) You're going to delete your "routes" folder and you're also getting rid of all the references to your routes in you "app.js" file within your "api" app. Yeah, we're cleaning house. In addition, you're going to install the "graphql" and "express graphql" packages using this command: $ npm install --save graphql express-graphql 2) Our First Query (back to top...) i) app.js (back to top...) On "app.js," import and implement these files like so (pay attention to the highlighted items: ii) schema.js and resolvers.js (back to top...) GraphQL is designed to work with a combo of functionalities referenced two files: "schema.js" and "resolvers.js." Here's your "schema.js" filed: const { buildSchema } = require('graphql'); module.exports = buildSchema(` ❸ type TestData { text: String! views: Int! } ❷ type RootQuery { hello: TestData! } ❶ schema { query: RootQuery } `); The logic of this is broken down like this: First of all, "schema" is defined as "...a representation of a plan or theory in the form of an outline or model." It's your basic scaffolding. Going back to the graphic, you can see the three elements depicted. You've got your query which is then defined by the type which is then further detailed as far as the in terms of the actual columns that are being retrieved. That's your schema, but now you need the "resovlers.js" file to actually populate the fields you've targeted with some values. Here's your "resolvers.js" file: module.exports = { hello() { return { text: 'Hello World!', views: 1245 }; } }; You can see where hello is coming from when you compare the "schema.js" file and the "resolvers.js" file... To see all of this in action, you're going to use Postman. The URL is going to be localhost:8080/graphql and you're going to put this in the body... { "query": "{ hello { text views } }" } That gives you this: { "data": { "hello": { "text": "Hello World!", "views": 1245 } } } C) Defining a Mutation (back to top...) 1) schema.js (back to top...) module.exports = { createUser(args, req) { //const email = args.userInput.email; } D) Adding a Mutation Resolver & GraphiQL (back to top...) The idea here is to write a query that resonates as a little more practical. We're going to add a user to the users table and it's going to look like this: 1) schema.js (back to top...) 2) resolvers.js (back to top...) 3) GraphiQL (back to top...) This is a much better way to proof your code and make some adjustments to it than Postman. You need to add this to your "app.js" file: app.use('/graphql', graphqlHttp({ schema: graphqlSchema, rootValue: graphqlResolver, graphiql:true }) ); Here's a screenshot of the interface: To get there, you'll got to http://localhost:8080/graphql. E) Adding Validation (back to top...) 1) validator | resolvers.js (back to top...) First thing you're going to do is install validator using: npm install --save validator Here's your "resolver.js" file: import the "validator" package. This is the same thing we used with Express. set up an "errors" variable here's some of your validator rules if your errors lengh is greater than 0, throw your error F) Handling Errors (back to top...) we're adding a "data" field to the array of errors that we created earlier with things like "errors.push({ message: 'Password too short!' });" Now all of those error messages are stored in our "errors" variable. That will be picked up by our "app;js" file like so... "formatError is a configuration option that is a method that receives the error. an "originalError" is a problem with your code. It's not a technical error like a resource not found or something like that the "originalData" variable is a part of the existing architecture. In our "resolvers.js" file, we tagged on to what the system is going to process the additional errors that we created and we stored them in a variable called "data." Here, we're grabbing that and putting it in a variable that, again, is called, "data." I'm grabbing the message that's coming out of GraphQL and in case it's "undefined," I'll create a generic error. I ran into that, by the way, because my code with the "resolvers.js" file initially looked like this: if(error.length>0) { const error = new Error('Invalid input.'); error.data = errors; error.code = 422; throw error; } "error" should've been "errors." I got an "undefined" as a result of that. grabbing the "code" coming out of the "originalError" and if it's not defined, just call it "500." now return all of the wonderful content that I've either pulled out of "originalError" or created myself on the "resolvers.js" page. G) Hooking Up the Front End (back to top...) 1) CORS Error (back to top...) When I imported the tutorial's front end code, I got this error when I tried to sign up a new user: signup:1 Access to fetch at 'http://localhost:8080/graphql' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status. First of all, CORS stands for "Cross-Origin Resource Sharing." It's a mechanism that allows a website running at one origin to communicate with a server or selected resources residing in a different origin. This is the definition coming from https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS: Here's a graphic to help visualize all this: So, going back to the error, what's happening is the front end is issuing a request that the API doesn't especially like. This is the piece of code that made all the difference: Reason being is that Express GraphQL automatically declines anything that isn't a GET or a POST request. So, just for the sake of reference, here's my "App.js" code from the front end: ...and here's my "app.js" from my API: A) EADDRINUSE (back to top...) This was a drag that took a while to remedy. The error was: While a search on Google was quick to produce a "killall" command, that didn't do the trick. Instead I had to use Command Prompt and it went like this: First, find all of the ports and see who's doing what: The culprit is the data that's highlighted. However innocent that may look, that was a toxic dealbreaker that kept the app from running. To kill it, you use the PID number in the context of the following command: C:users/b.gust>Taskkill/ PID 11360 /F Again, "11360" is the PID number. Once you hit <Enter>, life returned to normal. Also, if you want to clear the Command Line screen of multiple lines of requests etc, just type cls Also... I tried the above method and came up short for some reason. One thing that struck me as significant is the number of TIDs that were associated with the port number. I did this, and that did the trick: The first thing you want to understand about Node is that it is a "JavaScript Runtime Environment." In order to understand "runtime," you first have to understand the difference between a compiled program and an interpreted program. When you're working on a computer, you're dealing with a machine that understands one's and zeroes. That's it. So...

• an interpreted program produces a RESULT
• a compiled program produces a PROGRAM written in assembly language. In other words, a compliled program is first creating architecture which then goes on to produce your result. Click here for more information

This is what makes Node distinctive when compared to JQuery in that with JQuery you're uploading a library and that's it because it is intepreted code. A) AWS You can't host Node.js on a shared server because you have to install some system components on the server and shared hosting doesn't allow you to do that