🤑 Join the Treehouse affiliate program and earn 25% commission!

🌟 Dreaming of a bright future? 🎓 Ask about the Treehouse Scholarship program! 🚀

Curious which AI tools Treehouse developers love? ⚙️ Check them out!

🫡 Treehouse for Military offers discounts to Veterans, service members and their families!

Preview

Start a free Courses trial
to watch this video

Sign up for Treehouse

Going Further

2:03 with Treasure Porth

Great job learning the basics of building a REST API with Express! Here are some things you may want to study next.

Teacher's Notes
Questions?
Video Transcript
Downloads
Workspaces

Some reading on CORS

Authentication and Authorization

Related Discussions

Have questions about this video? Start a discussion with the community and Treehouse staff.

Sign up

Related Discussions

Have questions about this video? Start a discussion with the community and Treehouse staff.

Sign up

This course has introduced the basic concepts behind building a REST API. 0:00

But there is still a lot to learn. 0:04

When you're building your own API, there are a number of things to consider. 0:06

Here are just a few, using a database and ORM. 0:09

CORS, user authentication, and user authorization. 0:13

Now that you've had an introduction to building REST APIs with xPress, 0:18

a natural next step would be to build an API using a database and an ORM. 0:21

A database will help you maintain and persist larger and more complex datasets. 0:26

While an ORM will help you interact with the database more easily. 0:30

CORS, or cross-origin resource sharing 0:33

is a mechanism that allows one web domain to communicate with another. 0:37

If you tried to build a front-end for 0:41

the REST API we just created, you could run into problems due to CORS. 0:43

For example, if your front-end was running from quotegenerator.com, and 0:47

your API was running from api.quotes.com, you'd have to do some additional work 0:51

before the two would be allowed to communicate. 0:56

Most applications involve some sort of login system, 0:59

which is where user authentication and authorization come into play. 1:02

Both involve building a login system for your application so 1:06

that only authenticated users can use the API. 1:09

This could help you keep track of who's submitting, updating, and deleting quotes. 1:12

Authorization involves WEP permissions a user has, 1:17

what parts of the API they're allowed to access. 1:21

For example, you could add restrictions so that users can only edit and 1:24

delete quotes they've submitted themselves. 1:27

See the teacher's notes for more information on these subjects. 1:30

For further practice, I recommend adding enhancements to the API. 1:34

Such as adding category tags to the quotes and 1:37

building a route that returns quotes by the requested category. 1:40

As a challenge, why not take a stab at building a client-side 1:43

application of your own to consume this API? 1:46

You could build one from scratch or 1:49

use a framework of your choice such as React or Vue. 1:50

You've learned a lot in this course and 1:54

I hope you've enjoyed building this REST API with me. 1:55

Practice, experiment, have fun, and until next time happy coding. 1:58

You need to sign up for Treehouse in order to download course files.

Sign up

You need to sign up for Treehouse in order to set up Workspace

Sign up