Task 1: Basic API Foundation

Create a simple API for managing books with these endpoints:

  • GET /books - Return all books
  • GET /books/:id - Return a specific book
  • POST /books - Create a new book (with title, author, year)

Requirements:

  • Use in-memory array storage with 3-4 sample books
  • Include basic validation (check for required fields, valid IDs)
  • Return appropriate HTTP status codes
  • Use TypeScript interface for Book type

Book interface:

interface Book {
  id: number;
  title: string;
  author: string;
  year: number;
}

Validation requirements:

  • POST validation: Title, author, and year are all required
  • ID validation: Return 400 for invalid IDs (like /books/abc)
  • Not found handling: Return 404 for non-existent books
  • Basic type checking: Year should be a number

Task 2: Complete CRUD Operations

Build on your book API from Task 1 by adding the remaining CRUD operations:

  • PUT /books/:id - Replace an entire book
  • PATCH /books/:id - Update specific book fields
  • DELETE /books/:id - Remove a book

Requirements:

  • Build on your existing Task 1 API (don’t start over)
  • Follow the patterns shown in the lesson examples
  • Include simple validation and error handling

Validation requirements:

  • PUT validation: All fields (title, author, year) are required
  • PATCH validation: Accept any combination of title, author, and/or year
  • DELETE validation: Only requires valid book ID
  • ID validation: Return 400 for invalid IDs, 404 for non-existent books

Test your complete CRUD API:

  • Create books with POST
  • Read books with GET (all and by ID)
  • Update books with PUT (full replacement) and PATCH (partial update)
  • Delete books with DELETE
  • Verify all validation and error handling works correctly

Task 3: Middleware Integration

Take your complete CRUD API from Task 2 and add middleware from Lesson 3:

Add middleware:

  • CORS middleware for cross-origin requests
  • Logging middleware that shows timestamp, method, and URL for each request
  • Simple authentication middleware that protects write operations

Authentication requirements:

  • Create checkAuth middleware that requires Authorization: Bearer secret123
  • Apply auth to: POST, PUT, PATCH, DELETE routes
  • Keep GET routes public (no auth required)

Error handling:

  • Add 404 handler for unmatched routes
  • Add global error handling middleware
  • Ensure correct middleware order

Test your enhanced API:

  • Verify GET routes work without auth
  • Test write operations require correct authorization header
  • Check that all requests are logged
  • Verify CORS works for frontend integration
Tags: