API used as back-end for the Geriatrik web app. This APi runs using express to mount the server and connecting to a MySQL database. Developed using Node.js.
This project was developed by:
- Ruy Guzmán Camacho
- Carlo Ángel Luján García
- Ángel Padilla Esqueda
- Santiago González de Cosío Romero
- Ricardo González Leal
- Adrián Becerra Meza
- Fernando López Gómez
The API was documented using Swagger on the route /api-doc.
As we are generating a Json Web Token when a user logs in or registers it was necesary to have some validation of this token to access our endpoints. We implemented an auth middleware that decodes our token and if it is valid or hasn't expired we can send requests to the api and database.
const jwt = require('jsonwebtoken');
module.exports = function(req,res,next){
//Get token from header
const token = req.header('x-auth-token');
//Check if not token
if(!token) {
//check if teken exist in the header
return res.status(401).json({msg: 'No token, authorization denied'});
}
try {
//gets payload with user id from token
const decoded = jwt.verify(token,"secret");
//gets user from the payload to have access to it from the route
req.user = decoded.user;
next();
} catch (error) {
res.status(401).json({msg:'Token is not valid'});
}
}
app.get("/patients",auth ,(req, res) => {
getPatients().then(function (results) {
console.log(results);
res.json({ message: results });
});
});
The api was deployed using Heroku and creating the connection to MySQL using ClearDB MySQL.