BEGINNER • API Foundations and HTTP
Validation and Contract Checkpoint #13
This lesson targets improve observability coverage in a realistic customer profile service workflow. You will practice commands: node server.js | app.get('/route', handler) | npm init -y. The code example is specific to backend API engineering tasks for this lesson objective.
Code Example
import jwt from "jsonwebtoken";
type SessionPayload = {
userId: string;
role: "user" | "admin";
};
export function signSession(payload: SessionPayload, secret: string) {
return jwt.sign(payload, secret, { expiresIn: "12h" });
}
export function verifySession(token: string, secret: string) {
const decoded = jwt.verify(token, secret) as SessionPayload;
if (decoded.role !== "admin" && decoded.role !== "user") {
throw new Error("Invalid session role");
}
return decoded;
}Commands & References
- node server.js
- app.get('/route', handler)
- npm init -y
Lab Steps
- Prepare environment using: node server.js
- Implement endpoint or middleware for this scenario.
- Test positive/negative cases and inspect response contracts.
- Document one reliability or security improvement.
Exercises
- Add one edge-case validation and return clear error details.
- Improve one endpoint to be idempotent and test retries.
- Write one test case proving the expected API behavior.