BEGINNER • Node and Express Starter
Endpoint Design Lab for payments status gateway #1
This lesson targets enforce strict input validation in a realistic payments status gateway workflow. You will practice commands: npm init -y | npm run dev | node server.js. The code example is specific to backend API engineering tasks for this lesson objective.
Code Example
import jwt from "jsonwebtoken";
type SessionPayload = {
userId: string;
role: "user" | "admin";
};
export function signSession(payload: SessionPayload, secret: string) {
return jwt.sign(payload, secret, { expiresIn: "12h" });
}
export function verifySession(token: string, secret: string) {
const decoded = jwt.verify(token, secret) as SessionPayload;
if (decoded.role !== "admin" && decoded.role !== "user") {
throw new Error("Invalid session role");
}
return decoded;
}Commands & References
- npm init -y
- npm run dev
- node server.js
Lab Steps
- Prepare environment using: npm init -y
- Implement endpoint or middleware for this scenario.
- Test positive/negative cases and inspect response contracts.
- Document one reliability or security improvement.
Exercises
- Add one edge-case validation and return clear error details.
- Improve one endpoint to be idempotent and test retries.
- Write one test case proving the expected API behavior.