We will use a database!

• A database is a collection of data that is organized so it can be easily accessed, manage and updated.
• Retrieve, add, modify, destroy
  • Query, filter, sort, ...
• (We can host it ourselves but it's easier to let somebody else do it.)

Different types of databases

• Relational database management systems (RDBMS)
  • Organizes data into tables with columns and rows.
  • Structured Query Language (SQL).
  • Oracle, SQL Server, MySQL, MariaDB, PostgreSQL, ...
• NoSQL Databases types (non-relational database)
  • Document databases
    • Organizes data into documents.
    • MongoDB, Firebase
  • Graph databases
  • Key-value databases

Create a MongoDB database

• By starting out with Getting Started with MongoDB Atlas it should easy to create a new MongoDB database.
• For safety reasons be sure to follow Create a MongoDB User for Your Cluster!

Managing the Mongoose connection

• You connect to MongoDB with the mongoose.connect() method.
  • The connection string, enforcing access control, can be found at the DaaS provider.
    • mongodb+srv://<dbuser>:<password>@<cluster>.mongodb.net/<name>?retryWrites=true&w=majority
  • Returns a Promise.
• Listen for connection events.
  • When successfully connected (connected).
  • If the connections throws an error (error).
  • When the connection is disconnected (disconnected).
• If the Node process ends, close the Mongoose connection.

Everything starts with a Schema

• A schema defines the shape (key and SchemaType) of the documents to be stored in the associated MongoDB collection.
  • Read more at https://mongoosejs.com/docs/guide.html.

const shoeSchema = new mongoose.Schema({
  name: { type: String, required: true},
  size: { type: Number, required: true, min: 15, max: 47 }
})

• A model is compiled from a Schema definition.
  • The first argument is the singular name of the collection the model is for.
  • The lowercase name of the collection will automatically be the plural version of the model's name.

const Shoe = new mongoose.model('Shoe', shoeSchema)
const myShoe = new Shoe();

Converting a schema into a model

• Convert a schema into a model by passing the schema to mongoose.model(modelName, schema).
• An instance of a model is called a document.
• The module (Task.js) resides in the models directory.

CRUD, Verbs, and Actions

• A route provides a mapping between HTTP verbs and URLs to controller actions.
• Each action maps to a specific CRUD operation in a database.

• Route parameters, such as :id above, are named URL segments that are used to capture the values specified at their position.

Routes mapping to the tasks controller

• The captured values are populated in the req.params object, with the name of the route parameter specified in the path as their respective keys.

Create - the C in CRUD

• Create a new instance of the model....
• ...and save the document to the database. Easy peasy!

Read - the R in CRUD

• Use find, and pass an empty object, to find all documents in a collection.
• It's good practice to transform the documents into anonymous objects before passing the data to the view.

Update - the U in CRUD

• Use updateOne to update a document in the database.

Delete - the D in CRUD

• Use deleteOne to remove the document that matches the condition.

Maintain the state with sessions

• A session cookie contains a session ID, a unique identifier used to index the server's session storage.

Storing session data

• In a cookie at the client.
  • Store everything in the cookie.
    • Tampering?
      • JSON Web Token (https://jwt.io)
  • Secret information?
    • Encryption!
• In the web server's memory.
  • What happens when the server is restarted?
  • Scalability?
• Session server storage.
  • Redis (in-memory data structure store).
  • MongoDB.

Managing session i Express

• The default server-side session storage is MemoryStorage.
  • Not for production.
  • Sufficient for development and testing needs.
• Just the session ID is stored in the cookie itself.

Using sessions

• Session variables are just properties of the request object's session property.
  • (The response object doesn't have a session property.)

req.session.name = 'Ada'      // creates the session variable 'name'

const name = req.session.name // gets the value of the session variable 'name'

delete req.session.name       // removes the session variable 'name'

req.session.destroy()         // destroys this session
req.session.regenerate()      // regenerates the session

Post/Redirect/Get (PRG)

• To avoid "double posting" return a redirect command instead of a view directly.

What is a flash messages?

• To avoid "double posting" it's common to use the Post/Redirect/Get pattern (PRG).
  • How do we keep the user posted after the round trip?
• Whenever you redirect someone on your website it is a good idea to use a flash message to let them know that what they just did worked or not.
  • The flash message should survive only a round trip.
  • Use a session variable to save the message and delete the message on the next request.

Implementing PRG and flash messages

1. In the function handling the POST request, create a flash message before the redirect.
2. Before the routing be sure to transfer the data of session variable flash to the response object.
3. Delete the flash session variable.
4. View the flash message.
5. Done! Easy peasy!