Join the Conversation!
Subscribing gives you access to the comments so you can share your ideas, ask questions, and connect with others.
Subscriptions
Loading...
Loading...
0 Comments
"Please login to view comments"
Upgrade your account
"Please login to view comments"
Subscribing gives you access to the comments so you can share your ideas, ask questions, and connect with others.
By logging in, you'll unlock full access to this and other free tutorials on JSM Pro.
Why? Logging in lets us personalize your learning experience, track your progress, and keep you in the loop with new workshops, coding tips, and platform updates.
You'll also be the first to know about upcoming launches, events, and exclusive discounts.
No spam—just helpful content to level up your skills.
If that sounds fair, go ahead and log in to continue →
Enter your name and email to get instant access
##Looks like we found a thief monkey By the way, I liked the trick how you reached till here. You have a good sense of humor. You will improve a lot if you join our course with this passion.
var (function-scoped, outdated)let (block-scoped, modern and recommended)const (block-scoped, cannot be reassigned)_, or $let let = 5; is invalid)myVar and myvar are different)string, number, boolean, null, undefined, bigint, symbolObjects, Arrays, Functions
Subscribing gives you access to a brief, insightful summary of each lecture to stay on track.
00:00:02 Let's start with the most important part of our API, creating subscriptions and tracking them and canceling them.
00:00:10 We'll do that by creating a new file in the controllers folder, which I'll call subscription dot controller Within here,
00:00:21 we can create a new function, exportConstCreateSubscription, which will get access to a request, a response, and next.
00:00:30 And we'll open up a try and catch block.
00:00:33 In the catch, we'll get the error and we will simply pass it over to the next middleware.
00:00:40 And in the try block, we can create a new subscription by making it equal to a weight.
00:00:46 subscription with a capital S because this is referring to a subscription model, dot create.
00:00:52 And then we can pass in an object of the subscription details we want to create where we will spread the entire request.body,
00:01:00 meaning everything that the user passes into this call.
00:01:04 as well as user is set to rec.user.underscoreid, because we have to know which user is trying to create this subscription.
00:01:15 And this rec user is not a part of the rec body, because it's coming from the auth middleware that we put before creating any subscription.
00:01:24 To do that, we have to go over to subscription routes, and where we have create subscription, we have to call the authorize function right here one step
00:01:33 before it.
00:01:34 This will populate the request.user with the user information that's currently logged in.
00:01:39 And if they're not logged in, they won't be able to create a subscription.
00:01:42 This is a very simple thing to do, but not everybody does it.
00:01:46 You should always validate your request with necessary authorization procedure before creating any kind of document in your application.
00:01:54 And I've explained all of that in detail in my ultimate Next.js course, where we write type safe and secure API endpoints.
00:02:03 You can see just how many validations we have, and each lesson has its own GitHub commit, so you can track the code.
00:02:08 So, after watching this course, if you want to go from being a backend developer into being full stack, Next.js is your best bet.
00:02:15 With that in mind, once we create the subscription, if the user is authorized, let's just return a rest.status of 201, which means created.
00:02:25 And we can also pass in an object where success property will be set to true, as well as data will be set to be the subscription that was just created.
00:02:36 Now we can get back to the subscription routes, and instead of simply saying, title create subscription, after calling authorize,
00:02:44 here we can call create subscription, coming from controllers subscription.controller.js.
00:02:52 So let's test it out.
00:02:53 I'll go to my HTTP client, and I'll head over to API v1, not users, but subscriptions.
00:03:02 Once again, make sure that your authorization header is right here, but it is possible that it will be expired if some time has passed.
00:03:10 So if that is the case, you'll have to log in once again and then add it here, just to simulate the fact that you're logged in.
00:03:15 After that, we can change this to a POST request, and we have to fill in the post body.
00:03:20 We have to fill it in with all the necessary information, such as the name of the subscription, like Netflix Premium, the price,
00:03:29 $15.99, with a currency of USD, frequency of monthly, category of entertainment, I believe we used lowercase characters,
00:03:37 and for the start date, you can put any date in the past, feel free to copy what I have right here, 2024-02-01, and I'm not sure if you need these additional
00:03:47 characters as well.
00:03:47 Below this lesson, or maybe in a GitHub Readme, I might include this entire post body just to make sure that you don't have any issues with the validation
00:03:55 while trying to create it.
00:03:56 It looks like we got connection refused, which typically means our server is down, and it is because our subscription create has to be awaited,
00:04:04 and I forgot to provide async right here at the top.
00:04:08 So if we fix it, we're back on track.
00:04:10 Our subscription tracker is running on localhost 5000 and our database is connected as well.
00:04:16 So let's retry that request.
00:04:17 Transaction in progress.
00:04:19 And there we go.
00:04:20 201 created, success true, and we got the data for this newly created subscription.
00:04:27 Beautiful.
00:04:28 And as before, this route is completely authorized.
00:04:31 So if you copy this auth token for a second and remove it and try to create a subscription without the auth token, you'll get 401 unauthorized.
00:04:41 So let's make sure that we have it here.
00:04:43 Now, let's create another controller that'll give us all subscriptions created by a user, just so we can be sure that we have indeed created a subscription.
00:04:51 We can do that by saying export const getUserSubscriptions, which will be equal to an asynchronous function, where we get the request,
00:05:00 the response, and the next.
00:05:02 In the try block, we can do something, but in the catch block, we get the error, and we can simply forward it over to our error handling middleware.
00:05:13 And in the try, we can check if rec.user.id is not equal to the rec.params.id.
00:05:22 What does this mean?
00:05:23 Well, this means check if the user is the same as the one in the token.
00:05:29 So if the currently logged in user is trying to get its own subscriptions, if we're trying to get it for somebody else, it should not work.
00:05:36 So we can create a new error.
00:05:39 by saying new error, you are not the owner of this account.
00:05:45 We can also set the status code of 401, unauthorized, and throw the error.
00:05:50 But if we are the rightful owner, then we can get all the subscriptions by saying const subscriptions is equal to await subscription.find where the user
00:06:02 is equal to rec.params.id.
00:06:05 And finally, we can return them by saying res.status of 200. That JSON success is true and data is equal to the fetch subscriptions.
00:06:17 So if we head back over to routes where we are trying to get the user subscriptions, which is this one right here, we can now also run authorize right
00:06:26 here and then call the get user subscriptions.
00:06:29 Make sure to import it at the top as well.
00:06:31 So the only thing we have to do to test it out is get our currently logged in user ID.
00:06:37 We can get it if we go to API v1 users, and this will give us our ID.
00:06:43 So copy it, and then modify the URL to API v1 subscriptions, forward slash user, forward slash, and then pass that ID.
00:06:52 Now make a GET request.
00:06:55 And you'll be able to see success true in data, which is consisted of an array of all of the currently active subscriptions.
00:07:02 There is only one, so we can see it.
00:07:04 And the pretty cool part is that we had the start date, but as you can see, the renewal date has been automatically calculated for us based on that math
00:07:13 function that we added that was executed once this document was created.
00:07:17 Now, you could totally go ahead and continue implementing the rest of these controllers.
00:07:21 You already know the drill.
00:07:23 You have to create a controller and hook it up to the route.
00:07:26 You can do it on your own for the get all subscriptions as well as get subscription details.
00:07:31 Try doing your best of implementing it.
00:07:34 But later on, we might implement some of these together.
00:07:36 But for now, let's move to the most interesting part of this project, and that is triggering email reminders to let us know that the subscription renewal
00:07:45 date is coming so we can turn off our subscription on time.
00:07:50 Let's do that next.