This lesson shows you how to create the functions defined in the Todo API specification to create new Todo items when received in HTTP POST methods. You will also see the errors you will get when CORS is not properly configured and how to resolve them by installing the NPM CORS package.
Instructor: [0:01] I've got the Swagger API specification up on my screen. In this lesson, we're going to create the post endpoint that allows us to add a new ToDo. We've defined it in the schema here. Now let's write the code that makes that work.
[0:15] You can see according to the definition that the x-swagger-router-controller is called Add ToDo. The function or the method that it's going to look at in that file is called AddToDo. That's what we're going to create.
[0:28] In the controller's folder, I'll create a new file and it's going to be called Add ToDo.js. I'm going to define my client that's coming from the ES file that we created in our helper's folder, and then export the function. We'll actually create the function itself.
[0:48] It receives a request and response object. Then we're going to create our client that connects to our Elasticsearch database. Specify the index that it's going to use, and the type within the index.
[1:06] Then we're going to specify the ID of the ToDo that we want to add. Elasticsearch will create this ID for you, but for this API, I want to specify that. I wrote that out as request.swagger.params.ToDo.value.ToDo ID. Let's take a look at where that's coming from real quick.
[1:27] In the specification for the post endpoint, I defined that the parameters are going to be found in the body inside of an object name ToDo. If we look at the definition, we see that the incoming object follows our schema definition for ToDo that we defined with the ToDo_ID being passed in.
[1:46] We're calling that saying in the params object, there is a ToDo object and the value of that contains ToDo ID that we want to use as the ID for our new ToDo in Elasticsearch. The body of our ToDo is that same object, and so we can just specify it like that.
[2:09] We then provide a callback, and if there's an error, we're going to write that out to the console. Then we're also going to return to the client an HTTP 409 code, and we'll also send them back the error itself so it can be dealt with client-side of possible.
[2:30] Otherwise, if there's not an error, we're going to again write out to the console that the ToDo has been written to Elasticsearch. If we save that, we can now go back to our Swagger UI, and we can try this operation out.
[2:53] We'll give it our ToDo ID. Fill out the ToDo operation. The author is going to be me. The due date we'll set it as 2016, November 25th, at eight o'clock. It's not been completed. If we send our request, it fails.
[3:14] If I open up the JavaScript console or the Developer Tools console in Chrome, you can see that it failed because the response to the pre-flight request didn't pass the access control check. This is basically the CORS' problem.
[3:28] The Swagger Editor is making requests. They're coming from a different domain, and the server's hosted on. By default that's not allowed. We need to install CORS. You want to do that with "npm install cors," and then I want to save that dependency.
[3:47] Now I can open up the app.js file, require CORS in my code. Then, down here after the Swagger Express is created, we'll just say app.use. For our purposes, we can accept the default CORS parameters, which is the wild-card and accepts anything.
[4:06] We try that again, we don't get the CORS error, so that part worked. Now we get an HTTP 500, an internal server error. Our NS response validation failed, "Invalid Content-Type: text/plain" because we need to send back the proper response header here. We'll set that up. Save that. Increment this again. Send a request.
[4:34] Now, if we just go hit that endpoint, you can see right here to-do ID 1001 is set.