Week 05 View Lecture Notes
A work-in-progress blogging application that we will build up in the coming weeks. This application is the perfect platform for us to learn and practice application security fundamentals. This application uses Docker to run a database, API server, and web front-end in 3 separate containers.
We have now added basic user authorization and authentication.
To start the application, run the following command in a terminal: docker-compose up
Use a web browser and navigate to http://localhost:8080 to view the web interface.
This application includes a simple RESTful API that let's us save and retrieve blog posts.
Import the postman configuration in postman-config to easily navigate and test the API endpoints.
- Retrieve an array of all posts.
- Insert a new post.
- Get a single post.
- Update a post.
- Delete a post (using soft delete in this case).
- Search for posts containing certain text
- database
- Contains the Dockerfile and sql scripts to initialize the Postgres container.
- front-end
- Contains the HTML, CSS, and JS files for the web front-end
- server
- Contains the Server API in the form of a Node Express app.
- postman-config
- Contains an exported Postman configuration. Use the
Importfunction in Postman to load this configuration.
- Contains an exported Postman configuration. Use the