In this session we will focus on designing and documenting a REST API on top of the existing Snippets backend. We will refine the resource structure, design consistent error handling and validation rules, describe the API using OpenAPI/Swagger, and use Knex safely with attention to SQL injection. We will also level up Postman usage with collections, environments, secrets, and tests for your endpoints.
- Preparation
- Session Plan (for mentors)
- Assignment
By the end of this session, you will be able to:
- Design RESTful endpoints for the Snippets domain using clear resources, routes, and HTTP methods.
- Describe your API using an OpenAPI/Swagger specification, including parameters, request bodies, responses, and error cases.
- Decide on consistent error models and validation rules for your API and apply them across endpoints.
- Recognise and fix SQL injection issues when working with Knex, using query builder methods safely.
- Configure Postman for advanced backend development:
- Create and organise collections for your Snippets API.
- Set up environments and variables for different backends.
- Manage secrets using the Postman Vault or sensitive variables.
- Create basic test suites to automatically validate key responses.