# Dezvoltare Backend - rute\*

## 1. GET /messages

Din pașii trecuți, metoda GET /messages arată astfel

```
app.get("/messages", (req, res) => {
  connection.query("SELECT * FROM messages", (err, results) => {
    if (err) {
      return res.send(err);
    }

    return res.json({
      messages: results,
    });
  });
});
```

## 2. POST /messages

* Pentru a implementa metoda POST /messages, vom instala și pachetul **body-parser.**   ( npm install ... ).
* Vom utiliza mai multe metode de procesare a body-ului trimis prin metoda POST, așa că vom transmite aplicației express următoarele instrucțiuni

```
// index.js
const bodyParser = require("body-parser");

// for parsing application/json
app.use(bodyParser.json()); 

// for parsing application/xwww-
app.use(bodyParser.urlencoded({ extended: true }));
```

* Inițializăm și metoda POST /messages și aplicăm **metoda mysql.escape()** pe datele primite pentru a proteja baza de date de atacuri de tip injection

```
// index.js
app.post("/messages", (req, res) => {
  const {
    senderName,
    senderMail,
    receiverMail,
    messageContent
  } = req.body;
  
  if (!senderName || !senderMail || !receiverMail || !messageContent ) {
    // send bad request error
    return res.status(400).send("Bad request. Missing parametres.");
  }

  const queryString = `INSERT INTO messages (senderName, senderMail, receiverMail, messageContent) VALUES (${mysql.escape(senderName)}, ${mysql.escape(senderMail)}, ${mysql.escape(receiverMail)}, ${mysql.escape(messageContent)})`;

  connection.query(queryString, (err, results) => {
    if (err) {
      return res.send(err);
    }

    return res.json({
      data: results,
    });
  });
});
```

## \* Crearea unui Express Router

Putem observa dimensiunea fișierului index.js crește considerabil după fiecare nou endpoint pe care îl definim. Desigur, această metodă de definire a endpoint-urilor nu este optimă. Din fericire, NodeJS + Express ne oferă posibilitatea de a organiza rutele cu ajutorul unor **Routere.**

* Creați un director nou in root-ul proiectului, îl vom denumi routers. În interiorul lui, creați fișierul messagesRouter.js
* Cut and Paste funcțiilor app.get() și app.post() din index.js. De asemenea, Cut and Paste importurilor de care avem nevoie (mysql, connection (<mark style="color:red;">**ATENȚIE**</mark> - se va schimba path-ul relativ pentru db.js))
* **Definim routerul** pe care îl vom exporta

```
// messagesRouter.js
const router = express.Router();
```

* **Înlocuim app cu router**. Putem de asemenea să ștergem "/messages", vom preciza calea default a router-ului nostru in index.js
* **Exportăm router-ul** la final

```
// messagesRouter.js
module.exports = router;
```

* Codul până în acest punct cu toate endpoint-urile initiale (GET, GET/id, POST/ PUT/ DELETE) definite

```
// messagesRouter.js
const connection = require("../db.js");
const mysql = require("mysql");
const express = require("express");
const router = express.Router();

router.get("/", (req, res) => {
  connection.query("SELECT * FROM messages", (err, results) => {
    if (err) {
      return res.send(err);
    }

    return res.json({
      messages: results,
    });
  });
});

router.post("/", (req, res) => {
  const { senderName, senderMail, receiverMail, messageContent } = req.body;
  
  if (!senderName || !senderMail || !receiverMail || !messageContent || !language) {
    // send bad request error
    return res.status(400).send("Bad request. Missing parametres.");
  }

  const queryString = `INSERT INTO messages (senderName, senderMail, receiverMail, messageContent) VALUES (${mysql.escape(
    senderName
  )}, ${mysql.escape(senderMail)}, ${mysql.escape(
    receiverMail
  )}, ${mysql.escape(messageContent)})`;

  connection.query(queryString, (err, results) => {
    if (err) {
      return res.send(err);
    }

    return res.json({
      data: results,
    });
  });
});

// Add get by id route
router.get("/:id", (req, res) => {
    const { id } = req.params;
    if (!id) {
        // send bad request error
        return res.status(400).send("Bad request. Missing parametres.");
    }
    const queryString = `SELECT * FROM messages WHERE entryID = ${mysql.escape(id)}`;
    connection.query(queryString, (err, results) => {
        if (err) {
            return res.send(err);
        }
        if (results.length === 0) {
            return res.status(404).send("Message not found.");
        }
        return res.json({
            messages: results,
        });
    }
    );
}
);

// Add delete by id route
router.delete("/:id", (req, res) => {
    const { id } = req.params;
    if (!id) {
        // send bad request error
        return res.status(400).send("Bad request. Missing parametres.");
    }
    const queryString = `DELETE FROM messages WHERE entryID = ${mysql.escape(id)}`;
    connection.query(queryString, (err, results) => {
        if (err) {
            return res.send(err);
        }
        if (results.length === 0) {
            return res.status(404).send("Message not found.");
        }
        return res.json({
            results,
        });
    }
    );
}
);

// Add update by id route
router.put("/:id", (req, res) => {
    const { id } = req.params;
    if (!id) {
        // send bad request error
        return res.status(400).send("Bad request. Missing parametres.");
    }
    const { senderName, senderMail, receiverMail, messageContent } = req.body;
    if (!senderName || !senderMail || !receiverMail || !messageContent) {
        // send bad request error
        return res.status(400).send("Bad request. Missing parametres.");
    }
    const queryString = `UPDATE messages SET senderName = ${mysql.escape(senderName)}, senderMail = ${mysql.escape(senderMail)}, receiverMail = ${mysql.escape(receiverMail)}, messageContent = ${mysql.escape(messageContent)} WHERE entryID = ${mysql.escape(id)}`;
    connection.query(queryString, (err, results) => {
        if (err) {
            return res.send(err);
        }
        if (results.length === 0) {
            return res.status(404).send("Message not found.");
        }
        return res.json({
            results,
        });
    }
    );
}
);


module.exports = router;
```

* În fișierul index.js -> **importam router-ul nou creat și precizăm faptul că app va folosi router-ul nou creat pe ruta /messages**. Codul in index.js până în acest punct - am evidențiat liniile modificate cu un comentariu //look here

```
// index.js
const express = require("express");
const messagesRouter = require("./routers/messagesRouter"); //look here
const bodyParser = require("body-parser");

const app = express();
// for parsing application/json
app.use(bodyParser.json()); 

// for parsing application/xwww-
app.use(bodyParser.urlencoded({ extended: true }));

app.use('/messages', messagesRouter); //and look here too

const port = 8080;
app.listen(port, () => {
  console.log(`Example app listening on port ${port}!`);
});
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://gurita-alexandru.gitbook.io/cloud-computing-2023-simpre/cloudcomputing2022/dezvoltare-backend-rute.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.