Week 2

In this session we will focus on designing and documenting a REST API on top of the existing Snippets backend. We will refine the resource structure, design consistent error handling and validation rules, describe the API using OpenAPI/Swagger, and use Knex safely with attention to SQL injection. We will also level up Postman usage with collections, environments, secrets, and tests for your endpoints.

Contents

• Preparation

• Session Plan (for mentors)

• Assignment

Session Learning goals

By the end of this session, you will be able to:

• Design RESTful endpoints for the Snippets domain using clear resources, routes, and HTTP methods.

• Describe your API using an OpenAPI/Swagger specification, including parameters, request bodies, responses, and error cases.

• Decide on consistent error models and validation rules for your API and apply them across endpoints.

• Recognise and fix SQL injection issues when working with Knex, using query builder methods safely.

• Configure Postman for advanced backend development:

  • Create and organise collections for your Snippets API.

  • Set up environments and variables for different backends.

  • Manage secrets using the Postman Vault or sensitive variables.

  • Create basic test suites to automatically validate key responses.