JS-301-NodeServer
  • Introduction
  • js_library
    • Node Server
      • 00 - Intro
        • 01 - Purpose
        • 02 - Back-End Setup
        • 03 - Terms Cheat Sheet
      • 01 - Server Set up
        • 01 - npm packages
        • 02 - Express Intro
        • 03 - Express code
      • 02 - Development Tools
        • 01 - Nodemon Intro
        • 02 - Postman Intro
        • 03 - Postman set up
      • 03 - Routes Intro
        • 01 - Routes intro
        • 02 - Express Router() intro
        • 03 - Challenge 1
        • 04 - Challenge 2
      • 04 - Database Intro
        • 00 - DB Intro and Set up
          • 00 - DB Intro
          • 01 - PostgreSQL Intro
          • 02 - Install
        • 01 - Sequelize Intro
          • 01 - Sequelize intro
          • 02 - Initialize
      • 05 - Model View Controller
        • 01 - MVC
          • 00 - MVC Intro
        • 02 - Models
          • 01 - Intro to Models
          • 02 - Test Model
        • 03 - Controllers
          • 00 - Controllers Intro
          • 01 - Controller Set up
          • 02 - Create Method
          • 03 - req.body()
          • 04 - Crafting the Response
          • 05 - Sending the Response
          • 06 - JSON Response
          • 07 - Error Handling
        • 04 - Conclusion
      • 06 - Tokenization
        • 01 - JWT Intro
          • 01 - JWT intro
        • 02 - User Create
          • 01 - User Create
          • 02 - Refactor
        • 03 - User Token
          • 01 - JWT Package
          • 02 - Adding JWT
          • 03 - ENV
      • 07 - Encryption
        • 01 - bcrypt
        • 02 - bcrypt setup
      • 08 - Session
        • 00 - Session Intro
        • 01 - Sign In Method
        • 02 - Sign In Bcrypt
        • 03 - Sign In JWT
      • 09 - Middleware
        • 01 - Test Client HTML
        • 02 - Test Client JS
        • 03 - Middleware intro
        • 04 - Headers intro
        • 05 - Server Update
        • 06 - Test Post
        • 07 - Test Post Refactor
        • 08 - Post Data
        • 09 - Fetch From One
      • 10 - Authenticated Routes
        • 01 - Intro to Authenticated Routes
        • 02 - Validate Session
        • 03 - Changes to app.js
        • 04 - authtestcontroller.js
        • 05 - Delete an Item
        • 06 - Update an Item
        • 07 - Postman Testing
      • 11 - Authenticated Requests
        • 00 - Additions to index
        • 01 - Anatomy of a Request
        • 02 - Create User
        • 03 - Getting a Token
        • 04 - Get Items From One User
        • 05 - Creating an Item for a User
        • 06 - Get one item
        • 07 - Update an Item
        • 08 - Deleting an Item
        • 09 - Deleting with a Custom Event
      • 12 - Workout Log Server
        • 00 - Intro
      • 13 - More Sequelize Functions
        • Migrations
          • 00 - Intro
          • 01 - init and config
          • 02 - Creating the First Migration
          • 03 - Running Migrations
          • 04 - Reverting Migrations
          • 05 - Seeds
          • 06 - Reverting Seeds
        • Queries
          • 00 - Intro
          • 01 - Queries
Powered by GitBook
On this page
  • Anatomy of the Request
  • Analysis
  • The Important Points:
  1. js_library
  2. Node Server
  3. 11 - Authenticated Requests

01 - Anatomy of a Request

Previous00 - Additions to indexNext02 - Create User

Last updated 7 years ago

In this module, we'll go deeper into discussing the request/response lifecycle and examine how requests interact with our middleware and server.

Anatomy of the Request

It's important to note that there is a lot going on under the hood with requests in general. This complexity is in part to adhere to HTTP protocols and to manage security and traffic between domains. Let's dig in and look underneath the surface a little bit.

When we complete a fetch here, we are kicking off a multi-step process in this request. It goes something like this:

Analysis

  1. When the method fires off, fetch() notifies the browser to send a Pre-Flight from localhost:8080.

  2. The browser fires off an OPTIONS request. OPTIONS is an HTTP verb, like GET, POST, PUT, DELETE. Check on the Postman list; you'll see it there. The OPTIONS verb allows the client to determine the options associated with our server without having to dig in and do data retrieval or deal with resources in the server. It's an intermediary between domains that says, "Hey, will we be able to do this here if we come in?"

  3. The OPTIONS HTTP protocol checks in with the middleware on the server for the request type. Essentially if we fire off a GET request for a certain route from the client, the browser does an initial scan and checks to be sure that the type of request can happen.

  4. If the request type is enabled in the server, specifically the headers, the Pre-Flight OPTIONS response is sent back with the listing of that request type.

  5. If the Pre-Flight OPTIONS request determines that the request is allowed, the fetch() method fires off and the second request for data can be made. Notice the Allow: POST in the Response. These images are just for display purposes only. You don't need to do anything right now.

  6. The fetch() script fires off the second request approved by the Pre-Flight request.

  7. The second request makes it to the server endpoint, which processes the request.

  8. The server sends back a new response.

The Important Points:

  1. Before it sends off the GET or POST request to the server, the browser performs a pre-flight check.

  2. If everything checks out with our Pre-Flight request, the server responds with a 200 OK and fetch() follows with the request/response that has been proclaimed (GET, POST, PUT, etc.), as seen here:

screenshot
screenshot
screenshot
2nd request