Course Recap
You started with a blank terminal and finished with a deployed, full-stack social application. Here is everything you built and the concepts behind each part.
What you built
Section titled “What you built”Bulletin — a community posting board with:
- User registration and login with bcrypt-hashed passwords and JWTs
- A post feed with upvotes and comment counts
- Post creation and deletion (author-only)
- Comments on posts
- User profile pages
- Client-side search and sort
- A React frontend deployed to GitHub Pages
- An Express + SQLite backend deployed to Railway
The 12 modules at a glance
Section titled “The 12 modules at a glance”Part 1 — The Backend
Section titled “Part 1 — The Backend”Module 01 — Getting Started with Node.js
Node.js runs JavaScript outside the browser. The event loop processes I/O without blocking. tsx runs TypeScript directly; tsc compiles for production.
Module 02 — npm, Modules, and the Runtime
npm manages packages. CommonJS (require) and ESM (import) are the two module systems. fs, path, and process are Node’s core built-in modules. dotenv loads environment variables from .env files.
Module 03 — Express and HTTP
Express creates HTTP servers. Routes match a method + path. Route params (/posts/:id) and query strings (?page=2) pass data in URLs. res.json() sends JSON.
Module 04 — Middleware and API Structure
Middleware functions run before route handlers. express.json() parses request bodies. cors() enables cross-origin requests. Routers and controllers separate concerns. Error-handling middleware catches unhandled errors.
Module 05 — SQLite and Data Persistence
SQL is the language for relational databases. better-sqlite3 runs synchronous queries. Schema design defines tables, columns, and relationships. CRUD operations — CREATE, READ, UPDATE, DELETE.
Module 06 — Authentication and Security
bcrypt hashes passwords — one-way, with salt. JWTs carry signed claims without server-side session state. Auth middleware validates tokens and attaches req.user. Helmet sets security headers; rate limiting caps request rates.
Module 07 — Bulletin API Build
The complete REST API: /users/register, /users/login, /posts CRUD, /posts/:id/comments, /posts/:id/upvote, /users/:id. Deployed to Railway.
Part 2 — The Frontend
Section titled “Part 2 — The Frontend”Module 08 — Connecting React to an API
Axios makes HTTP requests from React. Organize API calls in a client file. useEffect with [] fetches on mount. Loading, error, and data are the three states every fetch needs.
Module 09 — Auth in the Frontend
JWTs stored in localStorage are accessible to JavaScript — XSS risk. AuthContext distributes user/token state app-wide. ProtectedRoute redirects unauthenticated users. A 401 axios interceptor handles token expiry globally.
Module 10 — The Feed and Posts
useEffect([id]) re-fetches when the URL param changes. Route params come back as strings — parse with Number(). Optimistic updates increment state immediately and roll back on failure. Immutable updates use { ...obj, field: newValue }.
Module 11 — Comments, Profiles, and Polish
Callback props wire child-to-parent events. Custom hooks (useUpvote) extract shared stateful logic. useMemo caches derived values. Error Boundaries catch render errors. 404 catch-all routes handle bad URLs.
Module 12 — Bulletin Frontend Build and Deploy
VITE_ prefixed env vars are baked in at build time. The 404.html trick fixes React Router on GitHub Pages. npm ci installs reproducibly in CI. GitHub Actions builds and deploys on every push to main.
The architecture in one diagram
Section titled “The architecture in one diagram”┌─────────────────────────────────────┐│ GitHub Pages ││ React + TypeScript + Vite ││ ┌────────────────────────────────┐ ││ │ AuthContext │ React Router │ ││ │ axios client │ useMemo │ ││ │ PostFeed │ PostDetail │ ││ │ useUpvote │ CommentForm │ ││ └────────────────────────────────┘ │└──────────────┬──────────────────────┘ │ HTTPS (JWT in header)┌──────────────▼──────────────────────┐│ Railway ││ Express + TypeScript ││ ┌────────────────────────────────┐ ││ │ Helmet │ Rate Limiter │ ││ │ CORS │ express.json() │ ││ │ Auth middleware (JWT verify) │ ││ │ /users /posts /comments │ ││ └────────────────────────────────┘ ││ better-sqlite3 → bulletin.db │└─────────────────────────────────────┘Key terms from across the course
Section titled “Key terms from across the course”| Term | Module | What it means |
|---|---|---|
| Event loop | 01 | Node’s mechanism for non-blocking I/O |
| Middleware | 04 | Function in the Express request pipeline |
| bcrypt | 06 | Password hashing algorithm with salt |
| JWT | 06 | Signed token encoding user identity |
| Three-state pattern | 08 | loading / error / data for every fetch |
| AuthContext | 09 | React context distributing auth state app-wide |
| ProtectedRoute | 09 | Component that redirects unauthenticated users |
| Optimistic update | 10 | Update UI before server responds; roll back on failure |
| Custom hook | 11 | use-prefixed function that shares stateful logic |
useMemo | 11 | Caches derived values, recomputes on dependency change |
| Content hash | 12 | Filename hash for cache-busting in production builds |
What is next
Section titled “What is next”You have the foundation. Every web application — regardless of framework, language, or scale — is built on the same concepts you learned here: HTTP, authentication, databases, and client-server communication.
The next step is to build something of your own. Pick a problem you care about, start with a simple API and a minimal frontend, and layer in complexity as you need it.
Congratulations on completing Node.js Foundations.