Introduction to NodeJS
What is Node.js?
Node.js as a JavaScript runtime built on V8 — running JavaScript outside the browser for the first time.
The event loop and the non-blocking I/O model: why Node.js handles thousands of concurrent connections efficiently.
Node.js vs browser JavaScript: what is available (fs, http, process) and what is not (window, document).
Installing Node.js with nvm (Node Version Manager) and understanding LTS vs Current releases.
Start
CommonJS and ES Modules
Node.js's module system: require() and module.exports in CommonJS.
ES Modules (ESM) in Node.js: import/export, the .mjs extension, and the "type": "module" package flag.
The module resolution algorithm: how Node finds files, folders, and node_modules packages.
Built-in core modules: path, os, url, and util — and when to reach for them.
Start
The File System Module
Reading and writing files with fs.readFile, fs.writeFile, and their synchronous counterparts.
Streaming large files with fs.createReadStream and fs.createWriteStream to avoid loading everything into memory.
Working with directories: fs.mkdir, fs.readdir, fs.rename, fs.unlink, and recursive operations.
The fs/promises API and using async/await for clean asynchronous file operations.
Practical project: a script that reads a directory, processes each file, and writes a summary report.
Start
Asynchronous Patterns in Node.js
Callbacks and callback hell — why they were the original Node.js pattern and why they are now avoided.
Promisifying callback-based APIs with util.promisify.
async/await as the modern standard for asynchronous Node.js code.
Error-first callbacks vs promise rejections vs thrown errors — handling errors consistently.
The EventEmitter class: publish/subscribe in Node.js for custom events.
Start
npm and package.json
What npm is: the package registry and the CLI tool for managing dependencies.
The package.json file: name, version, scripts, dependencies, and devDependencies.
Installing packages: npm install, --save-dev, and the difference between local and global installs.
The package-lock.json and why it should be committed to version control.
Running scripts with npm run: start, dev, build, test, and custom scripts.
Semantic versioning (semver): major, minor, patch, and what ^ and ~ mean.
Start
Building an HTTP Server
Creating a basic HTTP server with Node's built-in http module: request, response, status codes, and headers.
Routing requests manually: parsing the URL and method to return different responses.
Parsing request bodies: JSON payloads and URL-encoded form data.
The limitations of the raw http module and why frameworks like Express exist.
Serving static files from the file system over HTTP.
Start
Express.js
Express as a minimal web framework: installing it and creating a first app.
Defining routes: app.get, app.post, app.put, app.delete, and the router object for grouping.
Route parameters (:id), query strings, and reading the request body with express.json().
Middleware: what it is, the next() function, and the order in which middleware runs.
Built-in and third-party middleware: express.static, cors, morgan (logging), and helmet (security headers).
Start
REST API Design
REST principles: statelessness, resources, uniform interface, and the role of HTTP verbs and status codes.
Designing resource-based URLs: /users, /users/:id, /users/:id/posts.
HTTP status codes for REST: 200, 201, 204, 400, 401, 403, 404, 409, and 500.
Request and response shapes: consistent JSON structures, error envelopes, and pagination.
Building a fully RESTful CRUD API for a resource (tasks or products) in Express.
Start
Working with Databases
An overview of database options for Node.js: PostgreSQL, MySQL (relational) and MongoDB (document).
Connecting to PostgreSQL with the pg library: queries, parameterised statements to prevent SQL injection, and connection pooling.
An introduction to MongoDB with Mongoose: schemas, models, and CRUD operations.
Environment variables for database credentials using dotenv.
Choosing between SQL and NoSQL for different use cases.
Start
Authentication and Security
Password hashing with bcrypt: why plaintext passwords are never stored and how salting works.
JSON Web Tokens (JWT): structure (header.payload.signature), signing with jsonwebtoken, and verifying on protected routes.
Building an authentication middleware: extracting the token from the Authorization header and attaching the user to the request.
Common security vulnerabilities in Node.js apps: SQL injection, NoSQL injection, XSS via headers, and rate limiting with express-rate-limit.
Start
Testing Node.js APIs
Unit testing pure functions and services with Jest or Vitest.
Integration testing HTTP endpoints with Supertest: making real HTTP requests against the Express app in memory.
Mocking database calls and external services.
Test structure: describe/it blocks, beforeEach/afterEach hooks, and expect matchers.
Code coverage reports and what a realistic coverage target looks like.
Start
Environment Configuration
Managing configuration across environments (development, test, production) with dotenv and environment variables.
Process management in production with PM2: clustering, auto-restart on crash, and log management.
Containerising a Node.js app with Docker: writing a Dockerfile, building an image, and running a container.
Deploying to a cloud platform: Railway, Render, or a Linux VPS — connecting environment variables and a managed database.
Structured logging with a library like pino for production observability.
Start
Real-Time with WebSockets
The limitations of HTTP request/response for live features: chat, notifications, and live dashboards.
WebSockets: the handshake, the persistent connection, and the ws Node.js library.
Socket.IO as a higher-level abstraction: rooms, namespaces, broadcasting, and reconnection handling.
Building a real-time feature: a live chat room or a collaborative to-do list.
Scaling WebSockets: sticky sessions, Redis pub/sub for multi-instance deployments.
Start
Capstone: Full-Stack JavaScript API
Building a production-ready REST API from scratch: Express + PostgreSQL + JWT authentication + file upload.
Connecting the API to the React frontend built in the React course: CORS, environment-based API URLs, and shared types.
CI/CD pipeline with GitHub Actions: lint, test, and deploy on every push to main.
A review of the complete full-stack JavaScript developer toolkit: HTML → CSS → JS → React → Redux → Node.js → Git → CLI → Agile → DSA.
Start