Building a Complete REST API with Node.js, Express, TypeScript & MongoDB Quiz

Assess your understanding of backend development concepts including project setup, RESTful organization, TypeScript use, MongoDB integration, and secure authentication with JWT. Test your knowledge of best practices for scalable and maintainable APIs.

1. Project Initialization and Dependencies

   Which combination of commands correctly initializes a REST API project using TypeScript and installs essential dependencies for Node.js, Express, MongoDB, and JWT authentication?

   1. npm init -y && npm install express mongoose bcrypt jsonwebtoken dotenv cors && npm install --save-dev typescript ts-node @types/express @types/mongoose @types/bcrypt @types/jsonwebtoken @types/cors nodemon
   2. yarn create app && yarn add node express mongo jwt && yarn add --dev typescript tsc
   3. npm start && npm install express typescript mongo && npm install --save-dev bcrypt jwt dotenv
   4. npx create-react-app api-server && npm install --save mongoose express typescript nodemon

   Explanation: The correct command sequence initializes a Node.js project and installs both runtime and development dependencies, including Express, Mongoose, JWT, TypeScript, and their types. The other options lack parts of the command, misuse package managers, or include unrelated client setup steps.

2. TypeScript Configuration

   What is the main benefit of configuring the 'rootDir' and 'outDir' fields in the TypeScript 'tsconfig.json' for a backend project?

   1. They set up automated deployment pipelines and database indexing.
   2. They organize source and build files by separating TypeScript source code from the transpiled JavaScript output.
   3. They increase JavaScript execution speed by optimizing runtime.
   4. They ensure environment variables are automatically encrypted at runtime.

   Explanation: Setting 'rootDir' and 'outDir' allows you to keep your TypeScript code in one folder and the compiled JavaScript in another, improving maintainability. The other choices are unrelated: TypeScript configuration does not optimize runtime speed, set up deployments, or encrypt variables.

3. RESTful Routing Principles

   Which approach best adheres to RESTful routing principles when structuring user-related API endpoints?

   1. Using a single endpoint like '/api/userAction' for all user operations with query parameters
   2. Managing all actions under '/users' with POST requests only
   3. Directly creating database queries from HTTP headers to endpoints
   4. Grouping endpoints like '/api/users', '/api/users/:id', '/api/auth/login', and '/api/auth/register'

   Explanation: RESTful routing separates resources and actions into logical, meaningful routes. The correct option reflects clear separation of user management and authentication. Combining all actions in one endpoint or using only POST methods does not follow RESTful conventions. Using HTTP headers directly to build queries is insecure and not standard.

4. MongoDB Connection Management

   Why is it recommended to make a database connection inside a dedicated module and initiate the server only after establishing this connection?

   1. Because initializing the database after the server starts improves query speed during testing.
   2. To ensure the server only starts if the database is available, preventing runtime errors from failed connections.
   3. To allow database credentials to be hardcoded directly within route handlers for easier debugging.
   4. To automatically enable TypeScript static type checking on MongoDB collections at runtime.

   Explanation: Connecting to the database before starting the server ensures stability and prevents the application from serving requests when the database is unreachable. Hardcoding credentials is insecure, and the other options do not reflect best practices or capabilities of MongoDB with TypeScript.

5. JWT-Based Authentication

   What is the primary role of JWT (JSON Web Token) in securing REST API endpoints?

   1. To provide automatic database backups during user sessions
   2. To generate unique API routes for every logged-in user session
   3. To store user passwords in token payloads for future verification
   4. To enable stateless authentication by transmitting encrypted tokens between client and server after login

   Explanation: JWTs are used for stateless authentication, allowing servers to verify users without keeping session state. Database backups are unrelated, and unique user-specific routes or password storage in tokens are insecure and not the purpose of JWT.