Table of Contents

Preface

Part 1 Setting Up Our System

1

Setting Up Our System for Development

Technical requirements

Aiming for fast development

Auto-formatting the code

Linting the code

Testing the code

Setting up our system

Managing the code

Rebasing rather than merging

Installing Python for backend development

Formatting the code

Linting the code

Testing the code

Scripting the commands

Installing NodeJS for frontend development

Formatting the code

Linting the code

Testing the code

Analyzing the bundle

Scripting the commands

Installing Terraform for infrastructure development

Managing secrets

Formatting, linting, and testing the code

Installing PostgreSQL for database development

Adopting a collaborative development process using GitHub

Adding continuous integration

Adding CI for the infrastructure code

Adding CI for the backend code

Adding CI for the frontend code

Summary

Further reading

Part 2 Building a To-Do App

2

Creating a Reusable Backend with Quart

Technical requirements

Creating a basic Quart app

Testing the ping route

Using blueprints for clearer code

Configuring the app

Ensuring error responses are JSON

Including user accounts

Securely storing passwords

Ensuring passwords are strong

Allowing password-less authentication

Protecting the app

Adding rate limiting

Ensuring all routes have rate limits

Adding request and response validation

Connecting to the database

Sending emails

Rendering emails

Sending emails

Testing that emails are sent

Summary

Further reading

3

Building the API

Technical requirements

Creating the database schema and models

Creating the member schema and model

Creating the to-do schema and model

Running the first migration

Adding test and development data

Building the session API

Creating the blueprint

Adding login functionality

Adding logout functionality

Adding status functionality

Testing the routes

Building the member API

Creating the members blueprint

Creating a member

Confirming the email address

Changing passwords

Requesting a password reset

Resetting the password

Testing the routes

Building the To-Do API

Creating the blueprint

Creating a to-do

Reading a to-do

Reading the to-dos

Updating a to-do

Deleting a to-do

Testing the routes

Summary

Further reading

4

Creating a Reusable Frontend with React

Technical requirements

Enhancing the basic React app

Styling the app

Adding page titles

Adding an authentication context

Adding routing

Requiring authentication

Resetting scrolling on navigation

Enabling data entry

Implementing a styled checkbox field

Implementing a styled date field

Implementing a styled email field

Implementing a styled text field

Implementing a styled password field

Implementing a styled password strength field

Implementing styled form actions

Managing the app state

Communicating with the backend

Supporting toast feedback

Summary

Further reading

5

Building the Single-Page App

Technical requirements

Adding navigation

Adding user authentication pages

Registration

Email confirmation

Logging in

Adding password management pages

Changing a password

Forgotten passwords

Resetting a password

Adding to-do pages

Showing to-dos

Creating to-dos

Editing to-dos

Summary

Further reading

Part 3 Releasing a Production-Ready App

6

Deploying and Monitoring Your Application

Technical requirements

Making the app production-ready

Serving the frontend

Serving the backend

Containerizing the app

Deploying to AWS

Designing the production system

Setting up the networking

Adding a database

Running the cluster

Adding continuous deployment

Serving on a domain

Securing the connection

Sending production emails

Monitoring production

Monitoring the backend

Monitoring the frontend

Displaying an error page

Summary

7

Securing and Packaging the App

Technical requirements

Securing the app

Adding secure headers

Protecting against account enumeration

Protecting against spam accounts

Updating packages

Periodically checking for vulnerabilities

A system for monthly updates

Adding multifactor authentication

Updating the database and models

Activating MFA

Logging in with MFA

Recovering and inactivating MFA

Converting to a Progressive Web App

Summary

Further reading

Index

Other Books You May Enjoy