
Creating REST API in Node.js with Express and MySQL 🧩 - patelpankaj
https://time2hack.com/2019/09/creating-rest-api-in-node-js-with-express-and-mysql/
======
throwaway_bad
I think there's an sql injection in your /settings route. feed-query also
looks extremely sketchy too. In general never build queries with javascript
template strings from unsanitized user input.

~~~
patelpankaj
Yes, totally agree with you about the SQL injection; though if you have
noticed, there is no SETTINGS table there. I had left it like this to show the
example cases rather than making it a full-fledged solution.

The goal was to demonstrate the creation of REST APIs with Node.js, Express,
and MySQL; I am pretty sure there are so many packages out there to
efficiently generate the query for MySQL engine.

By keeping things more crude, the reader who is willing to try it out will get
a better idea of what is going on, rather than plugins taking care of it.

------
patelpankaj
What were your initial challenges when creating REST API with Node.js?

