Study Path Agent Study Path Agent
Generate Your Own
js api diff methods and way to write it
63 topics across 6 chapters
Chapter 1
HTTP & REST fundamentals (what APIs are doing under the hood)
1
URL anatomy: paths, query parameters, encoding
2
Headers & content types (Accept, Content-Type, Authorization)
3
HTTP methods (what they mean + when to use)
5 subtopics
4
GET: read data, query params, idempotent & safe semantics
5
POST: create actions/resources, request body, 201 + Location header
6
PUT vs PATCH: full replace vs partial update; idempotency differences
7
DELETE: deleting resources, 204 responses, soft-delete patterns
8
OPTIONS: capabilities + CORS preflight (why it happens)
9
Status codes + caching basics (200/201/204, 400/401/403/404/409, 500; Cache-Control, ETag)
Chapter 2
JavaScript: making API requests (browser/client)
10
Async/await & Promises for API calls (chaining, parallel, race)
11
Sending data formats: JSON, FormData, URLSearchParams, multipart
12
Using fetch() (modern standard)
4 subtopics
13
fetch GET example: query params, headers, parsing JSON
14
fetch POST JSON example: body, Content-Type, handling 201/400
15
AbortController: cancel requests + implement timeouts with fetch
16
Uploads/downloads with fetch: blobs/streams; progress limitations & workarounds
17
Using Axios (popular library)
4 subtopics
18
Axios GET/POST patterns: params, data, headers, baseURL
19
Axios interceptors: auth header injection, refresh-token flows, global error handling
20
Canceling Axios requests (AbortController/cancel patterns)
21
Files with Axios: multipart/form-data uploads + blob downloads
22
XMLHttpRequest (legacy) and when you still see it
23
CORS & browser security model (same-origin, credentials, preflight)
Chapter 3
Handling responses, errors, and common API patterns
24
Parsing responses (JSON/text/blob/stream) and response shapes
3 subtopics
25
response.json() pitfalls: empty bodies, 204, invalid JSON, big payloads
26
Non-JSON responses: text(), blob(), arrayBuffer() and content-type checks
27
Large responses: streaming basics and memory considerations
Status codes + caching basics (200/201/204, 400/401/403/404/409, 500; Cache-Control, ETag) (see Chapter 1)
28
Error handling patterns: network errors vs HTTP errors; normalize error objects
29
Retries/backoff + rate limits: 429 handling, jitter, circuit breakers (basics)
30
Common API patterns: pagination, filtering, sorting, cursor vs offset
Chapter 4
Authentication & security for APIs (client-side perspective)
31
API keys & Basic auth: how to send them; why not to expose secrets in frontend
32
Bearer tokens & JWT basics: headers, expiry, refresh vs re-login
33
OAuth 2.0 + PKCE (SPA/mobile-friendly flow) at a high level
34
Token storage choices: HttpOnly cookies vs localStorage; trade-offs
35
CSRF, SameSite cookies, and when CSRF protection is needed
CORS & browser security model (same-origin, credentials, preflight) (see Chapter 2)
Chapter 5
Building APIs with Node.js (server-side)
36
Express/Fastify setup & project structure
3 subtopics
37
Initialize server project: npm, TypeScript optional, folder layout
38
Create a health endpoint + run locally (port, basic handler)
39
Environment configuration: dotenv, config separation, secrets handling
40
Routing & controllers (designing endpoints)
3 subtopics
41
RESTful route design: nouns, nesting, avoiding action verbs in URLs
42
Request parsing: JSON bodies, multipart, limits, and size validation
43
Consistent responses: envelope vs raw, error shape, setting status codes
44
Implement CRUD endpoints mapping to HTTP methods + consistent status codes
45
Validation & schemas for request/response
2 subtopics
46
Validation with Zod/Joi/etc.: schemas for params/body/query
47
Validation errors: return 400 with useful messages (don’t leak internals)
48
Middleware essentials: auth, logging, error middleware, request IDs
49
Database integration basics: connection, queries, avoiding SQL injection (high level)
50
API documentation: OpenAPI/Swagger, examples, keeping docs in sync
Chapter 6
Testing, debugging, and best practices
51
Testing server APIs: integration tests with supertest (or similar)
52
Testing API clients: mocking with MSW (or similar)
53
Mocking & stubbing: fake timers, deterministic tests, fixtures
54
Debugging: DevTools Network tab, server logs, correlation IDs
55
Performance & security checklist: input limits, authz checks, rate limiting, HTTPS
56
API versioning & backwards compatibility: /v1, headers, deprecation strategy
API documentation: OpenAPI/Swagger, examples, keeping docs in sync (see Chapter 5)

Want a personalized study path for any topic?

Generate Your Own Study Path