Become a Full Stack Web Developer

Description

The Full Stack Web Developer Nanodegree program's goal is to provide learners with the specialised skills required to create database-backed APIs and web applications. This program's graduates will be able to design and build databases for software applications, as well as create and deploy database-backed web APIs and secure and manage user authentication and access control for an application backend. Students will also learn how to use Docker and Kubernetes to deploy a Flask-based web application to the cloud.

Course 1: SQL and Data Modeling for the Web

Connecting and Interacting with Databases

• Describe and explain the client-server model
• Describe and explain the TCP/IP communication protocol
• Describe and explain the base unit of database work: transactions
• Install the PostgreSQL database management system
• Create and manage Postgres databases with the psql client
• Install the psycopg2 Python+Postgres database driver
• Create and manage Postgres databases using the psycopg2 Python database driver

Intro to SQLAlchemy and SQLAlchemy ORM Basics

• Describe and explain the use cases for an Object Relational Mapping (ORM) library
• Describe and explain the abstraction layers of SQLAlchemy
• Connect to and manage a database using composable SQL expressions
• Define data model objects with Python using SQLAlchemy ORM
• Connect data models to a lightweight Flask web application
• Build data models using different types of data

SQLAlchemy ORM in Depth

• Explore and retrieve data using the SQLAlchemy Model. query object
• Create database sessions for executing database transactions
• Execute database transactions within a connection session
• Describe and explain the SQLAlchemy object lifecycle
• Build a lightweight data app using SQLAlchemy
• Describe and explain the Model-View-Controller (MVC) application architecture
• Retrieve from data from a webform using Flask
• Update data models using data migrations
• Migrate data using Flask-Migrate and Flask-Script
• Define and code relationships between tables and objects using SQLAlchemy
• Implement database methods to query relationships between data models

Build a CRUD App with SQLAlchemy ORM - Part 1

• Use the CRUD (Create, Read, Update, Delete) model to build a small database backed app
• Capture user input from a webform to add and modify data to a database
• Manage data using database sessions in an application controller

Migrations

• Modify a data schema using Flask-Migrate and Alembic
• Write migration scripts to update data schemas using Flask- Script

Build a CRUD App with SQLAlchemy ORM - Part 2

• Update database models using webforms and application routing
• Delete information from a database using SQLAlchemy
• Model and control relationships between different types of data objects
• Implement one-to-many and many-to-many relationships using SQLAlchemy
• Execute complex database queries on related data models

Project: Design a Venue Booking Database

Your first project will involve developing the data models and database for an artist/venue booking application. Fy-yur, a fictitious startup, is developing a website that facilitates bookings between artists who can play at venues and venues who want to book artists.

• Allows venue managers and artists to sign up, fill out their information, and list their availability for shows on this website.
• Allows artists to browse venues where they can perform and see who has been booked at a venue in the past/future.
• Allows a venue manager to search for artists who want to perform in their city and view past/upcoming venues where the artist has performed/will perform.

This project's goal is to create the data models for this booking application. A web app prototype design will be provided. You'll use SQLAlchemy and Postgresql to create the data models that this site will rely on. You'll write both the raw SQL and SQLAlchemy commands that will be used to power the website's backend functionality.

 

Course 2: API Development and Documentation

Introduction to APIs

• Describe and explain the definition and use cases of APIs (Application Programming Interface)
• Describe and explain how APIs are used to connect application front ends to server backends

HTTP and Flask Basics

• Describe and explain the Hypertext Transfer Protocol (HTTP)
• Describe and explain the components of an HTTP request
• Describe and explain the different HTTP methods (verbs)
• Describe and explain HTTP status codes
• Request information from a server using cURL and HTTP requests
• Install the Python Flask micro application framework
• Set up and Configure a Flask application
• Create a Flask endpoint (route)

Endpoints and Payloads

• Structure and Organize API Endpoints
• Describe and explain Cross-Origin Resource Sharing (CORS)
• Manage CORS requests using HTTP headers
• Manage CORS controls using Flask-CORS
• Parse request path and body from an HTTP request
• Implement HTTP POST, PATCH and DELETE methods using Flask
• Handle application errors using Flask

API Testing

• Describe and explain the purpose and benefits of API testing
• Test a REST API using Flask and unittest
• Develop an application iteratively and safely using Test Driven Development (TDD)

API Documentation

• Read and explore API documentation from a number of API developers
• Write effective documentation for your own API

Project: Trivia API

In this project, you will apply your knowledge and skills to create a Trivia API. Users will be able to use the API to: • Search for trivia questions and answers by category and difficulty; • Add new questions; and • Change the difficulty rating of questions. The goal of this project is to control and manage a web application using existing data models using APIs. You will be provided with a set of data models as well as the application front end. Your task will be to implement the API in Flask in order to make the Trivia game work.

 

Course 3: Identity Access Management

Foundations

• Describe and explain the use cases and differences between authorization and authentication
• Describe the problem of security and the risks of unsecured or improperly secured application systems
• Describe different types of security attack
• Inspect requests and responses for an application using Postman

Authentication

• Describe common methods for application authentication
• Explain why passwords are not the ideal method for authentication
• Implement an application authentication layer with Auth0
• Secure API communications using JSON Web Tokens (JWT)

Passwords

• Describe the risks associated with password controlled systems
• Mitigate access risks associated with SQL injection by validating and sanitizing database inputs
• Secure database data in a database using standard encryption practices
• Describe how an attacker can use rainbow tables to gain access to a system
• Improve security of hashed passwords and encrypted data using the ‘salt’ method
• Increase application security by using best practices to avoid logging and serializing sensitive data

Authorization

• Describe the concept of authorization and access control
• Define ‘permissions’ in the context of an application
• Constrain permissions in an application by using role-based access control (RBAC)
• Define permission roles using Auth0
• Identify user permissions and roles from JWTs (JavaScript Web Tokens)

Thinking Adversarially

• Prevent accidental access to privileged information in Git repositories by using environment variables
• Mitigate risks to Git master branch changes by developing in feature branches
• Employ code review as a practice to mitigate security risks
• Test API and authentication practices with integration testing
• Describe common types of adversarial attacks on network systems.

Project: Identity Access Management

In the program's third project, you will create the backend for a coffee shop application. You'll add user accounts and authentication to your app, and you'll use role-based access management strategies to control various types of user behaviour in the app. The application must include the following requirements:

• Show graphics depicting the proportion of ingredients in each drink.
• Make it possible for the general public to see drink names and graphics.
• Allow the recipe information to be viewed by the shop's baristas.
• Allow shop managers to create new drinks and make changes to existing ones.

This project will allow you to practise and demonstrate new skills such as: • implementing authentication and authorization in Flask • designing against key security principles • implementing role-based control design patterns • securing a REST API • applying software system risk and compliance principles

 

Course 4: Server Deployment and Containerization

Containers

• Describe and explain the benefits and use cases for containerized environments
• Install Docker on a local machine
• Define a container environment using a Dockerfile
• Download and launch a Docker container
• Store and share a docker container

Deployment

• Describe and explain container orchestration, how it works and the general use case
• Describe and explain how Kubernetes manages container clusters
• Deploy a Docker container to a Kubernetes cluster using AWS EKS and the AWS command line interface (CLI)
• Manage Kubernetes clusters using the AWS CLI
• Implement Continuous Delivery (CD) and Continuous Integration (CI) with AWS CodePipeline and AWS CodeBuild

Project: Deploy a Flask App to Kubernetes Using EKS

In this project, you will use Docker to create a container for your Flask web app and Amazon EKS to deploy the container to a Kubernetes cluster. By the end of the project, you should have deployed your application to the public internet, where it should be accessible via IP address. You will use automated testing to prevent bad code from being deployed and AWS tools to monitor the performance of your app.

Project: Full Stack Web Developer Nanodegree Program Capstone

In this final capstone project, you will apply everything you've learned and developed in this course to create a database-backed web API with user access control. You will decide which app to create, and then you will design and build all of the API endpoints required for the application, as well as properly secure them for use in any front end application (web or mobile).

 

Show more