Zurita Jose Matias Zurita Jose Matias
Home Stats
TypeScript Express MongoDB JWT Middleware Pattern Hexagonal Architecture

Implementing User Statistics in gzapi: A Data-Driven API Approach

In the gzapi project, a recent enhancement focused on introducing comprehensive user statistics. This feature is crucial for understanding user engagement and system performance, providing valuable insights into how users interact with the application. This post details the conceptual journey of building a robust and secure user statistics endpoint using TypeScript, Express, and MongoDB.

Step 1: Designing the Statistics Data Model

Before building the API, the first step involved conceptualizing what 'user statistics' truly means for gzapi. This requires defining the data points to collect and how they will be stored in MongoDB. For instance, tracking metrics like active sessions, content interactions, or registration counts necessitates a flexible schema.

Consider a simple data structure for recording user activity:

interface UserActivity {
  userId: string;
  timestamp: Date;
  eventType: 'login' | 'logout' | 'content_view' | 'api_call';
  details?: Record<string, any>;
}

// In MongoDB, this might be stored in a 'user_activities' collection.
// Aggregation queries would then derive statistics like 'daily active users'.

Step 2: Implementing Authentication Middleware

Access to sensitive user statistics must be restricted. This is where the Middleware Pattern, coupled with JWT (JSON Web Tokens), becomes essential. An Express middleware can intercept requests to the statistics endpoint, validate the JWT, and ensure the requesting user has the appropriate permissions (e.g., admin role).

import { Request, Response, NextFunction } from 'express';
import jwt from 'jsonwebtoken';

interface AuthenticatedRequest extends Request {
  user?: { id: string; role: string; };
}

export const authenticateJWT = (req: AuthenticatedRequest, res: Response, next: NextFunction) => {
  const authHeader = req.headers.authorization;

  if (authHeader) {
    const token = authHeader.split(' ')[1];
    jwt.verify(token, process.env.JWT_SECRET as string, (err, user) => {
      if (err) {
        return res.sendStatus(403); // Forbidden
      }
      req.user = user as { id: string; role: string; };
      next();
    });
  } else {
    res.sendStatus(401); // Unauthorized
  }
};

This authenticateJWT middleware would be applied to the statistics routes, ensuring only authorized requests proceed.

Step 3: Creating the Statistics Controller

With data models and security in place, the next step is to define the Express controller responsible for handling incoming requests to the /stats/user endpoint. This controller orchestrates the fetching and aggregation of data, delegating complex logic to a dedicated service layer.

import { Request, Response } from 'express';
import { getUserStatsService } from '../services/stats.service';

export const getUserStatistics = async (req: Request, res: Response) => {
  try {
    // Assuming a 'role' check if only certain roles can view stats
    // if (req.user?.role !== 'admin') { return res.sendStatus(403); }

    const userStats = await getUserStatsService();
    res.json(userStats);
  } catch (error) {
    console.error('Failed to retrieve user stats:', error);
    res.status(500).send('Internal Server Error');
  }
};

Step 4: Accessing Data with a Service Layer

Following principles of Hexagonal Architecture, a dedicated service layer encapsulates the business logic for retrieving and processing user statistics. This service would interact directly with MongoDB, performing aggregations to compile the requested statistics. Separating this logic keeps controllers clean and makes the application more testable and maintainable.

import { Collection, Db } from 'mongodb';

// In a real application, 'db' would be injected or obtained from a connection pool
declare const db: Db; 

export const getUserStatsService = async (): Promise<any> => {
  const userActivities: Collection<UserActivity> = db.collection('user_activities');

  const totalUsers = await userActivities.distinct('userId').then(users => users.length);
  const recentActivities = await userActivities.countDocuments({
    timestamp: { $gte: new Date(Date.now() - 24 * 60 * 60 * 1000) } // Last 24 hours
  });

  return {
    totalUsers,
    recentActivities,
    // ... other aggregated stats
  };
};

Results

By following this structured approach, gzapi gains a secure, maintainable, and scalable endpoint for user statistics. The separation of concerns, from data modeling to authentication and business logic, ensures that the feature can evolve independently and be easily debugged.

Next Steps

Consider adding caching mechanisms for frequently accessed statistics to reduce database load, and explore more advanced MongoDB aggregation pipelines for deeper analytical insights into user behavior.

Generated with Gitvlg.com

Implementing User Statistics in gzapi: A Data-Driven API Approach
Zurita Jose Matias

Zurita Jose Matias

Author

Share:

Related Posts

Gaining Clarity: Integrating User Statistics into Our Backend

TypeScript Express +3

Building Resilient Applications: Adapting to Diverse OS and Agent Environments

TypeScript Hexagonal Architecture +1

Beyond Local: Mastering Environment Scope and API Timeouts in gzapi

TypeScript API Development +2
Back to all posts