CoachnestCoachnest
Sign InGet Started
Back to course

Mastering CRUD: Build Full-Stack Database Applications

…
—
Contents
1

What Is CRUD and Why It Matters

Reading12mFree
2

CRUD, REST, and HTTP Verbs

Reading14mFree
3

The Data Lifecycle of a Record

Reading11m
4

Course Project Tour: TaskFlow

Video9m
5

Chapter 1 — Quiz

Quiz8m
6

Tables, Rows, Columns & Types

Reading14m
7

Primary Keys & IDs (Auto-increment vs UUID)

Reading13m
8

Relationships: One-to-Many & Many-to-Many

Reading16m
9

Normalization & Schema Design Principles

Reading14m
10

Modeling TaskFlow with Prisma

Reading13m
11

Chapter 2 — Quiz

Quiz8m
12

INSERT — Creating Rows

Reading13m
13

SELECT — Reading & Filtering

Reading16m
14

UPDATE — Changing Rows Safely

Reading12m
15

DELETE — Removing Rows

Reading11m
16

Live SQL: A Full CRUD Session

Video15m
17

Chapter 3 — Quiz

Quiz9m
18

REST API Design for CRUD Resources

Reading14m
19

HTTP Status Codes That Tell the Truth

Reading12m
20

Scaffolding the API (Express & Next.js)

Reading16m
21

Connecting an ORM (Prisma) to Your Routes

Reading13m
22

Chapter 4 — Quiz

Quiz8m
23

Building the Create Endpoint End-to-End

Reading15m
24

Reading a Single Resource

Reading11m
25

Listing Collections

Reading13m
26

Live Coding: Create & Read

Video16m
27

Chapter 5 — Quiz

Quiz8m
28

PUT vs PATCH: Full vs Partial Updates

Reading13m
29

Authorization: Who Can Change This Row?

Reading12m
30

Soft Delete, Hard Delete & Restore

Reading14m
31

Idempotency & Concurrency Control

Reading13m
32

Chapter 6 — Quiz

Quiz9m
33

Input Validation with Zod

Reading14m
34

Mass Assignment & Over-Posting

Reading11m
35

SQL Injection & Safe Queries

Reading13m

Consistent Error Handling

Reading12m
37

Chapter 7 — Quiz

Quiz9m
38

Offset vs Cursor Pagination

Reading15m
39

Filtering & Dynamic WHERE Clauses

Reading13m
40

Safe Sorting & Full-Text Search

Reading14m
41

Indexing for Fast Reads

Reading13m
42

Chapter 8 — Quiz

Quiz9m
43

Forms & Creating Records from the UI

Reading14m
44

Fetching & Displaying Data

Reading13m
45

Optimistic Updates & Deletes

Reading14m
46

Building the TaskFlow UI

Video17m
47

Chapter 9 — Quiz

Quiz8m
48

Transactions & Data Integrity

Reading15m
49

Testing Your CRUD Endpoints

Reading14m
50

Caching, N+1 & Performance

Reading13m
51

Deploying & Migrating Safely

Reading14m
52

Chapter 10 — Final Quiz

Quiz10m
←→navigate lessons
Chapter 7 of 10·Chapter 7 — Validation, Errors & Security
Lesson 36 of 52Reading12 min

Consistent Error Handling

Consistent Error Handling¶

A CRUD API that returns errors inconsistently is miserable to consume. Standardize the shape and centralize the logic.

One Error Shape¶

json
7 lines
1{
2  "error": {
3    "code": "VALIDATION_FAILED",
4    "message": "Title is required",
5    "details": { "title": ["Title is required"] }
6  }
7}

Every error, everywhere, looks like this. Clients write one error handler instead of ten.

A Central Error Helper¶

ts
16 lines
1export class ApiError extends Error {
2  constructor(public status: number, public code: string, message: string) {
3    super(message);
4  }
5}
6
7export function handle(e: unknown) {
8  if (e instanceof ApiError) {
9    return NextResponse.json({ error: { code: e.code, message: e.message } }, { status: e.status });
10  }
11  console.error(e); // log the real thing server-side
12  return NextResponse.json(
13    { error: { code: "INTERNAL", message: "Something went wrong" } },
14    { status: 500 },
15  );
16}

Never Leak Internals¶

ts
2 lines
1// ❌ leaks stack traces, table names, secrets
2return NextResponse.json({ error: e.stack }, { status: 500 });

In production, log the full error server-side and return a generic message with maybe a correlation id the user can quote to support.

Map Known Failures to Status Codes¶

FailureStatus
Validation400
Not authenticated401
Not allowed403
Missing row (Prisma P2025)404
Unique violation (P2002)409
Everything unexpected500

Fail Fast, Fail Clearly¶

Validate and authorize at the top of the handler and return early. A handler that's a flat sequence of guard clauses followed by the happy path is far easier to read — and to secure — than deeply nested if/else.

Previous

SQL Injection & Safe Queries

Next

Chapter 7 — Quiz

Use ← → arrow keys to navigate between lessons