5.23-bob: API hujjatlari — Swagger / OpenAPI
5-QISM — Node.js Backend · 23-mavzu (yakuniy)
1. Kirish va motivatsiya
5-QISMning yakuniy bobiga keldik. Backend'ni to'liq qurdik: server, REST, auth, validatsiya, fayl, real-time, navbat (5.1–5.22). Endi muhim, lekin ko'pincha e'tibordan chetda qoladigan mavzuni — API'ni hujjatlashni — o'rganamiz. API yozish — yarim ish; uni boshqalar qanday ishlatishini tushuntirish — ikkinchi yarmi.
Tasavvur qiling: siz backend yozdingiz (REST API — 5.7). Endi frontend dasturchi (11) undan foydalanishi kerak: qaysi endpoint'lar bor? Qaysi metod (GET/POST)? Qanday ma'lumot yuborish kerak? Javob qanday ko'rinishda? Qaysi status kodlar? Auth qanday? Bularning hammasini og'zaki yoki alohida hujjatda tushuntirish — sekin, xatoga moyil, eskirib qoladi. Yechim — avtomatik, interaktiv, kod bilan sinxron hujjat: Swagger / OpenAPI.
OpenAPI — REST API'ni tasvirlovchi standart (sanoat standarti). Swagger — shu standart asosida interaktiv hujjat (veb-sahifa) yaratuvchi vosita. Swagger UI orqali har bir endpoint ko'rinadi, va eng zo'ri — uni brauzerda to'g'ridan sinab ko'rish mumkin ("Try it out" tugmasi). Bu — jamoa ishini, frontend bilan hamkorlikni, va API'ni tushunishni keskin osonlashtiradi.
O'xshatish: API hujjati — qurilmaning foydalanuvchi qo'llanmasi (instruksiya). Telefon sotib olsangiz, qutida qo'llanma bor: qaysi tugma nima qiladi, qanday ulanadi, nima qilsa bo'ladi. Qo'llanmasiz qurilma — har tugmani sinab ko'rasiz (vaqt isrofi, xato). API hujjati ham shunday: frontend dasturchi "qaysi endpoint, qanday ma'lumot, qanday javob" ni o'qiydi — taxmin qilmaydi. Swagger — bu qo'llanmaning interaktiv versiyasi (o'qibgina qolmay, sinab ham ko'rasiz).
Nega muhim?
- Jamoa ishi — frontend (11) va backend hamkorligi; har kim API'ni biladi.
- Vaqt tejaydi — og'zaki tushuntirish, alohida hujjat yozish o'rniga.
- Interaktiv test — brauzerda endpoint'ni sinab ko'rish (Postman'siz).
- Standart — OpenAPI sanoat standarti; client generatsiya, validatsiya.
2. Nazariya — chuqur tushuntirish
2.1. API hujjati nima va nega kerak
API hujjati — API'dan qanday foydalanishni tushuntiruvchi ma'lumot:
Har endpoint uchun:
- Yo'l va metod (GET /api/products — 5.7)
- Parametrlar (query, path, body — 5.6)
- So'rov formati (qanday ma'lumot yuborish)
- Javob formati (qanday qaytadi, status kodlar — 5.7)
- Auth talabi (token kerakmi — 5.15)
- Xato javoblari (400, 401, 404 — 5.10)Muammo: qo'lda yozilgan hujjat eskirib qoladi (kod o'zgaradi, hujjat qolib ketadi). Yechim — kod bilan sinxron hujjat (kod o'zgarsa, hujjat ham — 2.4).
2.2. OpenAPI vs Swagger (farq)
OpenAPI — SPETSIFIKATSIYA (standart): API'ni tasvirlash qoidalari (JSON/YAML format)
(avval "Swagger Specification" deb atalgan)
Swagger — VOSITALAR to'plami: OpenAPI asosida ishlaydigan asboblar
- Swagger UI — interaktiv hujjat sahifasi 2.3-bob
- Swagger Editor — spetsifikatsiya yozish
- Swagger Codegen — koddan client generatsiyaSodda qilib: OpenAPI — "til/standart" (API'ni qanday tasvirlash); Swagger — shu tilda yozilganni "ko'rsatuvchi/ishlatuvchi" asboblar. Ko'pincha ikkalasi bir ma'noda ishlatiladi. Biz OpenAPI formatida tasvirlaymiz, Swagger UI bilan ko'rsatamiz.
2.3. Swagger UI — interaktiv hujjat
Swagger UI — OpenAPI tavsifini chiroyli, interaktiv veb-sahifaga aylantiradi:
/api-docs sahifasi:
- Barcha endpoint'lar ro'yxati (guruhlangan)
- Har birini ochib, tafsilotini ko'rish (parametr, javob)
- "Try it out" — brauzerda TO'G'RIDAN sinab ko'rish (so'rov yuborish!)
- Auth kiritish (token) — himoyalangan endpoint'larni sinash"Try it out" — Swagger'ning eng kuchli tomoni: frontend dasturchi Postman'siz, kod yozmasdan, brauzerda endpoint'ni sinab ko'radi (real so'rov, real javob). Hujjat — "tirik".
2.4. Hujjatni qanday yaratish (ikki yondashuv)
1. Kod ichida izoh (annotation) — swagger-jsdoc
Route yoniga JSDoc izoh yozasiz (@openapi) avtomatik OpenAPI hosil bo'ladi
Kod bilan yonma-yon (sinxron); izohlar ko'p joy oladi
2. Alohida spetsifikatsiya (YAML/JSON) yoki kod-first (NestJS — 8.10)
Alohida fayl yoki dekorator spetsifikatsiyaExpress'da eng keng tarqalgan — swagger-jsdoc (izoh) + swagger-ui-express (ko'rsatish). NestJS'da 8.10-bob — dekorator (
@ApiProperty— avtomatik). Bu bobda Express yondashuvini o'rganamiz.
2.5. O'rnatish (swagger-jsdoc + swagger-ui-express)
npm install swagger-jsdoc swagger-ui-express # (5.2) swagger-jsdoc — kod izohlaridan (@openapi) OpenAPI obyekti yasaydi
swagger-ui-express — shu obyektni /api-docs sahifasida ko'rsatadi2.6. Asosiy sozlash (definition)
import swaggerJsdoc from "swagger-jsdoc";
import swaggerUi from "swagger-ui-express";
const spec = swaggerJsdoc({
definition: {
openapi: "3.0.0", // OpenAPI versiyasi
info: { title: "Mana API", version: "1.0.0", description: "..." },
servers: [{ url: "http://localhost:3000" }],
},
apis: ["./routes/*.js"], // izoh qidiriladigan fayllar (2.7)
});
app.use("/api-docs", swaggerUi.serve, swaggerUi.setup(spec)); // /api-docs sahifasi (2.3)2.7. Endpoint'ni hujjatlash (JSDoc izoh — 2.4)
Route yoniga @openapi izohi (swagger-jsdoc):
/**
* @openapi
* /api/products:
* get:
* summary: Barcha mahsulotlar
* tags: [Products]
* responses:
* 200:
* description: Mahsulotlar ro'yxati
*/
app.get("/api/products", getProducts);Izoh YAML formatida (OpenAPI). swagger-jsdoc uni o'qib, OpenAPI obyektiga qo'shadi.
tags— endpoint'larni guruhlaydi (Swagger UI'da bo'limlar).
2.8. Komponentlar — qayta ishlatiladigan schema (DRY)
Ma'lumot modellarini (Product, User) bir marta ta'riflab, qayta ishlatish (best practices):
/**
* @openapi
* components:
* schemas:
* Product:
* type: object
* required: [nom, narx]
* properties:
* id: { type: string }
* nom: { type: string, example: "Olma" }
* narx: { type: number, example: 12000 }
*/Keyin endpoint'larda
$ref: '#/components/schemas/Product'bilan ishora qilasiz (takrorlamasdan — DRY).required— majburiy maydonlar (5.9: validatsiya bilan mos);example— namuna qiymat.
2.9. So'rov body va parametrlarni hujjatlash
parameters — path (/:id), query (?page=) — 5.6
requestBody — POST/PUT body (yuboriladigan ma'lumot)
responses — status kodlar va javob formati (5.7)Bu — API'ning "shartnoma"si: frontend nima yuborishi va nima olishi aniq yoziladi. Validatsiya 5.9-bob bilan mos bo'lishi kerak (hujjat va haqiqat bir xil).
2.10. Auth'ni hujjatlash (security — 5.15)
Himoyalangan endpoint'lar (token kerak — 5.15) Swagger'da belgilanadi:
/**
* @openapi
* components:
* securitySchemes:
* bearerAuth:
* type: http
* scheme: bearer
* bearerFormat: JWT
*/
// Endpoint'da: security: [{ bearerAuth: [] }]Bu — Swagger UI'da "Authorize" tugmasini chiqaradi: token kiritasiz, keyin himoyalangan endpoint'larni sinab ko'rasiz ("Try it out" auth bilan). Frontend uchun — qaysi endpoint auth talab qilishini ko'rsatadi.
2.11. Status kodlar va xatolarni hujjatlash (5.7, 5.10)
responses:
200 — muvaffaqiyat (javob schema bilan)
201 — yaratildi 5.7-bob
400 — validatsiya xatosi 5.9-bob
401 — avtorizatsiya kerak 5.15-bob
403 — ruxsat yo'q 5.17-bob
404 — topilmadi
500 — server xatosi (5.10)Har endpoint mumkin bo'lgan barcha javoblarni hujjatlashi kerak (faqat 200 emas). Frontend xatolarni qanday boshqarishni shu yerdan biladi.
2.12. Hujjat va kod sinxronligi (eng muhim)
Eng katta xavf: hujjat eskirib qolishi (kod o'zgaradi, izoh qolib ketadi):
Izoh route yoniga (yonma-yon — unutilmaydi — 2.4)
Validatsiya schema (Zod — 5.9) OpenAPI generatsiya (zod-to-openapi) — bitta manba!
Code review'da hujjatni ham tekshiring (15.2)Eng yaxshi yechim: validatsiya schema'sidan (Zod — 5.9) OpenAPI'ni avtomatik generatsiya qilish (
zod-to-openapi) — bitta manba (schema), ham validatsiya, ham hujjat. Yoki NestJS'da 8.10-bob dekorator — DTO'dan avtomatik.
2.13. Production'da Swagger (xavfsizlik — 14)
Swagger UI — API tuzilishini oshkor qiladi (endpoint'lar, ma'lumot). Production'da ehtiyot (14):
Public API — Swagger ochiq mayli (maqsad — ishlatish)
Ichki/maxfiy API — Swagger'ni himoyalang (auth) yoki production'da o'chiring
Maxfiy ma'lumotni example'da ko'rsatmang (parol, kalit — 14)Kichik/ichki loyihada Swagger'ni production'da o'chirish yoki parol bilan himoyalash mumkin. Public API — ochiq (foydalanuvchilar uchun).
2.14. Boshqa hujjatlash vositalari (qisqacha)
Postman — so'rovlar to'plami; hujjat + test (kollektsiya ulashish)
Insomnia — Postman muqobili
Redoc — Swagger UI muqobili (chiroyli, faqat ko'rish)
Scalar — zamonaviy OpenAPI UI
NestJS Swagger — dekorator asosida avtomatik 8.10-bob
openapi-typescript / orval — OpenAPI'dan TS tip va klient avtomatik (frontend — 11)OpenAPI standart — bir marta yozsangiz, har vositada ishlaydi (Swagger UI, Redoc, Postman import). Standart — bog'lanmaslik (vendor lock-in yo'q).
3. Sintaksis — tez ma'lumotnoma
import swaggerJsdoc from "swagger-jsdoc";
import swaggerUi from "swagger-ui-express";
const spec = swaggerJsdoc({
definition: { openapi: "3.0.0", info: { title, version }, servers: [...] },
apis: ["./routes/*.js"], // izoh fayllari (2.6)
});
app.use("/api-docs", swaggerUi.serve, swaggerUi.setup(spec)); // (2.3)
// Izoh (route yoniga — 2.7):
/**
* @openapi
* /api/x:
* get:
* summary: ...
* responses: { 200: { description: OK } }
*/4. Batafsil kod namunalari
Misol 1 — Asosiy Swagger sozlash (2.6)
// config/swagger.js
import swaggerJsdoc from "swagger-jsdoc";
import swaggerUi from "swagger-ui-express";
const spec = swaggerJsdoc({
definition: {
openapi: "3.0.0",
info: {
title: "Mana Do'kon API",
version: "1.0.0",
description: "E-commerce backend API hujjati",
},
servers: [
{ url: "http://localhost:3000", description: "Dev" },
{ url: "https://api.mana.uz", description: "Production" },
],
},
apis: ["./routes/*.js"], // izoh qidiriladigan fayllar (2.6)
});
export const swaggerSetup = (app) => {
app.use("/api-docs", swaggerUi.serve, swaggerUi.setup(spec)); // (2.3)
console.log(" Swagger: http://localhost:3000/api-docs");
};
// app.js: import { swaggerSetup } from "./config/swagger.js"; swaggerSetup(app);Misol 2 — GET endpoint hujjati (2.7)
/**
* @openapi
* /api/products:
* get:
* summary: Barcha mahsulotlarni olish
* tags: [Products]
* parameters:
* - in: query
* name: page
* schema: { type: integer, default: 1 }
* description: Sahifa raqami
* - in: query
* name: limit
* schema: { type: integer, default: 20 }
* responses:
* 200:
* description: Mahsulotlar ro'yxati
* content:
* application/json:
* schema:
* type: array
* items: { $ref: '#/components/schemas/Product' }
*/
router.get("/products", getProducts);Misol 3 — Komponent schema (qayta ishlatiladigan — 2.8)
/**
* @openapi
* components:
* schemas:
* Product:
* type: object
* required: [nom, narx]
* properties:
* id:
* type: string
* example: "65a1b2c3d4e5f6"
* nom:
* type: string
* example: "Olma"
* narx:
* type: number
* example: 12000
* mavjud:
* type: boolean
* example: true
* Error:
* type: object
* properties:
* success: { type: boolean, example: false }
* error: { type: object }
*/Misol 4 — POST endpoint (body bilan — 2.9)
/**
* @openapi
* /api/products:
* post:
* summary: Yangi mahsulot qo'shish
* tags: [Products]
* security:
* - bearerAuth: [] # auth kerak (2.10, 5.15)
* requestBody:
* required: true
* content:
* application/json:
* schema:
* type: object
* required: [nom, narx]
* properties:
* nom: { type: string, example: "Banan" }
* narx: { type: number, example: 18000 }
* responses:
* 201:
* description: Yaratildi
* content:
* application/json:
* schema: { $ref: '#/components/schemas/Product' }
* 400:
* description: Validatsiya xatosi
* content:
* application/json:
* schema: { $ref: '#/components/schemas/Error' }
* 401:
* description: Avtorizatsiya kerak
*/
router.post("/products", auth, roleRequired("admin"), createProduct); // (5.15, 5.17)Misol 5 — Auth (security scheme — 2.10)
/**
* @openapi
* components:
* securitySchemes:
* bearerAuth:
* type: http
* scheme: bearer
* bearerFormat: JWT # 5.15-bob
*/
// definition'ga global security (yoki har endpoint'da):
const spec = swaggerJsdoc({
definition: {
openapi: "3.0.0",
info: { title: "Mana API", version: "1.0.0" },
components: {
securitySchemes: {
bearerAuth: { type: "http", scheme: "bearer", bearerFormat: "JWT" },
},
},
},
apis: ["./routes/*.js"],
});
// Swagger UI'da "Authorize" tugmasi chiqadi — token kiritib, sinash (2.10)Misol 6 — Path param va to'liq CRUD (2.9, 5.7)
/**
* @openapi
* /api/products/{id}:
* get:
* summary: Bitta mahsulot
* tags: [Products]
* parameters:
* - in: path
* name: id
* required: true
* schema: { type: string }
* responses:
* 200:
* description: Mahsulot topildi
* content:
* application/json:
* schema: { $ref: '#/components/schemas/Product' }
* 404:
* description: Topilmadi
* delete:
* summary: Mahsulotni o'chirish
* tags: [Products]
* security: [{ bearerAuth: [] }]
* parameters:
* - in: path
* name: id
* required: true
* schema: { type: string }
* responses:
* 204: { description: O'chirildi }
* 403: { description: Ruxsat yo'q }
* 404: { description: Topilmadi }
*/
router.get("/products/:id", getProduct);
router.delete("/products/:id", auth, roleRequired("admin"), deleteProduct);Misol 7 — Zod schema'dan avtomatik OpenAPI (sinxronlik — 2.12)
// zod-to-openapi — validatsiya va hujjat BITTA manbadan (2.12, 5.9)
import { z } from "zod";
import { extendZodWithOpenApi } from "@asteasolutions/zod-to-openapi";
extendZodWithOpenApi(z);
// Schema — ham validatsiya 5.9-bob, ham hujjat (bitta manba!)
const ProductSchema = z.object({
nom: z.string().openapi({ example: "Olma" }),
narx: z.number().positive().openapi({ example: 12000 }),
}).openapi("Product");
// Bu schema'dan: validatsiya 5.9-bob VA OpenAPI hujjati avtomatik generatsiya
// kod o'zgarsa, ikkalasi ham yangilanadi (eskirmaydi — 2.12)Misol 8 — Production'da himoya (2.13, 14)
import basicAuth from "express-basic-auth";
// Swagger UI'ni production'da parol bilan himoyalash (2.13, 14)
if (config.isProd) {
app.use("/api-docs", basicAuth({
users: { admin: config.swaggerPassword }, // .env (5.8)
challenge: true,
}));
}
app.use("/api-docs", swaggerUi.serve, swaggerUi.setup(spec));
// Ichki API — production'da Swagger faqat parol bilan (14)5. To'g'ri va noto'g'ri holatlar
1) Hujjatsiz API
frontend taxmin qiladi/og'zaki so'raydi (sekin, xato — 2.1)
Swagger — har endpoint hujjatlangan, interaktiv2) Hujjat kod bilan sinxron emas
kod o'zgardi, izoh eski (frontend noto'g'ri ma'lumot — 2.12)
izoh yonma-yon; Zod'dan avtomatik (Misol 7)3) Faqat 200 javobni hujjatlash
xato javoblar (400/401/404) yo'q (frontend xatoni bilmaydi — 2.11)
barcha mumkin javoblarni hujjatlang4) Maxfiy ma'lumotni example'da
// haqiqiy token/parol example'da (14, 2.13)
example: "Bearer eyJhbGc...real-token"
// namunaviy/soxta
example: "Bearer <token>"5) Production'da ichki Swagger ochiq
maxfiy API tuzilishi hammaga ochiq (14, 2.13)
auth bilan himoyalang yoki o'chiring6. Keng tarqalgan xatolar va yechimlari
Xato 1 — Swagger UI bo'sh (endpoint'lar yo'q)
Sababi: apis yo'li noto'g'ri (izoh fayllari topilmadi — 2.6). Yechimi: apis: ["./routes/*.js"] to'g'ri yo'l; izohlar @openapi tag bilan.
Xato 2 — Izoh ko'rinmaydi
Sababi: YAML formati xato (bo'shliq/tab — YAML bo'shliqqa sezgir). Yechimi: izoh formatini tekshiring (bir xil bo'shliq); Swagger Editor'da sinab ko'ring.
Xato 3 — $ref ishlamaydi
Sababi: komponent ta'riflanmagan yoki yo'l xato 2.8-bob. Yechimi: components/schemas ta'riflangan; $ref: '#/components/schemas/Product' to'g'ri.
Xato 4 — "Try it out" CORS xatosi
Sababi: Swagger boshqa origin'dan so'rov yuboradi 5.20-bob. Yechimi: CORS sozlang; servers to'g'ri URL.
Xato 5 — Auth "Try it out"da ishlamaydi
Sababi: securityScheme yo'q yoki endpoint'da security belgilanmagan 2.10-bob. Yechimi: securitySchemes ta'riflang; endpoint'da security.
Xato 6 — Hujjat haqiqatdan farq qiladi
Sababi: kod o'zgardi, izoh qoldi 2.12-bob. Yechimi: izohni yangilang; Zod'dan generatsiya (Misol 7); code review 15.2-bob.
7. Integratsiya — bu mavzu stack'ning qayerida uchraydi
- REST 5.7-bob: Swagger REST API'ni hujjatlaydi (endpoint, status).
- Express 5.6-bob: swagger-ui-express middleware.
- Validatsiya 5.9-bob: schema hujjat bilan mos; Zod'dan generatsiya.
- Auth 5.15-bob: security scheme (JWT).
- RBAC 5.17-bob: qaysi endpoint qaysi rol (hujjatda).
- Error handling 5.10-bob: xato javoblari hujjatda.
- Xavfsizlik (14): production'da Swagger himoyasi.
- Frontend (11): API'ni Swagger'dan o'rganadi; client generatsiya.
- NestJS 8.10-bob: @nestjs/swagger — dekorator (DTO'dan avtomatik).
- Kasbiy (15): code review, jamoa hamkorligi.
8. Eng yaxshi amaliyotlar (best practices)
- Har API'ni hujjatlang (Swagger — jamoa/frontend uchun — 2.1).
- Izoh route yoniga (yonma-yon — sinxron — 2.4, 2.12).
- Komponent schema (qayta ishlatish — $ref — DRY — 2.8).
- Barcha javoblarni hujjatlang (200 + 400/401/404/500 — 2.11).
- Auth'ni belgilang (security scheme — "Authorize" — 2.10).
- Hujjat-kod sinxronligi (Zod'dan generatsiya — bitta manba — 2.12, Misol 7).
- Maxfiy ma'lumotni example'da ko'rsatmang (14, 2.13).
- Production'da ichki Swagger'ni himoyalang (auth/o'chir — 2.13, 14).
- Tag bilan guruhlang (Products, Users, Auth — 2.7).
- OpenAPI standart (Redoc/Postman/client'ga ham — 2.14).
9. Amaliy loyiha: "To'liq API Hujjati (Swagger)"
API hujjatlashni professional darajada mustahkamlash.
Maqsad
Swagger/OpenAPI bilan to'liq, interaktiv API hujjatini qurish: barcha endpoint'lar, schema'lar, auth, xato javoblari — kod bilan sinxron.
Talablar (requirements)
- Sozlash: swagger-jsdoc + swagger-ui-express;
/api-docssahifasi (Misol 1, 2.6). - Komponent schema'lar: Product, User, Error — qayta ishlatiladigan ($ref — Misol 3, 2.8).
- CRUD endpoint'lar: GET (list+query), GET/:id, POST (body), PATCH, DELETE — hujjatlangan (Misol 2, 4, 6).
- Auth: bearerAuth security scheme; himoyalangan endpoint'larda security (Misol 5, 2.10).
- Barcha javoblar: 200/201/400/401/403/404 (Misol 4, 2.11).
- Tag bilan guruhlash: Products, Auth, Users 2.7-bob.
- "Try it out": brauzerda endpoint'larni (auth bilan) sinash 2.3-bob.
- Hujjat-kod sinxronligi: validatsiya 5.9-bob bilan mos 2.12-bob.
- (Bonus) Zod'dan avtomatik: zod-to-openapi (Misol 7, 2.12).
- (Bonus) Production himoyasi: Swagger'ni parol bilan (Misol 8, 2.13).
Maslahatlar (hint)
apis: ["./routes/*.js"]— izoh yo'li (2.6, 1-xato).- Izoh
@openapitag, YAML format (bo'shliqqa sezgir — 2-xato). - Schema:
components/schemas+$ref(2.8, 3-xato). - Auth: securitySchemes +
security: [{ bearerAuth: [] }]2.10-bob. - Barcha status kodlar (2.11, 3-holat).
- Production: basic-auth 2.13-bob.
"Tayyor" mezonlari (acceptance criteria)
- /api-docs sahifasi ochiladi, endpoint'lar ko'rinadi.
- Komponent schema'lar ($ref bilan) ishlaydi.
- Barcha CRUD endpoint'lar hujjatlangan.
- Auth (Authorize tugmasi) ishlaydi.
- Barcha javoblar (200+xatolar) hujjatlangan.
- Tag bilan guruhlangan.
- "Try it out" bilan sinab ko'rish mumkin.
- Hujjat haqiqiy API bilan mos.
- (Bonus) Zod'dan generatsiya / production himoyasi.
Yechim kodi ataylab berilmagan — bu loyihani o'zingiz yozib ko'ring.
10. Xulosa va keyingi QISMga ko'prik
Bu bobda API'ni professional hujjatlashni — Swagger / OpenAPI — o'rgandik:
- API hujjati zarur (jamoa/frontend — 2.1); OpenAPI (standart) vs Swagger (vositalar — 2.2); Swagger UI (interaktiv, "Try it out" — 2.3).
- swagger-jsdoc + swagger-ui-express (izohdan — 2.4, 2.5); endpoint hujjati 2.7-bob; komponent schema ($ref — DRY — 2.8).
- Body/parametr/javob (2.9, 2.11); auth (security scheme — 2.10); hujjat-kod sinxronligi (Zod'dan — 2.12).
- Production himoyasi (ichki Swagger — 14, 2.13); boshqa vositalar (Redoc/Postman — 2.14).
5-QISM (Node.js Backend) TUGADI! Biz Node.js asoslaridan (event loop, core modullar — 5.1-5.4) boshlab, HTTP/Express (5.5-5.6), REST/validatsiya/error (5.7-5.10), fayl/logger/real-time/bot (5.11-5.14), auth/RBAC/OTP/email (5.15-5.19), xavfsizlik/Redis/navbat/Swagger (5.20-5.23) — to'liq, production-darajali backend qurishni o'rgandik.
Keyingi — 6-QISM: Ma'lumotlar bazasi (Database). Backend'ning yuragi — ma'lumotni saqlash. Bu qismda: DB asoslari (SQL vs NoSQL), MongoDB + Mongoose (schema, CRUD, aggregation, indekslar, relations), SQL (PostgreSQL/MySQL, JOIN, normalizatsiya, tranzaksiya), va ORMlar (Sequelize, Prisma, TypeORM) — chuqur o'rganamiz. Hozirgacha ma'lumotni DB'ga "saqladik" deb o'tdik; endi DB'ning o'zini ustasi bo'lamiz.
Foydalanilgan rasmiy/ishonchli manbalar
- swagger.io / OpenAPI Specification 3.0; swagger-jsdoc, swagger-ui-express (npm)
- DEV/LogRocket — Documenting Express API with Swagger 2026 (jsdoc, components, auth)
- @asteasolutions/zod-to-openapi — Zod schema OpenAPI (sinxronlik)
Izohlar (0)
Izoh yozish uchun kiring.
- Hozircha izoh yo'q. Birinchi bo'ling!