Launch Goodies
Introduction
Pull Requests before The Road to Next (Pro)
Password Reset
-
Your Plan
-
The Plan (4:38)
-
Question ...
-
... & Answer.
-
Forgot Password (Public Page) (6:42)
-
Quiz
-
Password Reset Token (2:48)
-
Question
-
Question
-
Password Reset Link (9:11)
-
Quiz
-
Reset Password (Public Page) (14:51)
-
Password Strength Meter (Challenge)
-
Quiz
-
Change Password (Protected Page) (8:25)
-
Quiz
-
Many vs One Password Reset Token (Discussion) (3:29)
-
Quiz
-
E-Mail enforced Password Change (Article)
-
Alternative Password Change Flow (Challenge)
-
Rate Limiting (Article)
-
Auto-Sign-In After Password Reset (Challenge)
Email
Message Queue
-
Why a Queue? (3:24)
-
Quiz
-
Inngest (3:39)
-
Quiz
-
Receive Events with Functions (5:22)
-
Send Events (4:57)
-
Recap (2:12)
-
Type-Safe Events (2:24)
-
Quiz
-
Retries (5:38)
-
Quiz
-
How Retry Logic Saves Your App (Article)
-
Inngest + Vercel (Integration) (3:23)
-
Explore Inngest (0:35)
-
Delayed Function (Challenge)
-
Quiz
-
Background Jobs (Challenge)
-
Quiz
-
When to use Message Queues (Article)
Email Verification
-
Why Email Verification? (Article)
-
Quiz
-
Is Verified Email (3:17)
-
Quiz
-
Redirect if not Verified (2:03)
-
Quiz
-
Email Verification Token (2:32)
-
Quiz
-
Generate Random Code (1:29)
-
Quiz
-
Email Verification Code (4:23)
-
Quiz
-
Verify Email with Code (15:22)
-
Quiz
-
Fine-Grained Authorization (7:41)
-
Quiz
-
OTP Component (Challenge)
-
Send Email Verification (5:19)
-
Queue Email Verification (5:40)
-
Quiz
-
Change Email (Challenge)
-
Resend Verification Email (6:53)
-
Quiz
-
Exercise from Quiz
-
Fan-Out Job (Challenge)
Organizations
-
Many-to-Many, Users-to-Organizations (8:37)
-
Quiz
-
Read Organizations (6:29)
-
Quiz
-
Never Trust the Client, Trust the Server (2:51)
-
Quiz
-
Do not Over-Fetch ... (3:41)
-
... but keep the information you need (2:10)
-
Redirect if no Organization ... (2:08)
-
... but do not introduce Regression Bugs (Software Craftsmanship) (5:16)
-
Require Organization during Onboarding (5:15)
-
Create More Organization (5:40)
-
Manage Organization (4:17)
-
One-Way Relation and Referential Integrity (8:06)
-
Quiz
-
Switch Organization (Idempotent Operation) [C] (15:36)
-
Quiz
-
Investigating (Software Craftsmanship) (3:21)
-
Compound Key (2:45)
-
Quiz
-
Require Default Organization (19:05)
-
Impossible States (Interactive Transactions) (5:50)
-
Quiz
-
Delete Organization (9:13)
-
Client-Side Refresh (3:32)
-
Limited Access (3:17)
-
Quiz
-
Organization Status (Challenge)
Memberships
Roles
Tickets by Organization
Permissions
-
Manage Permissions (8:55)
-
Quiz
-
Authorize based on Permission (1) (7:53)
-
Authorize based on Permission (2) (9:48)
-
Quiz
-
"Enabling" User Experience (Challenge)
-
Do not trust the UI (1:37)
-
Quiz
-
canUpdateTicket (Challenge)
-
How to Scale Permissions in a Multi-Tenant App (Article)
-
Permission Table (Challenge)
-
Feature Flags vs Permissions: What's the Difference? (Article)
Invitations
-
Database Model (3:22)
-
Quiz
-
Unique Constraints (1:15)
-
Quiz
-
Read Invitations (12:03)
-
Quiz
-
Current Organization (Challenge)
-
Quiz
-
Invite by Email (7:19)
-
Quiz
-
Invitation Token & Link (5:59)
-
Quiz
-
Invitation Email (3:18)
-
Queue Invitation (3:42)
-
Queue and Send Invitation (2:03)
-
Accept Invitation Strategies (3:44)
-
Accept Invitation as User (6:56)
-
Redirect Signed-In User (Challenge)
-
Accept Invitation as Anonymous [C] (9:37)
-
Quiz
-
Invitation to Membership on the Queue (Challenge)
-
Revoke Invitation (6:52)
-
Implicit Invitation Acceptance (Challenge)
Files
-
Amazon AWS: S3 (4:12)
-
Amazon AWS: IAM (5:25)
-
Quiz
-
AWS SDK for JavaScript (3:05)
-
Quiz
-
Tickets with Attachments (5:07)
-
Quiz
-
Upload Files (6:36)
-
Quiz
-
File Validation (4:58)
-
Quiz
-
Store Files in Amazon S3 (6:26)
-
Preview Upload (Challenge)
-
List Attachments (2:16)
-
Delete Attachments from Database (5:21)
-
Delete Files from Amazon S3 (5:00)
-
Synchronize AWS S3 with Database (3:22)
-
Download Files with Presigned URLs (9:12)
-
Dangling S3 Files (Challenge)
-
Rollbacks (Article)
-
Signed Upload URLs (Article)
Refactoring UI
-
From Files to Folders (3:16)
-
Quiz
-
Custom Hook Extraction (5:12)
-
Quiz
-
Abstract Custom Hook (Challenge)
-
Quiz
-
When to Abstract (Article)
-
Variable Extraction (2:26)
-
Component Extraction (2:57)
-
Quiz
-
Render Prop Component (6:13)
-
Quiz
-
Configuration over Composition (Challenge)
-
Refactoring Navigation (Challenge)
Polymorphic Relationships
-
Polymorphic Relationship (4:42)
-
Quiz
-
Read Polymorphic Relations (5:10)
-
Quiz
-
Create a Polymorphic Relation (10:34)
-
Quiz
-
Type Guards in TypeScript (3:54)
-
Quiz
-
Helper Functions (1:31)
-
Quiz
-
Delete a Polymorphic Relation (7:12)
-
Sign a Polymorphic Relation (4:29)
-
File Type Icon for Attachments (Challenge)
-
Only one Foreign Key (Challenge)
Isomorphic Components
-
Intro (Challenge) (2:29)
-
Polymorphic Comments (9:08)
-
Limits of the Client-Server Boundary (Discussion) (2:51)
-
Quiz
-
N+1 Problem (Discussion) (2:32)
-
Nested Fetch (6:52)
-
Quiz
-
Invalidate Client-Side Cache (5:06)
-
Quiz
-
Update Client-Side Cache (Challenge)
-
Isomorphic Components (Discussion) (4:22)
-
Client-Side vs Server-Side (Challenge)
Service Layer
-
Use Case for Layer(s) (4:29)
-
Quiz
-
Service Layer (3:34)
-
Quiz
-
Descriptive Layers (1:58)
-
Quiz
-
The Case for Barrel Files (3:01)
-
Quiz
-
Error Handling across Layers (5:11)
-
Quiz
-
Reuse Schema (2:18)
-
Reuse Service (4:22)
-
Invitation Service (Challenge)
-
Incomplete Service Layer (Challenge)
-
When to introduce a Service Layer (Article)
Data Access Layer (DAL)
-
Service Layer to Data Layer (3:30)
-
Quiz
-
API Layer to Data Layer (3:09)
-
Quiz
-
Dynamic Include Statement (4:00)
-
Function Overloads (Discussion) (8:29)
-
Quiz
-
Conditional Types with Generics (Challenge)
-
Conditional Types with Generics (Solution)
-
File Upload Abstraction (Challenge)
-
Incomplete Data Access Layer (Challenge)
-
When to introduce a Data Access Layer (Article)
DTOs in a Layered Architecture
-
Why DTOs (1:40)
-
Quiz
-
Implement DTO (3:26)
-
Usage DTO (Create Attachments) (2:44)
-
Usage DTO (Delete Attachment) (2:28)
-
Attachment Data Access Layer (Challenge)
-
Usage DTO (Sign Attachment) (3:04)
-
fromAttachment (Challenge)
-
Usage DTO (Create Comment) (3:20)
-
DTO as a Class (Challenge)
-
DTO as a Class (Solution)
Self-Relations
-
Ticket-to-Ticket Relations (1:22)
-
Quiz
-
List Ticket References (3:41)
-
Referencing Tickets (Challenge)
-
Regex (Software Craftsmanship)
-
Quiz
-
Connect Ticket Reference (6:07)
-
Quiz
-
Not existing Ticket (Challenge)
-
Disconnect Ticket Reference (5:45)
-
Quiz
-
Service and Data Layer (Challenge)
-
Comment Editing with Reference Diffing (Challenge)
-
Embed Ticket Reference by ID (5:29)
-
Quiz
-
Embed Ticket Reference by Name (Challenge)
-
Quiz
-
Inverse Linking (Challenge)
-
Optional Requests (Article)
-
Should You Await Everything? (Article)
-
Transactions across Layer (Article)
Protected API (Route Handler)
-
Organization-Level Creadentials (3:45)
-
Quiz
-
Create Credential (6:02)
-
Quiz
-
Show Once, Copy Secret (3:15)
-
Quiz
-
Copy Secret Button (Challenge)
-
Obfuscate Secrets (3:18)
-
Quiz
-
Revoke Credential (Challenge)
-
Created by User (Challenge)
-
Protected API (2:12)
-
Quiz
-
Bearer Authorization (7:44)
-
Quiz
-
API Layer to Service Layer (Challenge)
-
Scopes on Credentials (Challenge)
-
Track Credential Usage (Challenge)
Security
-
Disclaimer: No Security Expert
-
Exclude Sensitive Information (Discussion) (3:19)
-
Quiz
-
Timing Attack (6:32)
-
Enumeration Attack (2:29)
-
Quiz
-
Throttling Token Generation (4:35)
-
Rate Limiting (Article)
-
Quiz
-
Rate Limiting (Challenge)
-
Client-Side Guardrails: Preventing UI-Level Misuse (3:51)
-
Server-Side Guardrails: Stricter Validation (3:44)
-
Injection & Sanitization (Discussion) (2:51)
-
Cross-Site Scripting (Article)
-
Cross-Site Scripting (Challenge)
-
Cross-Site Scripting (Solution)
-
Environment Variables on the Client (Article)
-
"server only"-directive (Article)
Stripe Subscription (Coming May 2025)
-
Stripe API Keys
-
Stripe Installation
-
One-to-One Relationship
-
Stripe Customer
-
Stripe Products & Stripe Prices
-
Pricing Page
-
Subscription Page
-
Checkout Session
-
Webhooks
-
Idempotence (Software Craftsmanship)
-
Customer Portal
-
Subscription Status
-
Change Subscription
-
Cancel Subscription
-
Test Clock
-
Provisioning
-
Deprovisioning (Challenge)
-
Race Conditions (Software Craftsmanship)
-
Private Tickets (Challenge)
-
Trial Days (Discussion)
-
Discounts with Coupons (Challenge)
-
Prorations (Discussion)
-
Upsells (Challenge)
-
Production Webhook (Challenge)
Project Ideas
Pull Requests after The Road to Next (Pro)
