Express is a minimal node.js framework for building server apps, a higher level of abstraction which allows for rapid development of node.js applications: we don’t have to re-invent the wheel
Express contains a very robust set of features: complex routing, easier handling of requests and responses, middleware, server-side rendering, etc.
Express can also be used to create API (Application Programming Interface i.e. a piece of software that can be used by another piece of software, in order to allow applications to talk to each other).
It's a good practice to have all the Express related stuff in the file called app.js and all the server related stuff in the file called server.js basically which port to listen on, some error handling stuffs, environment variables etc.
server.js should be the entry point of the entire application as it’s the file which handles assigning port, env variables, establising connection with database etc basically it’s like the starting the engine of the car before driving and app.js is for all the app relatied functionality.
Express can also be used to serve static files stored in the server and for that we can use the built in middleware in express.
API is a software that can be used by other software to talk to each other.
REST(Representational State Transfer) architecture for creating API is a way of creating an API in a way that is easy to use whose major idea is separation of API into logical resource.
A resource is the object representation of something that has some data associated with it. Structured resource based URL
Use Http methods as verb not the endpoint. Endpoints like getUser is bad as it is a verb. The url/endpoint should have only resource with them.
Basic CRUD operation
Usually we send data as JSON and sometimes we format the JSON a little more for the developers on the client side by enveloping it it another object with more data, JSend format(just a specification).
Rest API should be stateless, state is data that can change over time, things like weather the user is logged in or not shouldn't be handled by API.