Skip to content

Latest commit

 

History

History
324 lines (297 loc) · 7.81 KB

README.md

File metadata and controls

324 lines (297 loc) · 7.81 KB

@Ifycode/buuks-express-api


Hosted on Heroku: https://buuks-express-api.herokuapp.com

"Buuks" instead of "books"... Another angle 😉 The API allows an (authenticated) user to interact with a database made for storing books. API is built with nodejs, expressjs and mongoDB, and is able to do the following:

  • Create Read Update Delete operations for books which are saved in the database
  • User signup, authentication and (basic) authorization
  • PDF file upload to Cloudinary
  • Uses zod for resource validation

API design

Methods & endpoints Description Request body Auth (access token)
POST /users/signup Create new user email, password, passwordConfirmation, name Not required
POST /users/login Sign in as existing user, create access token and refresh token for use in all endpoints that require access token email, password Access token is generated at this endpoint
GET /users/sessions Gets all users sessions made through the POST /users/login endpoint. Also reissues an access token (if access token is expired and there's refresh token) No request body Use access token from the POST /users/login response
DELETE /users/sessions Deletes the last recorded session created through the POST /users/login endpoint (Note: this endpoint may need fixing) No request body Use access token from the POST /users/login response
POST /books Create a new book (authenticated user) title, description, pdf (file upload) Use access token from the POST /users/login response
GET /books/user/:userId Get/view only books created by a particular user, using the user ID No request body Use access token from the POST /users/login response
GET /books/:bookId Get/view a book stored in the database, using the book ID No request body Not required (for now)
PUT /books/:bookId Update already existing book in the database, using the book ID title, description, pdf (file upload) Use access token from the POST /users/login response
DELETE /books/:bookId Delete a book from the database, using the book ID No request body Use access token from the POST /users/login response

Request body and (successful) response

POST /users/signup
Request body

{
    "email": "string",
    "password": "string",
    "passwordConfirmation": "string",
    "name": "string"
}

Successful response (sample)

{
    "user": {
        "email": "string",
        "name": "string",
        "_id": "string",
        "createdAt": "string",
        "updatedAt": "string"
    }
}

POST /users/login
Request body

{
    "email": "string",
    "password": "string"
}

Successful response (sample)

{
    "user": {
        "name": "string",
        "email": "string",
        "_id": "string"
    },
    "accessToken": "string"
}

GET /users/sessions
Request body

No response body

Successful response (sample)

{
    "count": number,
    "sessions": [
        {
            "_id": "string",
            "user": "string",
            "password": boolean,
            "userAgent": "string",
            "createdAt": "string",
            "updatedAt": "string"
        },
        // etc.
    ]
}

DELETE /users/sessions
Request body

No response body

Successful response (sample)

{
    "accessToken": null,
    "refreshToken": null
}

POST /books
Request body

Use form-data (in postman). The title and description keys should have value of type string. The pdf key should have the value of type file.

Successful response (sample)

{
    "message": "string"
    "user": {
        "name": "string",
        "_id": "string"
    },
    "book": {
        "_id": "string",
        "title": "string",
        "description": "string",
        "pdf": "string"
        "request": {
            "type": "string",
            "url": "string",
            "description": "string"
        }
    }
}

GET /books/user/:userId
Request body

No response body

Successful response (sample)

{
    "count": number,
    "description": "string",
    "books": [
        {
            "_id": "string",
            "title": "string",
            "description": "string",
            "pdf": "string",
            "request": {
                "type": "string",
                "url": "string",
                "description": "string"
            }
        },
        // etc.
    ]
}

GET /books/:bookId
Request body

No response body

Successful response (sample)

{
    "_id": "string",
    "title": "string",
    "description": "string",
    "pdf": "string",
    "user": {
        "_id": "string"
    },
    "request": {
        "type": "string",
        "url": "string",
        "description": "string"
    }
}

PUT /books/:bookId
Request body

Use form-data (in postman). The title and description keys should have value of type string. The pdf key should have the value of type file.

Successful response (sample)

{
    "message": "string"
    "user": {
        "name": "string",
        "_id": "string"
    },
    "book": {
        "_id": "string",
        "title": "string",
        "description": "string",
        "pdf": "string"
        "request": {
            "type": "string",
            "url": "string",
            "description": "string"
        }
    }
}

DELETE /books/:bookId
Request body

No response body

Successful response (sample)

{
    "message": "string"
    "user": {
        "name": "string",
        "_id": "string"
    },
    "request": {
        "type": "string",
        "url": "string",
        "description": "string"
    }
}

Running the API in development

Make sure to either have mongoDB installed and running on your computer, or have a monogDB atlas cluster set up in the cloud. Set your API_HOST_URL and other needed environment variables in the .env file you create (see example in .env.example file). Use the commands below to run the API locally on your computer.

Install dependencies:

npm install

Start server for connection to mongoDB (local):

npm run dev

Start server for connection to mongoDB (Atlas):

npm run dev:atlas

Helpful learning (and bug fixing) resources