Key Features • Project objective • Stack • Installation • API • Future improvements • You may also like...
- Implementation of API REST backend using Express, MongoDB and Mongoose
- Identification of users by role to access to the different API consults achieved by tokens using JWT (JSON Web Token)
- Server created with Docker and checked with MongoDBCompass Workbench
- Encryptation of the user password using bcrypt
- Data simulated with seeders and generated using faker
This API is a project focused on the correct implementation of the methods, structure and parts related to the backend of an application that uses a personalized API REST. Focusing on the bussiness model, this project tries to represent how will be the back-end logic for a social media application, with the users related to the posts and the interactions that have the users with the posts (giving or removing likes, commenting or deleting / removing them) and between them (following or unfollowing to track the posts and activity).
Follow the steps to emulate the project in your local device. But is not necessary because the project has been uploaded to FL0, so you can skip the installation and use the following URL to make all the consults in front of your localhost one:
- Clone repo
- Install dependencies:
npm install
- Create a Docker container using a mongo image with the credentials you want to use
- Create a .env file with your data from the docker you are using on the project, following the .env.sample file variables and at that level of the director files
- Insert data into database using the seeder command:
npm run seeder
- Initialize API:
npm run dev
- Use the endpoints on Postman or other applications with the respective elements to get all data
[EXTRA] => You can run tests to check if the application is working with the following command:
npm run testThe API is a non relational API in which there are Users and Posts, that are referenced with the _id property from the users in the likes, comments and following interactions that have between them as is shown on the next diagram:
On this section, are shown all the endpoints from my API and what does each one, splitted by the differents methods and tables that are related with the consult. IMPORTANT: The super_admin restricted methods are only usable if a user from the DB has logged in using the /auth/login method and has assigned that role, generating a JWT token saved on the request at the tokenData object inside it. If you are using some applications like Postman to check that security, you have to copy paste it inside the Bearer Token Authorization tab. Moreover, there are some other methods that has to be logged as /profile or GET /posts.
Also, here you will get the data from 4 users and 2 posts that are created by the seeder as default users, to have data to make the petitions you desire (if you dont execute the seeder, you will not have created this data, and you will not create the random data for all the entities too):
- USERS
{
{
"name": "superAdmin",
"email": "[email protected]",
"password": "superAdmin123#",
"role": "super_admin",
"_id": "65ed7d2f6fa9305f1c42440d"
},
{
"name": "admin",
"email": "[email protected]",
"password": "Admin1234#",
"role": "admin",
"_id": "65ed7d2f6fa9305f1c42440e"
},
{
"name": "user",
"email": "[email protected]",
"password": "User12345#",
"role": "user",
"following": ["65ed7d2f6fa9305f1c424410"],
"_id": "65ed7d2f6fa9305f1c42440f"
},
{
"name": "user2",
"email": "[email protected]",
"password": "User12345#",
"role": "user",
"followers": ["65ed7d2f6fa9305f1c42440f"],
"_id": "65ed7d2f6fa9305f1c424410"
}
}- POSTS
{
{
"content": "https://upload.wikimedia.org/wikipedia/commons/thumb/8/85/Tour_Eiffel_Wikimedia_Commons_%28cropped%29.jpg/800px-Tour_Eiffel_Wikimedia_Commons_%28cropped%29.jpg",
"text": "Passing a beautifull day in Paris :D",
"owner": "65ed7d2f6fa9305f1c42440f",
"likes": ["65ed7d2f6fa9305f1c42440f", "65ed7d2f6fa9305f1c424410"],
"comments": [{
"user": "65ed7d2f6fa9305f1c424410",
"comment": "Wow! What an amazing view from there. Enjoy the travel :)"
}]
},
{
"content": "https://andreuworld.com/media/catalog/product/import/galeria/proyectos/andreu_world_suitopia_hotel_6.webp",
"text": "Enjoying the views with some alcohol and friends X.X",
"owner": "65ed7d2f6fa9305f1c424410",
"likes": ["65ed7d2f6fa9305f1c42440f", "65ed7d2f6fa9305f1c424410"],
"comments": [{
"user": "65ed7d2f6fa9305f1c42440f",
"comment": "Bartender! Cup here :3"
}]
}
}| METHOD | URL | Description |
|---|---|---|
POST |
/api/auth/register |
Register method to create an user (by default, will have the user role) |
POST |
/api/auth/login |
Login a user into the service |
| METHOD | URL | Description |
|---|---|---|
GET |
/api/users |
Get all users from DB (only for super_admin users) or get a user by email |
GET |
/api/users/profile |
Get profile from user logged into the API |
GET |
/api/users/posts/{id} |
Get all posts from a user from the application |
UPDATE |
/api/users/profile |
Update profile from user logged into the API |
UPDATE |
/api/users/{id}/role |
Update a role from user by ID into DB (only for super_admin users) |
UPDATE |
/api/users/follow/{id} |
Update a user by following or not another user from app |
DELETE |
/api/users/{id} |
Delete a user by ID from the DB (only for super_admin users) |
- IMPORTANT: To do all actions related to post, you have to be logged in, and on the interactions will be involved the user that has been logged in using the auth/login endpoint token
| METHOD | URL | Description |
|---|---|---|
GET |
/api/posts |
Get all posts done from all users from DB |
GET |
/api/posts/own |
Get all posts from user logged in |
GET |
/api/posts/timeline |
Get all posts from following users ordered by time with ID given in token |
GET |
/api/posts/{id} |
Get all posts from a user by ID given |
POST |
/api/posts |
Making and uploading a post into DB |
UPDATE |
/api/posts/ |
Update a post by ID given into the body |
UPDATE |
/api/posts/comment/{id} |
Posting a comment into a post done by some user while you logged in |
UPDATE |
/api/posts/like/{id} |
Giving / Removing a like from a post done by some user while you logged in |
DELETE |
/api/posts/{id} |
Delete a post by ID from the DB done by the user |
DELETE |
/api/posts/{postId}/comment/{id} |
Delete a comment from post by IDs from the DB done by the user |
- POST in /api/auth/register
{
"name" : "Mariano",
"email": "[email protected]",
"password": "1Az*F3x$KEq2ZX"
}- POST in /api/auth/login
{
"email" : "[email protected]",
"password": "superAdmin"
}- GET in api/users
{
"email": "[email protected]"
}- POST in api/posts
{
"content": "https://www.randomURL.com",
"text": "Description or text relating a moment to focus",
}- PUT in api/posts/:id
{
"postId": "123456789",
"content": "https://www.randomURLToUpdatePhoto.com",
"text": "Text changed because you dont like it previously",
}- PUT in api/posts/comment/:id
{
"comment": "This is a comment to do on a posts",
}- The other methods of this API will require you to be logged in
Also, here is provided a Postman collection with all the methods and 2 variables: server (if the atlas database is up) and local (if you have done all the installation setup to launch the application on local), to test all endpoints => Open this file in Postman client and test de API
⬜ Implementing front-end to use the API
✅ Implementing testing for all the methods to check the correct working of the API
⬜ Adding some features to users like themes, personal information, etc
- Between Sins - RPG videogame
- Mars Alienated - VR escape room experience in a space station
