Skip to content

Iftakharpy/viksu-2.0-backend-api

BranchesTags

Repository files navigation

VIKSU 2.0 Backend

To run the server locally follow instruction in VIKSU 2.0 Docker repository

Minimal docs of api endpoints can be seen in MinimalAPIdocs.md

API endpoints

Note: Requests which has data in the body has to also send Content-Type header with value set to application/json eg. Content-Type: application/json. This is because current version api only supports only json format.

User registration

Endpoint /api/user/register

Request Method: POST

Required headers

Content-Type: application/json

Query Parameters

None

Request Body

{
	"name": "test",
	"email": "[email protected]",
	"password": "12@vV633"
}

Response

Status code 200
{
	"name": "test",
	"email": "[email protected]",
	"role": "EMPLOYEE",
	"createdAt": "2023-06-22T07:21:17.330Z",
	"worksAtOrganizationId": null
}
Status code 400
{
	"reason": "Validation error",
	"message": [
		{
			"type": "field",
			"value": "[email protected]",
			"msg": "E-mail already in use",
			"path": "email",
			"location": "body"
		}
	]
}
Status code 500
{
	"reason": "Unhandled edge case on the server",
	"message": "Unexpected Internal server error"
}
Organization registration

Endpoint /api/organization/register

Request Method: POST

Required headers

Content-Type: application/json

Query Parameters

None

Request Body

{
	"name": "Nordea",
	"email": "[email protected]",
	"password": "abcdPassword@23",
	"country": "Finland",
	"city": "Jyvaskyla",
	"numberOfEmployees": 3000
}

Response

Status code 200
{
	"name": "Organization",
	"email": "[email protected]",
	"role": "ORGANIZATION",
	"createdAt": "2023-06-26T10:00:56.805Z",
	"city": "Jyvaskyla",
	"country": "Finland",
	"numberOfEmployees": 1
}
Status code 400
{
	"reason": "Validation error",
	"message": [
		{
			"type": "field",
			"value": "[email protected]",
			"msg": "E-mail already in use",
			"path": "email",
			"location": "body"
		}
	]
}
User/Organization login

Endpoint /api/user/login

Request Method: POST

Required headers

Content-Type: application/json

Query Parameters

None

Request Body

{
	"email": "[email protected]",
	"password": "12@vV633"
}

Response

Status code 200

The accessToken is valid for a short period 10 minutes. But the refreshToken is valid for longer period 9 hours. Access token is used to check who is logged in and to check if the user has appropriate permission to perform an action. The refresh token is used to get new access token when the access token expires. User needs to login again when the refresh token expires.

{
	"accessTokenExpiresIn": 900000,
	"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjp7Im5hbWUiOiJ0ZXN0IiwiZW1haWwiOiIzMUAyLmNvbSIsInJvbGUiOiJFTVBMT1lFRSIsImNyZWF0ZWRBdCI6IjIwMjMtMDYtMjJUMDc6MjE6MTcuMzMwWiIsIndvcmtzQXRPcmdhbml6YXRpb25JZCI6bnVsbH0sImlhdCI6MTY4NzQxOTI1MSwiZXhwIjoxNjg3NDE5ODUxfQ.djcjJASD9MunOH0R_5nTfIZGZJDemYEdeVpVRS5OljU",
	"refreshTokenExpiresIn": 32400000,
	"refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjp7Im5hbWUiOiJ0ZXN0IiwiZW1haWwiOiIzMUAyLmNvbSIsInJvbGUiOiJFTVBMT1lFRSIsImNyZWF0ZWRBdCI6IjIwMjMtMDYtMjJUMDc6MjE6MTcuMzMwWiIsIndvcmtzQXRPcmdhbml6YXRpb25JZCI6bnVsbH0sImlhdCI6MTY4NzQxOTI1MSwiZXhwIjoxNjg3NDUxNjUxfQ.xkbhE8LnvOwdwChEsqYfldZaRshYutIRlq9IsJJLMDI"
}
Status code 400
{
	"reason": "Invalid credentials",
	"message": "Invalid email or password"
}
Refresh access token

Endpoint /api/user/refreshAccessToken

Request Method: POST

Required headers

Content-Type: application/json

Query Parameters

None

Request Body

{
	"refreshToken": "<refreshToken from login endpoint>"
}

Response

Status code 200
{
	"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjp7Im5hbWUiOiJ0ZXN0IiwiZW1haWwiOiIzMUAyLmNvbSIsInJvbGUiOiJFTVBMT1lFRSIsImNyZWF0ZWRBdCI6IjIwMjMtMDYtMjJUMDc6MjE6MTcuMzMwWiIsIndvcmtzQXRPcmdhbml6YXRpb25JZCI6bnVsbH0sImlhdCI6MTY4NzQyMzA5MSwiZXhwIjoxNjg3NDIzNjkxfQ.k5HD7l8FYL9N7NXAAmwzTJwlxrc1U5mFv5Sd8-IX_as"
}
Status code 400
{
	"reason": "Invalid refresh token",
	"message": "Refresh token is invalid or has expired. Please login again."
}
User profile

Endpoint /api/user/profile

Request Method: GET

Required headers

Authorization: Bearer <accessToken>

Query Parameters

None

Request Body

None

Response

Status code 200

The accessToken is valid for a short period 10 minutes. But the refreshToken is valid for longer period 9 hours. Access token is used to check who is logged in and to check if the user has appropriate permission to perform an action. The refresh token is used to get new access token when the access token expires. User needs to login again when the refresh token expires.

{
	"name": "test",
	"email": "[email protected]",
	"role": "EMPLOYEE",
	"createdAt": "2023-06-22T07:21:17.330Z",
	"worksAtOrganizationId": null
}
Status code 400
{
	"reason": "Unauthorized",
	"message": "User is not authenticated"
}
Organization profile

Endpoint /api/organization/profile

Request Method: GET

Required headers

Authorization: Bearer <accessToken>

Query Parameters

None

Request Body

None

Response

Status code 200
{
	"name": "Organization",
	"email": "[email protected]",
	"role": "ORGANIZATION",
	"createdAt": "2023-06-26T10:00:56.805Z",
	"city": "Jyvaskyla",
	"country": "Finland",
	"numberOfEmployees": 1
}
Status code 400
{
	"reason": "Unauthorized",
	"message": "User is not authenticated"
}

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages