Merge pull request #3 from martinbedouret/master

0.0.1
cboard-org · Jan 12, 2018 · add2aba · add2aba
2 parents 5ab9427 + 9b544ce
commit add2aba
Show file tree

Hide file tree

Showing 4 changed files with 65 additions and 13 deletions.
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # Cboard API - REST API for CBoard application
 
-[Cboard](https://shayc.github.io/cboard) is an augmentative and alternative communication (AAC) web application, allowing users with speech and language impairments (autism, cerebral palsy) to communicate by symbols and text-to-speech.
+[Cboard](https://app.cboard.io/) is an augmentative and alternative communication (AAC) web application, allowing users with speech and language impairments (autism, cerebral palsy) to communicate by symbols and text-to-speech.
 
 <img src='https://i.imgur.com/eeH9cUM.jpg' width='794' alt='Cboard screenshot'>
 
@@ -16,6 +16,34 @@ This video from Real Look Autism will help you understand how communication boar
 
 <a href="https://www.youtube.com/watch?v=oIGrxzPMVtw"><img src="https://img.youtube.com/vi/oIGrxzPMVtw/0.jpg" alt="Real Look Autism Episode 8" width="480" height="360"></a>
 
+## Quick start
+
+### Install
+Clone repository and install npm dependencies:
+```bash
+$ git clone https://github.com/cboard-org/cboard-api.git
+$ cd cboard-api
+$ npm install
+```
+
+### Run the API Server
+Using swagger for nodejs. You need to install swagger for node locally first, Install it using npm. For complete instructions, see the [install](./docs/install.md) page.
+
+```bash
+$ npm install -g swagger
+$ swagger project start
+```
+That should start a server process listening on port 10010.
+
+### See API Paths
+By using swagger edit appication:
+```bash
+$ swagger project edit
+```
+That should open a browser window and show API swagger editor like below:
+<img src='https://i.imgur.com/pt0eJVQ.png' width='600' alt='Cboard API Swagger'>
+
+
 ## License
 
 Code - [GPLv3](https://github.com/shayc/cboard/blob/master/LICENSE)  

diff --git a/api/controllers/user.js b/api/controllers/user.js
@@ -150,17 +150,17 @@ function loginUser(args, res) {
     var password = args.body.password;
     console.log(role + username + password);
 
-    if (role != "user" && role != "admin") {
+    if (role !== "user" && role !== "admin") {
         return res.status(400).json({
-            message: 'Error: Role must be either "admin" or "user"'
+            message: "Error: Role must be either admin or user"
         });
     }
 
-    if (username == "username" && password == "password" && role) {
+    if (username === "cboard_robot" && password === "youNIC4$" && role) {
         var tokenString = auth.issueToken(username, role);
         res.status(200).json({
             token: tokenString,
-            message: "User successfully authenticated"
+            message: "Token successfully generated"
         });
     } else {
         res.status(403).json({

diff --git a/api/helpers/auth.js b/api/helpers/auth.js
@@ -2,7 +2,7 @@
 
 var jwt = require("jsonwebtoken");
 var sharedSecret = "shh";
-var issuer = "my-awesome-website.com";
+var issuer = "cboard.io";
 
 //Here we setup the security checks for the endpoints
 //that need it (in our case, only /protected). This

diff --git a/api/swagger/swagger.yaml b/api/swagger/swagger.yaml
@@ -66,7 +66,12 @@ paths:
     x-swagger-router-controller: user
     post:
       operationId: createUser
-      description: Create a new user
+      description: Create a new temporal user in database and send an email to validate the user.
+      security:
+        - Bearer: []
+      x-security-scopes:
+        - admin
+        - user
       parameters:
         - $ref: '#/parameters/User'
       responses:
@@ -80,7 +85,7 @@ paths:
             $ref: "#/definitions/ErrorResponse"
     get:
       operationId: listUser
-      description: Return users list
+      description: Returns the full users list for the confirmed users.
       security:
         - Bearer: []
       x-security-scopes:
@@ -99,7 +104,12 @@ paths:
     x-swagger-router-controller: user
     get:
       operationId: getUser
-      description: get a specific user
+      description: Returns a specific user
+      security:
+        - Bearer: []
+      x-security-scopes:
+        - admin
+        - user
       parameters:
         - name: id
           type: string
@@ -117,7 +127,12 @@ paths:
             $ref: "#/definitions/ErrorResponse"
     put:
       operationId: updateUser
-      description: update a user
+      description: Updates a specific user
+      security:
+        - Bearer: []
+      x-security-scopes:
+        - admin
+        - user
       parameters:
         - name: id
           description: User Id
@@ -142,7 +157,11 @@ paths:
             $ref: "#/definitions/ErrorResponse"
     delete:
       operationId: removeUser
-      description: delete a user
+      description: Deletes a specific user
+      security:
+        - Bearer: []
+      x-security-scopes:
+        - admin
       parameters:
         - name: id
           description: User id
@@ -163,7 +182,12 @@ paths:
     x-swagger-router-controller: user
     post:
       operationId: activateUser
-      description: Create a new user
+      description: Create a new user by copying it from temporal users and it removes the temporal user
+      security:
+        - Bearer: []
+      x-security-scopes:
+        - admin
+        - user
       parameters:
         - in: path
           name: url
@@ -184,7 +208,7 @@ paths:
     x-swagger-router-controller: user
     post:
       operationId: loginUser
-      description: Authenticate user by email and password
+      description: Returns a valid token for a user, that can be used for api authentication.
       parameters:
         - name: role
           description: user role