Skip to content

3. Events Routes

Abdullah bin Ammar edited this page May 20, 2025 · 2 revisions

Routes Overview for event.js

Note

These routes cover event browsing, registration, and CRUD operations.
Authenticated routes require user sessions. Admin roles are required for event management.

Method Endpoint Description
GET /events/ Retrieve all events (public).
GET /events/:eventId Get details for a specific event by ID.
POST /events/ Create a new event (API only, validated body).
GET /events/:eventId/edit Render form for editing an event (club admin only).
POST /events/:eventId/edit Update event information (club admin only).
POST /events/:eventId/delete Delete an event (club admin only).
POST /events/:eventId/register Register authenticated user to an event.
POST /events/:eventId/unregister Unregister authenticated user from an event.

Key Features

  • 🔍 Event Browsing: Public access to list and view event details.
  • 🧾 CRUD Support: Full create, edit, update, delete capabilities for authorized admins.
  • 👥 Role-Based Access: Uses middleware authorize() and role constants (CLUB_ADMIN, etc.).
  • 🛡️ Authentication Guard: Uses isAuthenticated middleware for protected routes.
  • 📋 Validation: Uses Zod schemas (insertEventSchema) for API body validation.
  • 📌 Registration Management: Users can register/unregister with seat and time checks.

Event Retrieval

Get All Events

GET /events/

Returns a list of all events.

Response:

  • 200 OK with { success, data: [events] }
  • 500 on failure

Get Event by ID

GET /events/:eventId

Returns full event info, registration status, admin view, and user list.

Response:

  • 200 OK with event, isRegistered, isEventAdmin
  • 404 Not Found if not found

Event Creation

Create Event (API)

POST /events/

Creates an event using validated request body and user authentication.

Body Example (JSON):

{
  "name": "AI Workshop",
  "description": "Intro to AI",
  "seatsAvailable": 30,
  "clubId": "abc123",
  "registrationStart": "2025-06-01T10:00:00Z",
  "registrationEnd": "2025-06-10T10:00:00Z",
  "eventStart": "2025-06-15T10:00:00Z",
  "eventEnd": "2025-06-15T12:00:00Z"
}

Response:

  • 201 Created with event data
  • 400 on validation or club not found
  • 500 on error

Event Editing

Render Edit Form

GET /events/:eventId/edit

Used to display event form in the UI (requires Club Admin role).


Submit Event Edits

POST /events/:eventId/edit

Updates event using form data.

Response:

  • 200 OK on success
  • 400 on validation errors
  • 404 if event not found

Event Deletion

Delete Event

POST /events/:eventId/delete

Deletes an event by ID.

Response:

  • 204 No Content on success
  • 404 if event not found
  • 500 on error

Registration

Register for Event

POST /events/:eventId/register

Registers the current user.

Response:

  • 200 OK on success
  • 400 if full, closed, or already registered
  • 404 if not found

Unregister from Event

POST /events/:eventId/unregister

Unregisters the current user.

Response:

  • 200 OK on success
  • 400 if not registered or window closed
  • 404 if not found

Admin Utility

Get Club Info for Event Creation

GET /events/clubs/:clubId

Retrieves club data before creating an event.

Response:

  • 200 OK with club
  • 404 if not found
  • 500 on error

Internal Notes

  • Middleware:
    • isAuthenticated: Ensures the user is logged in
    • authorize([],[ClubRole.CLUB_ADMIN]): Role-based guard
    • validateBody(insertEventSchema): Validates event creation payload
  • Roles used: clubAdmin, hr, inmaAdmin
  • Session-based logic detects req.user for permissions and registration state

Clone this wiki locally