-
Notifications
You must be signed in to change notification settings - Fork 0
3. Events Routes
Abdullah bin Ammar edited this page May 20, 2025
·
2 revisions
Note
These routes cover event browsing, registration, and CRUD operations.
Authenticated routes require user sessions. Admin roles are required for event management.
| Method | Endpoint | Description |
|---|---|---|
| GET | /events/ |
Retrieve all events (public). |
| GET | /events/:eventId |
Get details for a specific event by ID. |
| POST | /events/ |
Create a new event (API only, validated body). |
| GET | /events/:eventId/edit |
Render form for editing an event (club admin only). |
| POST | /events/:eventId/edit |
Update event information (club admin only). |
| POST | /events/:eventId/delete |
Delete an event (club admin only). |
| POST | /events/:eventId/register |
Register authenticated user to an event. |
| POST | /events/:eventId/unregister |
Unregister authenticated user from an event. |
- 🔍 Event Browsing: Public access to list and view event details.
- 🧾 CRUD Support: Full create, edit, update, delete capabilities for authorized admins.
- 👥 Role-Based Access: Uses middleware
authorize()and role constants (CLUB_ADMIN, etc.). - 🛡️ Authentication Guard: Uses
isAuthenticatedmiddleware for protected routes. - 📋 Validation: Uses Zod schemas (
insertEventSchema) for API body validation. - 📌 Registration Management: Users can register/unregister with seat and time checks.
GET /events/Returns a list of all events.
Response:
-
200 OKwith{ success, data: [events] } -
500on failure
GET /events/:eventIdReturns full event info, registration status, admin view, and user list.
Response:
-
200 OKwithevent,isRegistered,isEventAdmin -
404 Not Foundif not found
POST /events/Creates an event using validated request body and user authentication.
Body Example (JSON):
{
"name": "AI Workshop",
"description": "Intro to AI",
"seatsAvailable": 30,
"clubId": "abc123",
"registrationStart": "2025-06-01T10:00:00Z",
"registrationEnd": "2025-06-10T10:00:00Z",
"eventStart": "2025-06-15T10:00:00Z",
"eventEnd": "2025-06-15T12:00:00Z"
}Response:
-
201 Createdwitheventdata -
400on validation or club not found -
500on error
GET /events/:eventId/editUsed to display event form in the UI (requires Club Admin role).
POST /events/:eventId/editUpdates event using form data.
Response:
-
200 OKon success -
400on validation errors -
404if event not found
POST /events/:eventId/deleteDeletes an event by ID.
Response:
-
204 No Contenton success -
404if event not found -
500on error
POST /events/:eventId/registerRegisters the current user.
Response:
-
200 OKon success -
400if full, closed, or already registered -
404if not found
POST /events/:eventId/unregisterUnregisters the current user.
Response:
-
200 OKon success -
400if not registered or window closed -
404if not found
GET /events/clubs/:clubIdRetrieves club data before creating an event.
Response:
-
200 OKwithclub -
404if not found -
500on error
- Middleware:
-
isAuthenticated: Ensures the user is logged in -
authorize([],[ClubRole.CLUB_ADMIN]): Role-based guard -
validateBody(insertEventSchema): Validates event creation payload
-
- Roles used:
clubAdmin,hr,inmaAdmin - Session-based logic detects
req.userfor permissions and registration state