This is a solution to the Thrift Fashion Web Application Project from the yearly TECHWIZ GLOBAL I.T COMPETITION powered by APTECH COMPUTER EDUCATION
-
To use this service on your local machine, you would need to clone this repo to your local machine.
Also, you would need to have php installed globally on your machine or you can download XAMPP on your machine. It comes with php inbuilt.
For the database, we used XAMPP and PhpMyadmin to set it up. You would need to set up a database that the application will use.
The database name here is thriftfash. You can give your database whatever name you like.
Next you will create a .env file in the root folder of the application and set it to look like the .env.example file you will find on the folder.
You would then enter the new .env file you created and set your new DB_DATABASE to the name of your newly created database.
Note: This project uses mysql so you can leave it at the default DB_CONNECTION value.
Once all that is set up. You are ready to run the app. Open the terminal and navigate to the project folder's directory. After this is done enter this in your terminal:
To startup the application
php artisan serveThen to seed the database input:
php artisan migrate:fresh --seedAfter the database has been seeded successfully, go to phpmyadmin panel on XAMPP and you should see a result like this:
Learn the foundations for using this REST API, starting with authentication and some endpoint examples.
This REST API exposes 6 public routes and 7 protected routes which will required user to be validated. When making POST request to the api, your data format should be json.
Note: When querying all routes, for extra precaution, PLEASE include a header.. This Header will contain simply the {Accept: 'application/json'} key/value pair.. When making get Requests, it may or not may not be necessary but it is advised it is included to avoid unnecessary errors
This endpoint will fetch all products available in the database and return a response in json format. The response will be an array of objects representing each product in the database.
[
{
"id": 1,
"product_name": "LightGoldenRodYellow",
"description": "Aperiam id est est architecto nulla est. Et
delectus at est id at et.",
"category": "eum",
"price": "103.68",
"stock": 4,
"image": "https://via.placeholder.com/200x200.png/0066ee?text=aut",
"created_at": "2022-08-12T19:37:46.000000Z",
"updated_at": "2022-08-12T19:37:46.000000Z"
},
{
"id": 2,
"product_name": "Gold",
"description": "Qui ipsa omnis ipsa et et sed itaque sunt.
Delectus ullam rerum et sunt quo mollitia.",
"category": "repudiandae",
"price": "69.35",
"stock": 19,
"image": "https://via.placeholder.com/200x200.png/009966?text
=reiciendis",
"created_at": "2022-08-12T19:37:47.000000Z",
"updated_at": "2022-08-12T19:37:47.000000Z"
},
]
If the request to this route was not successful or returned a response code above 400, it may be as a result of a server error or more likely the user may have inputted a wrong HTTP VERB e.g (GET, POST) etc...
When queried, this route will return a singular object containing the particular product you searched for within the database.
{
"id": 1,
"product_name": "LightGoldenRodYellow",
"description": "Aperiam id est est architecto nulla est. Et delectus
at est id at et.",
"category": "eum",
"price": "103.68",
"stock": 4,
"image": "https://via.placeholder.com/200x200.png/0066ee?text=aut",
"created_at": "2022-08-12T19:37:46.000000Z",
"updated_at": "2022-08-12T19:37:46.000000Z"
}
If the api returns an error response, It is that either something went wrong on the server or more likely You did not input the proper HTTP VERB. Proper request configuration is advised.
This endpoint will be used for registering a new User into the system. It is going to require input passed in with the request body. For this route, the required input is going to be a 'name' field with a data type of string. An 'email' field. A 'phone' field which is where the phone number will be passed. A 'password' field. An 'address' field. And finally a 'password_confirmation' field.
Note that all of these fields mentioned above will be required and if all are not provided, there will be an error response
{
"user": {
"name": "Dee",
"email": "don@yahoo.com",
"phone": "08032734613",
"address": "1, Jazzy Lane. London",
"updated_at": "2022-08-12T20:24:01.000000Z",
"created_at": "2022-08-12T20:24:01.000000Z",
"id": 1
}
}
A bad response could occur as a result of three things.
- User already exists in the database in which case the email or phone number will cause a validation error.
{ "message": "The given data was invalid.", "errors": { "email": [ "The email has already been taken." ], "phone": [ "The phone has already been taken." ] } } - A Server error may have occured Or,
- A wrong http verb was used or header was missing when sending the request.
Logging in a user is quite simple but it delicate because It is an important in the validation and authentication of a user.
This endpoint will require just three fields to be sent along the request. The 'email' field, the 'password' field and the 'password_confirmation' field which will ofcus be the same as the password field.
On a successful query, the api will return an object with some user details and more importantly, an encrypted TOKEN. This token is necessary for that user to make additional requests to protected routes which we will come to in a bit.
{
"user": {
"id": 1,
"name": "Don",
"email": "don@yahoo.com",
"phone": "08032734613",
"address": "1, Jazzy Lane. London",
"email_verified_at": null,
"created_at": "2022-08-12T20:24:01.000000Z",
"updated_at": "2022-08-12T20:24:01.000000Z"
},
"token": "1|rrz*************"
}
If any of the fields inputted are wrong in some sort, there will most assurdely be an error. The error message will be as simple as pie.
{
"message": "Bad Credentials"
}
Other errors that may occur may be cause by one or all of the errors previously mentioned in the prior examples.
This is public route. On this endpoint, the 'feedback' field is the only field needed to be sent to the server. It is required to be a string.
{
"message": "Feedback Created Successfully",
"feedback": {
"feedback": "this app is sweet",
"updated_at": "2022-08-12T21:22:27.000000Z",
"created_at": "2022-08-12T21:22:27.000000Z",
"id": 2
}
}
This response will be returned if the field is left blank or without any value
{
"message": "The given data was invalid.",
"errors": {
"feedback": [
"The feedback field is required."
]
}
}
This endpoint will return a response in form of an array of objects with each object representing the individual feedbacks.
This endpoint is pretty simple to use.
[
{
"id": 1,
"feedback": "18272",
"created_at": "2022-08-12T21:09:01.000000Z",
"updated_at": "2022-08-12T21:09:01.000000Z"
},
{
"id": 2,
"feedback": "this app is sweet",
"created_at": "2022-08-12T21:22:27.000000Z",
"updated_at": "2022-08-12T21:22:27.000000Z"
}
]
| endpoint | HTTP VERB/METHOD |
|---|---|
| (localhost)/api/v1/products | GET |
| (localhost)/api/v1/products/{id} | GET |
| (localhost)/api/v1/users/register/ | POST |
| (localhost)/api/v1/users/login | POST |
| (localhost)/api/v1/feedbacks | POST |
| (localhost)/api/v1/feedbacks | GET |
The routes listed from here on are all protected so user will need to have been authenticated before being able to access these endpoints. In essence, the user in context will have already been logged in to be able to use these routes. All queries will need to be sent with an Authorization header with the token as its value. Remember this {"Accept": 'application/json'}. This object(the headers object) should also include this field {"Authorization" : Bearer ${token}}. If you are using an http library like Axios, you can refer to this page for more info.
This endpoint would be used by an already logged in user. It will enable the user to log out of the application.
A good request is ideally one that would be sent with the user's proper credentials and more importantly, with the token assigned to that user.
{
"message": "Token destroyed, Logout Successful"
}
Note, once user has been successfully logged out, the token will have expired therefore, user will not be able to query the api with that token anymore.
A first instance of a bad request to this route would be trying to logout a user twice. This would return:
{
"message": "Unauthenticated."
}
I'm hoping you know the reason why this happened. It's because the token used to make a request to this endpoint would have been destroyed.
This request would be used to add payment information about the logged in user to the database.
When making a request to this route, we would need the token assigned to the logged in user to be passed along side the headers in the request body. Remember this {"Accept": 'application/json'}. This object(the headers object) should also include this field {"Authorization" : Bearer ${token}}. If you are using an http library like Axios, you can refer to this page for more info.
This endpoint generally requires first, the TOKEN and then required fields: 'id' which is the id of the logged in user, 'card_number', 'expires' and 'cvv'.
As a side note: I could not successfully store the month/day format in the database, therefore developer will use any year and append to the month/day before submitting to the database. If this isn't done, an error will occur and the message will be that the year format is not valid -ish.
{
"message": "Payment Information Submitted",
"details": {
"user_id": "1",
"card_number": "2229-333-3213",
"expiration": "2030-12-03T00:00:00.000000Z",
"cvv": "233",
"updated_at": "2022-08-12T22:35:10.000000Z",
"created_at": "2022-08-12T22:35:10.000000Z",
"id": 1
}
}
A bad request could result in a message like this. This would be when all fields are left empty. Other errors would be similar to the prior ones.
{
"message": "The given data was invalid.",
"errors": {
"id": [
"The id field is required."
],
"card_number": [
"The card number field is required."
],
"expires": [
"The expires field is required."
],
"cvv": [
"The cvv field is required."
]
}
}
This route will be used to update the payment information of a logged in user that has already submitted his/her payment information before. The id on the URI ((localhost)/api/v1/users/payinfos/{id}) will be the logged in user's id. This endpoint generally requires first, the TOKEN and then required fields: 'card_number', 'expires' and 'cvv'.
A successful response would look like:
{
"message": "Payment Info Updated successfully",
"details": {
"paymentInfo_id": 1,
"user_id": 1,
"card_number": "2091309230",
"expiration_date": "2025-10-12T00:00:00.000000Z",
"new_cvv": "290",
"created_at": "2022-08-12T22:35:10.000000Z",
"updated_at": "2022-08-12T23:01:04.000000Z"
}
}
The error messages where the fields are left empty are quite descriptive. A real error that would likely come is in the case of a wrong user id. And the response would be like:
{
"message": "User not found"
}
This route will be used to place an order for a logged in user. When making the request, the request body would require the 'id' field which would represent the id of the logged in user, 'prod_id' field which would be required to be an integer, 'quantity' field which would be required to be an integer, 'bill' field which would be in a decimal format and 'order_status' which would be a boolean(Important: Do not pass in true or false in the api request instead the status code for an active would be the value of 1).
{
"message": "Order placed successfully",
"response": {
"user_id": "1",
"product_id": "1",
"quantity": "3",
"bill": "12",
"isActive": "1",
"updated_at": "2022-08-12T23:23:58.000000Z",
"created_at": "2022-08-12T23:23:58.000000Z",
"id": 1
}
}
This route will be used by a logged in user to cancel orders he/she may have made. This route does not require any request body to be passed. All that needs to be provided is the user's id to the api endpoint ((localhost)/api/v1/users/orders/{"id"}).
{
"message": "Orders Cancelled Successfully",
"payload": 2
}
The payload property being how many requests were cancelled on that user's name.
If user has not made any order, and by which ever means an order delete request is successfully placed, a message like this would be returned:
{
"message": "No orders on this User yet",
"payload": 0
}
That's all there is to this route.
This is the last route that exposes an endpoint on the database. This route will do things. It will query the database and find all the orders pertaining to the logged in user with this {id} passed on the uri. And then it will also fetch the products information of the products the user made an order for and mesh them both in one response.
This route, unlike the prior ones, has more pizzazz to it. This route does three things. It checks for the user with the id provided in the uri ({id}). If there is no user with such id on the database, it will return this message:
If it finds a user, but this user has not placed any order yet, it will return a response like this:
{
"message": "User hasn't placed any order yet",
"payload": false
}
And finally:
If user has placed some orders, it will return a response like this:
{
"message": "Query Successful",
"orders": [
{
"order": {
"id": 3,
"user_id": 1,
"product_id": 1,
"quantity": 3,
"bill": "12.00",
"isActive": 1,
"created_at": "2022-08-12T23:52:23.000000Z",
"updated_at": "2022-08-12T23:52:23.000000Z",
"product": {
"id": 1,
"product_name": "DarkRed",
"description": "Officiis explicabo nam quod commodi
nihil omnis. Rem qui sed recusandae aperiam ut eveniet.",
"category": "quam",
"price": "108.24",
"stock": 2,
"image": "https://via.placeholder.com/200x200.pn
g/0055bb?text=aut",
"created_at": "2022-08-12T21:55:22.000000Z",
"updated_at": "2022-08-12T21:55:22.000000Z"
}
}
},
{
"order": {
"id": 4,
"user_id": 1,
"product_id": 3,
"quantity": 2,
"bill": "65.00",
"isActive": 1,
"created_at": "2022-08-12T23:52:54.000000Z",
"updated_at": "2022-08-12T23:52:54.000000Z",
"product": {
"id": 3,
"product_name": "LightCoral",
"description": "Natus est nesciunt quisquam odio.
Totam porro nisi et non.",
"category": "eum",
"price": "7.33",
"stock": 5,
"image": "https://via.placeholder.com/200x200.pn
g/002222?text=enim",
"created_at": "2022-08-12T21:55:22.000000Z",
"updated_at": "2022-08-12T21:55:22.000000Z"
}
}
}
]
}
| endpoint | HTTP VERB/METHOD |
|---|---|
| (localhost)/api/v1/users/logout | POST |
| (localhost)/api/v1/users/payinfos | POST |
| (localhost)/api/v1/users/payinfos/{id} | POST |
| (localhost)/api/v1/users/orders/ | POST |
| (localhost)/api/v1/users/orders/{id} | DELETE |
| (localhost)/v1/users/orders/{id} | GET |
- Php
- Laravel 8
- Laravel Sanctum for Authentication
- Faker Library
I want to thank the organizers of this competiton and Aptech Computer Education for giving us the opportunity to partake in it. I have really learned a lot while developing this application.