MongoDB database with REST API in Flask and Auth0 on Google Cloud Platform

This project implements a NoSQL database that models users, boats, and loads (cargo) hosted on Google Cloud Firestore in Datastore (legacy) mode and deployed on Google App Engine. Users can create an account and log in with Auth0. Users can create boats and loads and modify and delete boats they've created. They can also assign loads to or remove loads from boats they've created. The API specification, including entity attribute validation, is included in valdemar_project.pdf. A Postman environment and collection unit test suite are also provided. See the Maintenance section for improvement areas.

Requirements:

Tech Stack

• Datastore for database
• API in Node.js or Python 3
• Deployed on Google App Engine

Database Model

• User entity
  • Support user creation: custom or 3rd party
    • Must provide a URL for email/password login
  • Initial login must create user entity
  • Must have unique 'id' attribute
• Non-user entities: 2 minimum
  • Must have a 'self' attribute: full URL
  • Minimum 3 attributes in addition to 'self', 'id', and any relational attributes
  • Resources corresponding to user-bound non-user entities must be protected
  • Must support all 4 CRUD operations and handle side effects
• Relation between non-user entities: 1 minimum
• Relation between user and a non-user entity: 1 minimum

API

• Requests must support at least JSON Content-Type
• If there is a response body, it must be JSON
  • Requests that do not explicitly include 'application/json' in the Accept header must be rejected
• Entities represented by URL endpoints (e.g., GET /collection)
• Support GET /users
• All CRUD operations in model must be supported
  • User-owned entities, including GET /collection, must be protected by JWT authentication
• Response must be paginated
  • 5 entities per page
  • Include next button
  • Include total entity count
• Entities in response must show relationships
• Endpoint for creating relationship: 1 minimum
• Endpoint for removing relationship: 1 minimum
• Must support the following status codes appropriately:
  • 200
  • 201
  • 204
  • 401
  • 403
  • 405
  • 406

Design

• See API specification

Implementation:

• MongoDB
• Google Cloud Platform Firestore, Datastore, App Engine
• Auth0, JWT
• Flask

Verification:

• Postman unit test suite

Maintenance:

• This project was built on a previous assignment that did not employ Flask Blueprints. As a result, it is monolithic. Modularizing it with Blueprints would improve readability and make continuing development easier.
• Due to academic deadlines, the code is not as DRY as it could be. In particular, input validation for Create/POST and Update/PUT operations could be moved into generic functions.
• Authentication keys are stored in an ENV file. This is not appropriate for deployment.

Demonstrated Proficiencies:

• Cloud deployment
• RESTful APIs
• HTTP request/response
• Data validation
• Document (NoSQL) database design
  • Schema normalization
  • Cascades
• Authorization
• Authentication with middleware

The URLs on page 1 of the API spec are defunct in the interest of not accidentally getting charged. 🙂