Skip to content

V4Vince/BioTrackr-api

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
app
app
 
 
bin
bin
 
 
config
config
 
 
db
db
 
 
lib/tasks
lib/tasks
 
 
log
log
 
 
public
public
 
 
scripts
scripts
 
 
spec
spec
 
 
tmp/pids
tmp/pids
 
 
Gemfile
Gemfile
 
 
Gemfile.lock
Gemfile.lock
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
Rakefile
Rakefile
 
 
config.ru
config.ru
 
 

Repository files navigation

BioTrackr API

An API that lets users store and keep a detailed log of their health. It allow users to register with an email and password as well as store records that they create.

API currently does not support admin privileges. All data created by the user are only accessible by the user.

##API end-points

Verb URI Pattern Controller#Action
POST /sign-up users#signup
POST /sign-in users#signin
DELETE /sign-out/:id users#signout
PATCH /change-password/:id users#changepw
GET /records records#index
POST /records records#create
GET /records/:id records#show
PATCH /records/:id records#update

All data returned from API actions is formatted as JSON.

User actions

Summary:

Request Response
Verb URI body Status body
POST `/sign-up` credentials 201, Created user
400 Bad Request empty
POST `/sign-in` credentials 200 OK user w/token
401 Unauthorized empty
DELETE `/sign-out/:id` empty 201 Created empty
401 Unauthorized empty
PATCH `/change-password/:id` passwords 204 No Content user w/token
400 Bad Request empty

signup

The create action expects a POST of credentials identifying a new user to create, e.g. using getFormFields:

<form>
  <input name="credentials[email]" type="text" value="an@example.email">
  <input name="credentials[password]" type="password" value="an example password">
  <input name="credentials[password_confirmation]" type="password" value="an example password">
</form>

or using JSON:

{
  "credentials": {
    "email": "an@example.email",
    "password": "an example password",
    "password_confirmation": "an example password"
  }
}

The password_confirmation field is optional.

If the request is successful, the response will have an HTTP Status of 201, Created, and the body will be JSON containing the id and email of the new user, e.g.:

{
  "user": {
    "id": 1,
    "email": "an@example.email"
  }
}

If the request is unsuccessful, the response will have an HTTP Status of 400 Bad Request, and the response body will be empty.

signin

The signin action expects a POST with credentials identifying a previously registered user, e.g.:

<form>
  <input name="credentials[email]" type="text" value="an@example.email">
  <input name="credentials[password]" type="password" value="an example password">
</form>

or:

{
  "credentials": {
    "email": "an@example.email",
    "password": "an example password"
  }
}

If the request is successful, the response will have an HTTP Status of 200 OK, and the body will be JSON containing the user's id, email, and the token used to authenticate other requests, e.g.:

{
  "user": {
    "id": 1,
    "email": "an@example.email",
    "token": "an example authentication token"
  }
}

If the request is unsuccessful, the response will have an HTTP Status of 401 Unauthorized, and the response body will be empty.

signout

The signout actions is a DELETE specifying the id of the user so sign out.

If the request is successful the response will have an HTTP status of 204 No Content.

If the request is unsuccessful, the response will have a status of 401 Unauthorized.

changepw

The changepw action expects a PATCH of passwords specifying the old and new.

If the request is successful the response will have an HTTP status of 204 No Content.

If the request is unsuccessful the reponse will have an HTTP status of 400 Bad Request.

The sign-out and change-password requests must include a valid HTTP header Authorization: Token token=<token> or they will be rejected with a status of 401 Unauthorized.

Application Actions

All application requests must include a valid HTTP header Authorization: Token token=<token> or they will be rejected with a status of 401 Unauthorized.

All of the application actions must follow the RESTful style.

Records are associated with users. Users must be signed in with a token to retrieve a record. If this requirement is unmet, the response will be 401 Unauthorized.

Summary:

Request Response
Verb URI body Status body
GET `/records` n/a 200, OK records found
The default is to retrieve all records associated with the user.. 401 Unauthorized empty
POST `/records` n/a 201, Created record created
401 Unauthorized empty
400 Bad Request errors
GET `/records/:id` n/a 200, OK record found
401 Unauthorized empty
404 Not Found empty
PATCH `/records/:id` empty 200, OK record updated
400 Bad Request errors
400 Bad Request empty
PATCH `/records/:id` record delta 200, OK record updated
400 Bad Request errors
404 Not Found empty

index

The index action is a GET that retrieves all the records associated with a user. The response body will contain JSON containing an array of records, e.g.:

{
  "records": [
    {
      "id": 1,
      "symptom": "High fever",
      "date": "2016-03-12",
      "details": "Woke up with a fever today. It lasted for about 1-week",
      "user_id": 9
    },
  ]
}

If there are no records associated with the user, the response body will contain an empty records array, e.g.:

{
  "records": [
  ]
}

create

The create action expects a POST with an empty body (e.g '' or '{}' if JSON). If the request is successful, the response will have an HTTP Status of 201 Created, and the body will contain JSON of the created record with user_id set to the user calling create, e.g.:

  {
    "record": {
      "id": 1,
      "symptom": "",
      "date": "",
      "details": "",
      "user_id": 9
    },
 }

If the request is unsuccessful, the response will have an HTTP Status of 400 Bad Request, and the response body will be JSON describing the errors.

show

The show action is a GET specifing the id of the record to retrieve. If the request is successful the status will be 200, OK, and the response body will contain JSON for the record requested, e.g.:

{
  "record": {
      "id": 1,
      "symptom": "High fever",
      "date": "2016-03-12",
      "details": "Woke up with a fever today. It lasted for about 1-week",
      "user_id": 9
    },
  }

update a record's states

This update action expects a PATCH with changes to to an existing record's details, e.g.:

<form>
  <input details="record.details" type="text" value="Woke up with a fever today. It lasted for about 1.5-weeks">
</form>
{
  "record": {
      "id": 1,
      "details": "Woke up with a fever today. It lasted for about 1.5-week",
    },
  }

If the request is successful, the response will have an HTTP Status of 200 OK, and the body will be JSON containing the modified record, e.g.:

{
  "record": {
      "id": 1,
      "symptom": "High fever",
      "date": "2016-03-12",
      "details": "Woke up with a fever today. It lasted for about 1.5-week",
      "user_id": 9
    },
  }

If the request is unsuccessful, the response will have an HTTP Status of 400 Bad Request, and the response body will be JSON describing the errors.

##Resources

About

No description, website, or topics provided.

Resources

Readme

License

View license
Activity

Stars

8 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages