The Trip Planner Server is an API created in Node and Express that utilizes MongoDB to store and retrieve trip data logged by users of the Trip Planner Client Application. It also allows users to register for accounts on the application.
- API URL: https://areeshz-trip-planner.herokuapp.com/
- Client Application: https://areeshz.github.io/trip-planner-client/
- Front-End Repository: https://github.com/areeshz/trip-planner-client
- Node.js
- Express.js
- MongoDB
- Mongoose
Verb | URI Pattern | Controller#Action |
---|---|---|
POST | /sign-up |
users#signup |
POST | /sign-in |
users#signin |
DELETE | /sign-out |
users#signout |
PATCH | /change-password |
users#changepw |
GET | /trips |
trips#index |
POST | /trips |
trips#create |
GET | /trips/:id |
trips#show |
PATCH | /trips/:id |
trips#update |
DELETE | /trips/:id |
trips#destroy |
POST | /trips/:tripId/events |
events#create |
GET | /trips/:tripId/events/:eventId |
events#show |
PATCH | /trips/:tripId/events/:eventId |
events#update |
DELETE | /trips/:tripId/events/:eventId |
event#destroy |
All data returned from API actions is formatted as JSON.
Summary:
Request | Response | ||||
---|---|---|---|---|---|
Verb | URI | body | Headers | Status | body |
POST | `/sign-up` | credentials | empty | 201, Created | user |
400 Bad Request | empty | ||||
POST | `/sign-in` | credentials | empty | 200 OK | user w/token |
401 Unauthorized | errors | ||||
DELETE | `/sign-out` | empty | token | 201 Created | empty |
401 Unauthorized | errors | ||||
PATCH | `/change-password` | passwords | token | 204 No Content | user w/token |
400 Bad Request | empty |
The create
action expects a POST of credentials
identifying a new user to create, e.g.:
{
"credentials": {
"email": "an@example.email",
"password": "an example password",
"password_confirmation": "an example password"
}
}
If the request is successful, the response will have an HTTP Status of 201,
Created, and the body will be JSON containing the id
and email
of the new
user, e.g.:
{
"user": {
"_id":"an example id",
"email":"an@example.com",
"createdAt":"an example date",
"updatedAt":"an example date",
"__v":0
}
}
If the request is unsuccessful, the response will have an HTTP Status of 400 Bad Request, and the response body will be empty.
The signin
action expects a POST with credentials
identifying a previously registered user, e.g.:
{
"credentials": {
"email": "an@example.email",
"password": "an example password"
}
}
If the request is successful, the response will have an HTTP Status of 200 OK,
and the body will be JSON containing the user's id
, email
, and the token
used to authenticate other requests, e.g.:
{
"user":{
"_id":"an example id",
"email":"an@example.com",
"createdAt":"an example date",
"updatedAt":"an example date",
"__v":0,
"token":"<token>"
}
}
If the request is unsuccessful, the response will have an HTTP Status of 401 Unauthorized, and the response body will include the error.
The signout
action expects a DELETE request and must include the user's
token but no data is necessary to be sent.
If the request is successful the response will have an HTTP status of 204 No Content.
If the request is unsuccessful, the response will have a status of 401 Unauthorized.
The changepw
action expects a PATCH of passwords
specifying the old
and new
, eg.:
{
"passwords": {
"old": "example password",
"new": "new example password"
}
}
If the request is successful the response will have an HTTP status of 204 No Content.
If the request is unsuccessful the reponse will have an HTTP status of 400 Bad Request.
The sign-out
and change-password
requests must include a valid HTTP header
Authorization: Token token=<token>
or they will be rejected with a status of
401 Unauthorized.
All trip action requests must include a valid HTTP header Authorization: Token token=<token>
or they will be rejected with a status of 401 Unauthorized.
All of the trip actions follow the RESTful style.
Trips are owned by users. Actions will only retrieve a trip if the user associated with the Authorization
header matches the owner's token, which is generated on sign in and deleted on sign out. If this requirement is unmet,
the response will be 401 Unauthorized.
Summary:
Request | Response | |||
---|---|---|---|---|
Verb | URI | body | Status | body |
GET | `/trips` | n/a | 200, OK | trips found |
200, OK | empty trips | |||
The default is to retrieve all trips associated with the user.. | 401 Unauthorized | errors | ||
POST | `/trips` | trip | 201, Created | trip created |
401 Unauthorized | errors | |||
400 Bad Request | errors | |||
GET | `/trips/:id` | n/a | 200, OK | trip found |
401 Unauthorized | errors | |||
404 Not Found | empty | |||
PATCH | `/trips/:id` | trip delta | 204, No Content | empty |
400 Bad Request | errors | |||
404 Not Found | empty | |||
DELETE | `/trips/:id` | n/a | 204, No Content | empty |
400 Bad Request | errors | |||
404 Not Found | errors |
The index
action is a GET that retrieves all the trips associated with a user. The response body will contain JSON containing an array of trips, e.g:
{
"trips": [
{
"_id": "an example trip id",
"title": "My First Trip",
"category": "Beach",
"status": "Past Trip",
"destination": "Atlanta",
"date": "2020-05-06",
"duration": 2,
"budget": 300,
"owner": {
"_id": "an example owner id",
"email": "example@email",
"createdAt": "2020-07-02T22:26:12.759Z",
"updatedAt": "2020-07-06T03:11:23.503Z",
"__v": 0,
"token": "an example authentication token"
},
"events": [],
"createdAt": "2020-07-06T03:10:25.381Z",
"updatedAt": "2020-07-06T03:10:25.381Z",
"__v": 0
},
{
"_id": "an example trip id",
"title": "My Second Trip",
"category": "Roadtrip",
"status": "Planned Trip",
"destination": "Chicago",
"date": "2020-10-21",
"duration": 4,
"budget": 600,
"owner": {
"_id": "an example owner id",
"email": "example@email",
"createdAt": "2020-07-02T22:26:12.759Z",
"updatedAt": "2020-07-06T03:11:23.503Z",
"__v": 0,
"token": "an example authentication token"
},
"events": [],
"createdAt": "2020-07-06T03:10:52.876Z",
"updatedAt": "2020-07-06T03:10:52.876Z",
"__v": 0
}
]
}
If the request is unsuccessful, the response will have an HTTP Status of 400 Bad Request, and the response body will be JSON describing the errors.
The create
action expects a POST with a body containing trip details in JSON format. If the request is successful, the response will have an HTTP Status of 201 Created, and the body will contain JSON of the created trip with owner
set to the user calling create
, e.g.:
{
"trip": {
"_id": "an example trip id",
"title": "My First Vacation",
"destination": "Hawaii",
"duration": 2,
"date": "2020/10/10",
"budget": 500,
"category": "Beach",
"status": "Planned",
"owner": "an example owner id",
"events": [],
"createdAt": "2020-07-06T03:18:44.774Z",
"updatedAt": "2020-07-06T03:18:44.774Z",
"__v": 0
}
}
The show
action is a GET specifying the id
of the trip to retrieve. If the request is successful, the status will be 200, OK, and the response body will contain JSON for the trip requested, e.g.:
{
"trip": {
"_id": "an example trip id",
"title": "My First Vacation",
"destination": "Hawaii",
"duration": 2,
"date": "2020/10/10",
"budget": 500,
"category": "Beach",
"status": "Planned",
"owner": "an example owner id",
"events": [],
"createdAt": "2020-07-06T03:18:44.774Z",
"updatedAt": "2020-07-06T03:18:44.774Z",
"__v": 0
}
}
This update
expects a PATCH request with changes to an existing trip, formatted as such:
{
"trip": {
"title": "My First Vacation",
"destination": "Hawaii",
"duration": 2,
"date": "2020/10/10",
"budget": 500,
"category": "Beach",
"status": "Planned"
}
}
If the request is successful, the response will have an HTTP Status of 204, No Content, and the body will be empty.
If the request is unsuccessful, the response will have an HTTP Status of 400 Bad Request, and the body will be JSON describing the errors.
The destroy
action is a DELETE specifying the id
of the trip to delete. If the request is successful the status will be 204, No Content, and the body will be empty.
All event action requests must include a valid HTTP header Authorization: Token token=<token>
or they will be rejected with a status of 401 Unauthorized.
All of the event actions follow the RESTful style.
Summary:
Request | Response | |||
---|---|---|---|---|
Verb | URI | body | Status | body |
POST | `/trips/:tripId/events` | event | 204, No Content | empty |
401 Unauthorized | errors | |||
400 Bad Request | errors | |||
GET | `/trips/:tripId/events/:eventId` | n/a | 200, OK | event found |
401 Unauthorized | errors | |||
404 Not Found | empty | |||
PATCH | `/trips/:tripId/events/:eventId` | event delta | 204, No Content | empty |
400 Bad Request | errors | |||
404 Not Found | empty | |||
DELETE | `/trips/:id` | n/a | 204, No Content | empty |
400 Bad Request | errors | |||
404 Not Found | errors |
The create
action expects a POST with a body containing event details in JSON format. If the request is successful, the response will have an HTTP Status of 204 Created, and the body will be empty.
The show
action expects a GET specifying both the ID of the event to retrieve and the ID of the trip to which it belongs. If the request is successful, the response will have an HTTP Status of 200 OK, and the response body will contain JSON for the event retrieved, e.g:
{
"event": {
"_id": "an example event id",
"title": "Some Title",
"body": "Some Description",
"createdAt": "2020-07-06T03:48:28.695Z",
"updatedAt": "2020-07-06T03:48:28.695Z"
}
}
This update
expects a PATCH request with a body containing changes to an existing event, formatted as such:
{
"event": {
"title": "New Event Title",
"body": "New Event Description"
}
}
If the request is successful, the response will have an HTTP Status of 204, No Content, and the body will be empty.
If the request is unsuccessful, the response will have an HTTP Status of 400 Bad Request, and the body will be JSON describing the errors.
The destroy
action is a DELETE specifying the id
of the event to delete and the id
of the trip to which it belongs. If the request is successful the status will be 204, No Content, and the body will be empty.