Simple Node.js REST server for managing super heroes and powers.
Running the app
node app.js
- To send audit messagens an email server account must be configured at the file
transporter_account.js
.
- As this is a sample project I used
TingoDB
withTungus
+mooongose
, this way I got a local file db that can be easily migrated to aMongoDB
.Tungus
only acceptsmooongose
, some of the architecture choices were based on this.
- I tried to keep the routes simple, so all routes are
POST
. Tape
was choosed as test framework for simplicity and synchronous testing.- All tests are integration tests for a more complete overview.
- All passwords are encrypted with a salt using brypt
Every user must be authenticated to access the rest of the API. Methods marked with [admin] can only be accessed by users with administrative level.
the input may be a x-www-form-encoded
or a apllication/json
:
{
name: <username>,
password: <password>
}
output:
{
success: <bool>
token: <token>
}
the token must be passed in all queries, it may be passed as a json
with the token
property, in the query
or as x-access-token
.
Route to register an email to receive audit messages.
- To send audit messagens an email server account must be configured at the file
transporter_account.js
.
input
{
name: <username>,
email: <useremail>
}
output:
{
success: <bool>
error: <error if any>
}
To run the tests just execute the command:
./node_modules/.bin/istanbul cover node_modules/tape/bin/tape test.js
the code coverage can be found at the coverage folder.
- Use the transporter_account.js file if you want to receive test audit messages.
- Istanbul is not generating the coverage report if executing
npm test
.
- allow users to have many roles
- create a push interface
- should be easy update the audit method
- postman don't support stream
- working test in commented code at routes.js and userTest.js
- more tests on heroes with powers
- test wrong requests, invalid powers, invalid roles, no name of
- geo-request for hero
- audit register route