Skip to content

An API with authentication and permissions. Users can register/login and on role-based can perform different CRUD operations over users, events and tickets. Built with Express, Mongoose and JWT.

License

Notifications You must be signed in to change notification settings

javitocor/Events-API-Express

Repository files navigation

Contributors Forks Stargazers Issues Hireable

Events-API-Express

An API with authentication and permissions. Users can register/login and on role based can perform different CRUD operations over users, events and tickets. Built with Express, Mongoose and JWT.

Additional description about the project and its features.

Built With

  • JAVASCRIPT
  • NPM
  • EXPRESS
  • MONGOOSE
  • PASSPORT
  • JWT
  • NODE
  • ESLINT
  • GITHUB ACTIONS
  • VSCODE

Usage

To have this app on your pc, you need to:

  • download or clone this repo:

    • Clone with SSH:
      git@github.com:javitocor/Events-API-Express.git
    
    • Clone with HTTPS
      https://github.com/javitocor/Events-API-Express.git
    
  • Requirements:

    • Nodejs and npm
      [Download Nodejs](https://nodejs.org/en/download/) and follow the instructions, npm is included in the package
    
  • In the project directory, you can run:

    • $ npm install - installs all the dependencies required by the project

    • $ npm run devstart - runs the app in the development mode:

Documentation

  • Basic information

    • This project is set up using Express js and Mongoose js, the authentication is based on Passport and JWT strategies. All the permissions to the different routes are set up in 'permissions.js' inside permissionsMiddleware folder.
  • Role based The API is based on 4 different roles:

      Basic
      ADMIN_BASIC
      ADMIN_MANAGER
      SUPERADMIN
    
    
  • Endpoints You can access the following endpoints depending on your user's role, by default a new user is assigned a 'Basic' role

      Register
        post http://localhost:3000/signup (EVERYONE)
      Login
        post http://localhost:3000/login (Basic, ADMIN_BASIC, ADMIN_MANAGER, SUPERADMIN)
      Logout
        get http://localhost:3000/logout (Basic, ADMIN_BASIC, ADMIN_MANAGER, SUPERADMIN)
      Get all users
        get http://localhost:3000/users (ADMIN_BASIC, ADMIN_MANAGER, SUPERADMIN)
      Get user detail
        get http://localhost:3000/users/:id (ADMIN_MANAGER, SUPERADMIN)
      Update user
        put http://localhost:3000/users/:id (SUPERADMIN)
      Delete user
        delete http://localhost:3000/users/:id (SUPERADMIN)
      Get all ongoing events
        get http://localhost:3000/events/ (Basic, ADMIN_BASIC, ADMIN_MANAGER, SUPERADMIN)
      Get all events
        get http://localhost:3000/events/all (SUPERADMIN)
      Get event detail
        get http://localhost:3000/events/:id (Basic, ADMIN_BASIC, ADMIN_MANAGER, SUPERADMIN)
      Create events
        post http://localhost:3000/events/ (ADMIN_BASIC, ADMIN_MANAGER, SUPERADMIN)
      Update events
        put http://localhost:3000/events/:id (SUPERADMIN)
      Delete events
        delete http://localhost:3000/events/:id (SUPERADMIN)
      Get tickets for an specific event
        get http://localhost:3000/events/:id/tickets (ADMIN_BASIC, ADMIN_MANAGER, SUPERADMIN)
      Create tickets for an specific event
        post http://localhost:3000/events/:id/tickets (ADMIN_MANAGER, SUPERADMIN)
      Update tickets for an specific event
        put http://localhost:3000/events/:id/tickets/:id (ADMIN_BASIC, ADMIN_MANAGER, SUPERADMIN)
      Delete tickets for a specific event
        delete http://localhost:3000/events/:id/tickets/:id (SUPERADMIN)
    
    
  • Bearer token authentication

    • Once a user has signed up, can make a post request to the login endpoint, the response will be a bearer token that user will have to add to the headers in any other request to the API to access the protected routes.
  • Seeding You can seed the database with the following command:

      node ./seeder/seed.js
    

    In case the db is empty, with this command you will get the 4 basic roles with its user to start performing operations.

      users: 'Basic', 'ADMIN_BASIC', 'ADMIN_MANAGER', 'SUPERADMIN'
      password: 'password' for all of them
    
  • Database

    • You can change the MongoDb database by changing the MONGODB_URI field in ./.env file.
  • Auth

    • You can modify the different auth strategies by modifying the file 'auth.js' in the 'auth' folder.

Maintenance and Scalability

This project is no longer maintained, maybe in the future I might add some extra features or routes. Feel free to download it and adapt it to your own project, the project is easy to understand and it is a good starting point to develop larger backends. The models, routes and authentication are scalable and easily maintenable.

Author

👤 Javier Oriol Correas Sanchez Cuesta

🤝 Contributing

Contributions, issues and feature requests are welcome!

Feel free to check the issues page.

Show your support

Give a ⭐️ if you like this project!

Acknowledgments 🚀

📝 License

This project is MIT licensed.

About

An API with authentication and permissions. Users can register/login and on role-based can perform different CRUD operations over users, events and tickets. Built with Express, Mongoose and JWT.

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages