In response to Make It Real Top-v25 backend assessment.
Favs is a new company that aims to provide a better way to organize your favorite things: music, clothes, courses, etc., all in one place.
- Overview
- Create Users
- Users' Login
- Create a list
- Consult a user's lists
- Consult a specific list
- Delete a specific list
- Add a fav to a list
This creates a backend server for Favs. It creates a server with certain endpoints so users can carry out the actions tat the client specified such as register, log in, create lists, etc. Tun run the server locally, download the files and, in a console window go to the folder an run the following comand:
npm run install
It will install all the project dependencies. Once it is done, run the following command:
npm run dev
Iv everything is OK, the command window wil display the following messages:
Server is running on port 8080
Connected to database
To test endpoints you can use any software tool to make HTTP requests such as Postman.
To create a new user, send a POST HTTP request to /api/users with the user's information in the following JSON structure:
{
"email": "user email",
"password": "user password"
}Password should contain at least a number and a capital letter. If the password does not comply with these requirements, the server will return the following message:
{
"message": "Password is not strong enough. Remember to include at least a capital letter and a number."
}The user's email should not be already included in the database. Otherwise, the server will return an error 500.
For users to log in, send a POST HTTP request to /auth/local/login with the user's information in the following JSON structure:
{
"email": "user email",
"password": "user password"
}If a user is not registered in the database, the server will return an error 404 with the following JSON message:
{
"message": "User not found"
}If the password is not the same as the user registered, the server will return an error 404 with the following JSON message:
{
"message": "Invalid password"
}If login is successful, the server will return a status 200 with the following JSON message:
{
"profile": {
"_id": "user's unique id",
"email": "user's email"
},
"userToken": "autogenerated user's access token"
}For users to create a new list, send a POST HTTP request to /api/favs with the list's name in the following JSON structure:
{
"name": "list name"
}Remember that only users who have logged in can create their lists. That is why you must include the token provided on the login in the request headers. If the token is not included or is not correct, the server will send an error message as follow:
{
"message": "invalid user token"
}If creation is successful, the server will return a status 200 with the following JSON message:
{
"name": "list name",
"items": [],
"_id": "list id",
"createdAt": "creation date",
"updatedAt": "creation date",
"__v": 0
}The new list is automatically added to the user's lists.
For users to consult their lists, send a GET HTTP request to /api/favs.
Only users who have logged in can consult their lists. That is why you must include the token provided on the login in the request headers.
If the user is verified and has lists, the server will return a status 200 with the following JSON message:
[
{
"_id": "list 1 id",
"name": "list 1 name",
"items": [],
"createdAt": "list 1 creation date",
"updatedAt": "list 1 update date",
"__v": 0
},
{
"_id": "list 2 id",
"name": "list 2 name",
"items": [],
"createdAt": "list 2 creation date",
"updatedAt": "list 2 update date",
"__v": 0
}
]Otherwise, if the user doesn't have any list, the JSON response will be an empty array:
[]For users to consult a specific list, send a GET HTTP request to /api/favs/<id>. Replace <id> with the id of the specific list.
Only users who have logged in can consult their lists. That is why you must include the token provided on the login in the request headers.
If the user is verified and has the list in their data, the server will return a status 200 with the following JSON message:
{
"_id": "list id",
"name": "list name",
"items": [],
"createdAt": "creation date",
"updatedAt": "update date",
"__v": 0
}If a user attempts to consult a list that is not theirs, the server will return a status 401 with the following JSON message:
{
"message": "user is not authorized to consult this list"
}For users to delete a specific list, send a DELETE HTTP request to /api/favs/<id>. Replace <id> with the id of the specific list.
Only users who have logged in can consult their lists. That is why you must include the token provided on the login in the request headers.
If the user is verified and has the list in their data, the server will return a status 200 with the following JSON message:
{
"message": "List has been removed."
}If a user attempts to delete a list that is not theirs, the server will return a status 401 with the following JSON message:
{
"message": "user is not authorized to delete this list"
}For users to add a fav in a specific list, send a PATCH HTTP request to /api/favs/<id>. Replace <id> with the id of the specific list.
Only users who have logged in can consult their lists. That is why you must include the token provided on the login in the request headers.
If the user is verified and has the list in their data, the server will return a status 200 with the list updated in the following JSON message:
{
"_id": "List id",
"name": "list name",
"items": [
{
"_id": "item id",
"title": "item title",
"description": "item description",
"link": "item link"
}
],
"createdAt": "list creation date",
"updatedAt": "las list update date",
"__v": 0
}If a user attempts to edit a list that is not theirs, the server will return a status 401 with the following JSON message:
{
"message": "user is not authorized to update this list"
}