Udacity Full Stack Nanodegree capstone project - Casting Ageny
This project is the capstone project for Udacity Full Stack web development nanondegree.
This project covers all the learnt concepts that were covered by the nanodegree which includes data modeling for web using postgres, API development and testing with Flask, Authorization with RBAC, JWT authentication and finally API deployment using Heroku.
This section will introduce you to how to run and setup the app locally.
This project is based on Python 3 and Flask.
To install project dependencies:
$ pip install -r requirements.txtNote: you must have the latest version of Python 3
- You need to install and start
postgresdatabase. - You need to update the database_params variable found in
config.pyfile as shown below:
database_params = {
"username": "postgres",
"password": "YOUR_DB_PASSWORD",
"db_name": "casting_agency",
"dialect": "postgresql"
}Note: you can create a db named casting_agency by using createdb command as shown below:
createdb -U postgres casting_agencyYou need to update auth0_params variable found in config.py with auth0 configurations
auth0_params = {
"AUTH0_DOMAIN": "matef.auth0.com",
"ALGORITHMS": ['RS256'],
"API_AUDIENCE": "myapp"
}You can run the app using the below commands:
export FLASK_APP=app.py
flask runYou can run the unit test cases that are defined in test_app.py using the below command:
python test_app.pyThis section will introduce you to API endpoints and error handling
Errors are returned as JSON in the following format:
{
"success": False,
"error": 404,
"message": "resource not found"
}The API will return the types of errors:
- 400 – bad request
- 404 – resource not found
- 422 – unprocessable
- 500 - internal server error
- 401 - unauthorized
This API supports two types of resources /actors and /movies. Each resource support four HTTP methods; GET, POST, PATCH, DELETE
Notes
- You need to update the ACCESS_TOKEN in the below requests with JWT valid token.
- The below requests assumes you are running the app locally, so you need to update the requests with the base URL or your URL after deployment.
- General: returns a list of all actors
- Sample request:
curl -X GET http://127.0.0.1:5000/actors -H "Content-Type: application/json" -H "Authorization: Bearer ACCESS_TOKEN"- Sample response:
{
"actors": [
{ "age": 25, "gender": "Male", "id": 1, "name": "Mohamed" },
{ "age": 26, "gender": "Male", "id": 2, "name": "Khalaf" },
{ "age": 23, "gender": "Female", "id": 3, "name": "Monica" }
],
"success": true
}- General: returns a list of all movies
- Sample request:
curl -X GET http://127.0.0.1:5000/movies -H "Content-Type: application/json" -H "Authorization: Bearer ACCESS_TOKEN"- Sample response:
{
"movies": [
{
"actors": ["Mohamed", "Khalaf"],
"id": 1,
"release_date": "Mon, 15 Jun 2020 00:00:00 GMT",
"title": "Shawshank_Redemption"
},
{
"actors": ["Monica"],
"id": 2,
"release_date": "Mon, 15 Jun 2020 00:00:00 GMT",
"title": "Happy_Days"
}
],
"success": true
}- General: create a new actor
- Sample request:
curl -X POST http://127.0.0.1:5000/actors -H "Content-Type: application/json" -H "Authorization: Bearer ACCESS_TOKEN" -d '{"name" : "New_Actor_1", "age" : "30", "gender":"Male"}'- Sample response: returns the new actor id
{ "created": 4, "success": true }- General: create a new movie
- Sample request:
curl -X POST http://127.0.0.1:5000/movies -H "Content-Type: application/json" -H "Authorization: Bearer ACCESS_TOKEN" -d '{"title" : "New_Movie_1", "release_date" : "12/6/2020"}'- Sample response: returns the new movie id
{ "created": 3, "success": true }- General: update an existing actor
- Sample request: you can update actor's name, gender and age
curl -X PATCH http://127.0.0.1:5000/actors/1 -H "Content-Type: application/json" -H "Authorization: Bearer ACCESS_TOKEN" -d '{"name" : "Mohamed Khalaf"}'- Sample response: returns the updated actor object
{
"actor": { "age": 25, "gender": "Male", "id": 1, "name": "Mohamed Khalaf" },
"success": true
}- General: update an existing movie
- Sample request: you can update movies's title and release date
curl -X PATCH http://127.0.0.1:5000/movies/1 -H "Content-Type: application/json" -H "Authorization: Bearer ACCESS_TOKEN" -d '{"title" : "UPDATE_NAME", "release_date" : "12/6/2020"
}'- Sample response: returns the updated movie object which includes the actors acting in this movie
{
"movie": {
"actors": ["Mohamed Khalaf", "Khalaf"],
"id": 1,
"release_date": "Mon, 15 Jun 2020 00:00:00 GMT",
"title": "Movie_Title"
},
"success": true
}- General: delete an existing actor
- Sample request:
curl -X DELETE http://127.0.0.1:5000/actors/1 -H "Authorization: Bearer ACCESS_TOKEN"- Sample response: returns the deleted actor id
{ "delete": 1, "success": true }- General: delete an existing movie
- Sample request:
curl -X DELETE http://127.0.0.1:5000/movies/1 -H "Authorization: Bearer ACCESS_TOKEN"- Sample response: returns the deleted movie id
{ "delete": 1, "success": true }This API uses Auth0 for authentication, you will need to setup Auth0 application and API. You will need to update auth0_params variable found in config.py.
You can use the below links to setup auth0:
- Casting Assistant:
- GET /actors (get:actors): can get all actors
- GET /movies (get:movies): can get all movies
- Casting Director:
- All permissions of
Casting Assistant - POST /actors (create:actors): can create new actors
- PATCH /actors (update:actors): can update existing actors
- PATCH /movies (update:movies): can update existing movies
- DELETE /actors (delete:actors): can delete actors from database
- Exectutive Director:
- All permissions of
Casting Director - POST /movies (create:movies): Can create new movies
- DELETE /movies (delete:movies): Can delete movies from database