Flags

• dev - dev or prod
• configFilepath - filepath to config.toml file
• logLevel - trace / debug / info

ENV variables

• $PORT - just listen port, defaults to 8080
• $DATABASE_URL - url to database in format of "postgres://127.0.0.1:5432"
• $SECRET_KEY - it's key for cookie store, server using this store to store login data.
• $SENDGRID_KEY - key for sendgrid.com, I'm using it as backend for sending emails.

Common models

• Message

{"user": "user", "chat": "chat", "id": "id", "text": "text", "time": "time"}

• User

{"user": "user"}

• Email

{"email": "user@example.org"}

• Chat

{"chat": "chat"}

• Events

• LoginEvent, LogoutEvent, ChatJoinEvent, ChatLeaveEvent

{User, Chat, Time}

• MessageEvent

{Message}

• ChatCreatedEvent, ChatRemovedEvent

{Chat, Time}

• ChatReport: contains info about chat for concrete user. If not joined - fields "messages" and "users" are empty.

{
    User,
    Chat, 
    "joined":true, 
    "messages": [...Message],
    "users": [...User]
}

API

/api/register

• Server will store user in db and send a email with validation link to email.
• Method: POST
• Request:

{User, "email": "user@example.com", "password": "password"}

/api/requestResetPassword

• Server will request send ResetPasswordToken via email.
• Method: POST
• Request:

{User}

/api/resetPassword

• Server will generate hash for new password and store it.
• Method: POST
• Request:

{User, "passwordResetToken": "reset token from email", "password": "new password"}

/api/verifyEmail/{username}/{activationToken}

• Server will set user activated status to true in database
• Method: GET

/api/authorize

• Server will check if user is in database, if user had verified email and if password is correct, then force logins user.
• Method: POST
• Request:

{User, "password": "password"}

• Response: valid cookie with session token

/api/login

• Login for unregistered users, only if user with this name isn't already logged in.
• Method: POST
• Response: valid cookie with session token and

User

/api/loggedonly/*

• this routes are only for users with valid cookie, that can be acquired via upper routes

/api/loggedonly/login

• Force logins user.
• Method: POST
• Response: valid cookie with session token and

User

/api/loggedonly/logout

• Logouts user.
• Method POST

/api/loggedonly/keepalive

• Updates user's last activity.
• Method: PUT

/api/loggedonly/poll

• Long poll for actions.
• Method: GET
• Response: Event

{"type": "EventType", "event": Event}

/api/loggedonly/joinChat

• Joins chat
• Method: POST
• Request:

Chat

• Response:

ChatReport

/api/loggedonly/leaveChat

• Leaves chat
• Method: POST
• Request:

Chat

/api/loggedonly/getChats

• Get all chats, joined status, messages for chats and users, if user permitted.
• Method: GET
• Response:

[...ChatReport]

/api/loggedonly/getLastMessages

• Gets last messages for a chat if is permitted
• Method: POST
• Request:

Chat

• Response:

[...Message]

/api/loggedonly/postMessage

• Posts message in chat if permitted
• Method: POST
• Request:

{User, "text": "text", Chat}

/api/loggedonly/getUsers

• Gets users in chat if permitted
• Method: POST
• Request:

Chat

• Response:

[...User]

/api/adminonly/*

• this routes are only for admins

/api/adminonly/createChat

• Creates new chat
• Method: POST
• Request:

Chat

/api/adminonly/removeChat

• Removes a chat
• Method: POST
• Request:

Chat