This is a demo project that shows the use of JSON Web Tokens (https://jwt.io/).
The JWT tokens are created with a auth_token in the claims. A logged in user
sends a header with the JWT token. The signature of the token is validated
and then the auth_token is extracted and validated in Postgres.
Endpoint to register a new user.
{
"email": "test@example.com",
"password": "aPassword",
"firstName": "FirstName",
"lastName": "LastName"
}email will be used as a unique key in the database.
All responses are in JSON. This one will include the "token" field with the JWT token in it.
{
"token": "some_jwt_token"
}Login a user endpoint. The body will have the following:
{
"email": "test@example.com",
"password": "aPassword"
}Like register the response is the JWT token.
{
"token": "some_jwt_token"
}Retrieve a JSON object with all of the users in it.
The user must be logged in with a valid X-Authentication-Token header.
{
"users": [
{
"email": "test@example.com",
"firstName": "FirstName",
"lastName": "LastName"
}
]
}This will update the user table. Only two fields are updated. The user must be logged into to
perform the update. The update will be for the user's own data. The user will be identified
by the auth_token.
{
"firstName": "NewFirstName",
"lastName": "NewLastName"
}The response can body will be
{
"status": "success",
}on a successful update.
Look at INSTRUCTIONS.md.