This Nodejs REST API part two is intended to be secure and user-friendly, and it makes use of best API practices
The APIs could be improve over time to be more secure.
Copy and past DBqueries.sql file from the root of the project. Run the DBqueries.sql file to create the database and tables. Check the database and tables are created and data is inserted.
- Download the Nodejs Rest API PartTwo V2.postman_collection file on the current repo
- Launch Postman
- Select the import icon.
- Upload the Nodejs Rest API PartTwo V2.postman_collection file
- Go to auth/login and enter the username and password
- npm install
- .env file should be created and filled with the correct values for the database connection. (username, password, host, database). check the .env.example file for more info.
- npm start
- Open the browser
- auth/login
- username: admin
- password: password
- Expect the response to be 200 and the token to be returned. The token is used in the next steps.
- Available admin and users: Use one of the following:
- Superadmin and admin they have access to all the APIs. This is how I wanted to use the APIs. However, reqular users can only access the APIs they have access to. Perhaps more users like guest users can be added with different permissions and some APIs can be restricted and so on.
-
superadmin
{ "email": "softhouse@gmail.com", "password": "password" }
-
admin
{ "email": "admin@gmail.com", "password": "password" }
-
user
{ "email": "user@gmail.com", "password": "password" }
- Login
- Save the token
- The Get ...auth/me route will return the user who is logged in.
- Click on the admin/admin post route
- Fill new Admin or user credentials in the Body
- Validation would take care of if unnecessary fields are added.
- Click Send
{
"name":"Softhouse",
"email": "softhouse@gmail.com",
"password": "password",
"userRole": "superAdmin"
}
- Click on the admin/admin update route
- Edit Admin or user credentials in the Body
- Params
- id: the id of the admin or user
- Validation would take care of if unnecessary fields are added.
- Click Send
{
"name":"new name",
"email": "newEmail@gmail.com",
"password": "New password",
"userRole":"admin"
}
You can check them out. You got the idea
- Click on the customer/customer getAllCustomer route
- Click Send
- Click on the customer/customer getCustomer route
- Params
- id: the id of the customer
- Click Send
- Click on the customer/customer create post route
- Fill new customer credentials in the Body
- Validation would take care of if unnecessary fields are added.
- Click Send
{
"name":"New customer",
"username": "newUsername",
"email": "newCustomer@gmail.com",
"password": "password"
}
- Click on the customer/customer update route
- Edit customer credentials in the Body
- Params
- id: the id of the customer
- Validation would take care of if unnecessary fields are added.
- Click Send
{
"name":"New update name",
"username": "newUsername",
"email": "newEmail@gmail.com",
"password": "password"
}
- Click on the customer/customer delete route
- Params
- id: the id of the customer
- Click Send
- Click on the post/post get Post by post id route
- Params
- id: the id of the post
- Click Send
- Click on the post/post get all customer posts route
- Click Send
- Click on the post/post create post by customer id route
- Fill new post credentials in the Body
- Validation would take care of if unnecessary fields are added.
- Click Send
{
"customerId": 12,
"title": "title one",
"body": "body one text",
"extra": "data will be thrown away"
}
-
Click on the post/post update post by post id and customer id in the body route
-
Fill new post credentials in the Body
-
Params
- id: the id of the post
-
Validation would take care of if unnecessary fields are added.
-
Click Send
{
"customerId": 12,
"title": "title one",
"body": "body one text",
"extra": "data will be thrown away"
}
"customerId": 17,
"title": "title one",
"body": "body one text",
"published":1
}
{
"customerId": 17,
"title": "title one",
"published":1
}
{
"customerId": 17,
"published":1
}
- Click on the post/post delete post by post id and customer id in the body route
- Params
- id: the id of the post
- Validation would take care of if unnecessary fields are added.
- Click Send