Base API written with Express.js(old dirty repo, much better check `supra-api-nodejs` repo)
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
api
client
.gitignore
README.md
README_NOTES.md

README.md

Vue2 & Express base portal

Usage

API

  • type 'node ./bin/www' or 'nodemon'

Client

  • npm run dev

Implemented (API, ExpressJS)

  • Routing:
    • Base router
    • Routing of endpoints in own controllers
  • ORM (objection.js):
    • Database - PostgreSQL
    • Models
    • Base parent model
    • CRUD
    • Model validation (joi.js)
    • Fields visibility in model
  • Auth:
  • Security:
    • Roles
      • SU ['superuser']
      • ADMINROLES ['superuser', 'moderator']
      • EDITORROLES ['editor']
      • USER ['user'] default role on user creation
    • Logic roles:
      • Anonymous
      • IsAuth
      • Owner(checks in checkToken middleware and depends from ownership of checked model entity)
      • NotOwner === IsAuth and !Owner
    • Check permissions(create, read, update, delete) middleware
  • Error handling

Implemented (Client, VueJS)

  • Base ... wip

Conventions:

  • POST to create new resources
  • POST to make custom VERBS
  • PATCH to update resources
  • GETbyId(), CREATE() - basic parent-model method
  • GetById(), Create() - custom children-model method
  • getById(), create() - controller methods
  • TUID - token user id
  • MUID - model user id

Terminology:

  • Model - row in DB table
  • Entity - model + relations(folder in FS, related models)

Permissions:

TAG:

  • Attach to items(ARTICLE, ALBUM): any user, must be ITEM OWNER or ADMINROLE
  • Detach from items(ARTICLE, ALBUM): any user, must be ITEM OWNER or ADMINROLE
  • Create: any member
  • Remove: ADMINROLE
  • Update: ADMINROLE

Token

Errors:

  • badRefreshToken
  • refreshTokenExpiredError