Skip to content
/ users_api Public

User registration/login system for a portfolio project. Contains users, roles, departments, job titles etc for "employees".

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

fuston05/users_api

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

223 Commits

__test__

__test__

 
 

api

api

 
 

data

data

 
 

middleware

middleware

 
 

models

models

 
 

routers

routers

 
 

.DS_Store

.DS_Store

 
 

.gitignore

.gitignore

 
 

Procfile

Procfile

 
 

README.md

README.md

 
 

index.js

index.js

 
 

knexfile.js

knexfile.js

 
 

nodeMailer.js

nodeMailer.js

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

Repository files navigation

Node API Practice

About this project

  • This server is deployed on heroku api base url is: https://scotts-users-api.herokuapp.com

  • My role in this project was sole developer as a full-stack developer. This is just extra practice for RESTful API's using nodeJs, ExpressJs, KnexJs, PostgreSQL Database.

Tech used

Run this server locally:

  • Clone to your machine.
  • Run 'npm install'
  • Run 'npm run server' to start up the server (running with nodemon) -set up your local .env file:
  • See below about running seed files once you have your postgres database set up.
  • Database is named 'users' in the source code. If you call your DB something else you will need to update DB name in the knexfile.js in the root directory.
  • Table names will be consistent if you run the migrations using knex. (see below)

knex Seeds & Migrations

  • For help with knex run 'knex' in the terminal and it will display available migration and seed commands or see the knexjs docs
  • Migrations must be in the correct order due to the one-to-many relationship using foreign keys. Reverse the order for the migrations 'down' function. This same order applies to the seeds as well.
  • Run Migrations: To run the knex migrations, run 'knex migrate:latest' to build the database tables once you have your local postgres DB set up and running.
  • Run seeds with 'knex seed:run' in the terminal. See knexjs docs for more info

Endpoints

  • (POST) /auth/register

    Adds a new user to the database after validation. Stores a hashed version of the password in DB using bcryptjs library. bcryptJs, and sends an email confirmation link to the users email using nodeMailer

    • Requires the following in the request body:

      { "firstName": "users first name", "lastName": "users last name", "userName": "user name", "password": "1234", "email": "email", "current_Salary": salary, "hire_date": date, "department_id": departments foreign key, "job_title_id": job_titles foreign key, "privilege_id": privileges foreign key, }

    • Returns On success: user's id, userName, and a Welcome userName message.

    • Returns On failure: error message if userName or email is already in use or id any validation fails from the '/middleware/validation.js'.

  • (POST) users/auth/confirmEmail/

    Validates a users email with a string token sent to their email address using nodeMailer as mentioned above. The email link will hit this endpoint with an 'emailToken'(t), and a 'userName'(u) in the query string.

    We first make sure they have not already verified their email by querying the DB. If they have not already verified the email, then we proceed with updating the DB and sending back a confirmation message that they have successfully verified their email.

    • Requires {t(emailToken), u(userName)} in the request.query.

    • Returns if already verified: message that user has already verified their account and should log in now.

    • Returns If not already verified: successful verification message.

    • Returns Error: If not email token is no longer valid: message stating that the token may have expired, and they should try again.

  • (POST) users/auth/login/

    Logs in a user.

    • Requires {userName, password} in the request body. Checks if email has been verified, checks if user exists, and validates user input before logging in.
    • Returns error message if that user doesn't exist in the DB.
    • Returns error message if that user email is not verified in the DB.
    • Returns error messages if user input fails the validation from express-validator
    • Returns a welcome userName message, and a json web token on success with an 8 hour expiration by default.

  • (GET) /users

    Gets all users form DB.

    • Requires authorization header token.
    • Returns an array of user objects on success.
    • Returns an error message if there are no users in the db.
    • Note: Must be 'Admin' to see salary info in this request.

  • (GET) /users/id

    Gets a user by their id.

    • Requires authorization header token.
    • Requires an 'id' parameter.
    • Returns {id, userName} on success
    • Returns an error message if user doesn't exist in the DB.
    • Note: Must be 'Admin' to see salary info in this request.

  • (PUT) /users

    Updates an existing user in the DB. Does not update password. That will be handled elsewhere.

    • NOTE: For now you do not need to be an admin to add a new user.
    • Requires authorization header token.
    • Requires {id, userName, email, salary, role_Id, employee_info_id} in the request body. Checks if new info already exists if it has a unique constraint before submitting the query.
    • Returns an error message if the NEW userName or email is already in use.
    • Returns user's 'id' on success.

  • (DELETE) /users/id

    Deletes a user form the DB by id.

    • Requires authorization header token, and Admin rights.
    • Requires an 'id' parameter.
    • Returns number of affected rows on success.
    • Returns an error message if user doesn't exist.

Middleware

Custom middleware descriptions. All custom middleware can be found in the '/middleware' folder exported from the index.js so you can import from the 'middleware' dir. ie. const {isLoggedIn}= require('../middleware')

  • isLoggedIn middleware/validation.js. Makes sure a user is logged in.

  • registerValidation middleware/validation.js. The express validator rules are exported from this for inline use as middleware in route handlers.

Checks for proper input characters and lengths etc, > performs some formatting (trim, toLowercase, escape)> Checks if userName or email already exists.

  • loginValidation middleware/validation.js. middleware/validation.js. The express validator rules are exported from this for inline use as middleware in route handlers.

Checks for proper input characters and lengths etc, > performs some formatting (trim, toLowercase, escape) Checks if userName exists. Checks if password and cPassword match.

Database (Postgres)

See the migrations (/data/migrations) for more schema details.

Privileges:

'privileges' is a table of role types. The 'role_Id' field on the user is a foreign key to the privileges table. There is a seed file for this in the 'data/seeds' dir.

Users

'users' is a table of users. Currently containing a userName, password, email, current_salary, hire_date, privilege_id, department_id, and job_title_id.

Departments

'departments is a table of work departments. Currently contains an id, department, manager_first_name, manager_last_name columns.

Job_titles

'job_titles is a table of different available job titles. Currently contains an id, job_title, starting_salary

About

User registration/login system for a portfolio project. Contains users, roles, departments, job titles etc for "employees".

Topics

api cors dotenv server rest-api expressjs jsonwebtoken postgresql-database morgan knexjs express-validator practice-project morgan-middleware bcryptjs uuidv4 helmetjs

Resources

Readme
Activity

Stars

2 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages