Skip to content
/ Events-API-Express Public

An API with authentication and permissions. Users can register/login and on role-based can perform different CRUD operations over users, events and tickets. Built with Express, Mongoose and JWT.

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications

javitocor/Events-API-Express

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

54 Commits

auth

auth

 
 

bin

bin

 
 

controllers

controllers

 
 

models

models

 
 

permissionsMiddleware

permissionsMiddleware

 
 

public/stylesheets

public/stylesheets

 
 

routes

routes

 
 

seeder

seeder

 
 

views

views

 
 

.env

.env

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

app.js

app.js

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

Repository files navigation

Contributors Forks Stargazers Issues Hireable

Events-API-Express

An API with authentication and permissions. Users can register/login and on role based can perform different CRUD operations over users, events and tickets. Built with Express, Mongoose and JWT.

Additional description about the project and its features.

Built With

  • JAVASCRIPT
  • NPM
  • EXPRESS
  • MONGOOSE
  • PASSPORT
  • JWT
  • NODE
  • ESLINT
  • GITHUB ACTIONS
  • VSCODE

Usage

To have this app on your pc, you need to:

  • download or clone this repo:

    • Clone with SSH:
      git@github.com:javitocor/Events-API-Express.git
    • Clone with HTTPS
      https://github.com/javitocor/Events-API-Express.git

  • Requirements:

    • Nodejs and npm
      [Download Nodejs](https://nodejs.org/en/download/) and follow the instructions, npm is included in the package

  • In the project directory, you can run:

    • $ npm install - installs all the dependencies required by the project

    • $ npm run devstart - runs the app in the development mode:

Documentation

  • Basic information

    • This project is set up using Express js and Mongoose js, the authentication is based on Passport and JWT strategies. All the permissions to the different routes are set up in 'permissions.js' inside permissionsMiddleware folder.

  • Role based The API is based on 4 different roles:

      Basic
  ADMIN_BASIC
  ADMIN_MANAGER
  SUPERADMIN

  • Endpoints You can access the following endpoints depending on your user's role, by default a new user is assigned a 'Basic' role

      Register
    post http://localhost:3000/signup (EVERYONE)
  Login
    post http://localhost:3000/login (Basic, ADMIN_BASIC, ADMIN_MANAGER, SUPERADMIN)
  Logout
    get http://localhost:3000/logout (Basic, ADMIN_BASIC, ADMIN_MANAGER, SUPERADMIN)
  Get all users
    get http://localhost:3000/users (ADMIN_BASIC, ADMIN_MANAGER, SUPERADMIN)
  Get user detail
    get http://localhost:3000/users/:id (ADMIN_MANAGER, SUPERADMIN)
  Update user
    put http://localhost:3000/users/:id (SUPERADMIN)
  Delete user
    delete http://localhost:3000/users/:id (SUPERADMIN)
  Get all ongoing events
    get http://localhost:3000/events/ (Basic, ADMIN_BASIC, ADMIN_MANAGER, SUPERADMIN)
  Get all events
    get http://localhost:3000/events/all (SUPERADMIN)
  Get event detail
    get http://localhost:3000/events/:id (Basic, ADMIN_BASIC, ADMIN_MANAGER, SUPERADMIN)
  Create events
    post http://localhost:3000/events/ (ADMIN_BASIC, ADMIN_MANAGER, SUPERADMIN)
  Update events
    put http://localhost:3000/events/:id (SUPERADMIN)
  Delete events
    delete http://localhost:3000/events/:id (SUPERADMIN)
  Get tickets for an specific event
    get http://localhost:3000/events/:id/tickets (ADMIN_BASIC, ADMIN_MANAGER, SUPERADMIN)
  Create tickets for an specific event
    post http://localhost:3000/events/:id/tickets (ADMIN_MANAGER, SUPERADMIN)
  Update tickets for an specific event
    put http://localhost:3000/events/:id/tickets/:id (ADMIN_BASIC, ADMIN_MANAGER, SUPERADMIN)
  Delete tickets for a specific event
    delete http://localhost:3000/events/:id/tickets/:id (SUPERADMIN)

  • Bearer token authentication

    • Once a user has signed up, can make a post request to the login endpoint, the response will be a bearer token that user will have to add to the headers in any other request to the API to access the protected routes.

  • Seeding You can seed the database with the following command:

      node ./seeder/seed.js

    In case the db is empty, with this command you will get the 4 basic roles with its user to start performing operations.

      users: 'Basic', 'ADMIN_BASIC', 'ADMIN_MANAGER', 'SUPERADMIN'
  password: 'password' for all of them

  • Database

    • You can change the MongoDb database by changing the MONGODB_URI field in ./.env file.

  • Auth

    • You can modify the different auth strategies by modifying the file 'auth.js' in the 'auth' folder.

Maintenance and Scalability

This project is no longer maintained, maybe in the future I might add some extra features or routes. Feel free to download it and adapt it to your own project, the project is easy to understand and it is a good starting point to develop larger backends. The models, routes and authentication are scalable and easily maintenable.

Author

👤 Javier Oriol Correas Sanchez Cuesta

🤝 Contributing

Contributions, issues and feature requests are welcome!

Feel free to check the issues page.

Show your support

Give a ⭐️ if you like this project!

Acknowledgments 🚀

📝 License

This project is MIT licensed.

About

An API with authentication and permissions. Users can register/login and on role-based can perform different CRUD operations over users, events and tickets. Built with Express, Mongoose and JWT.

Topics

permissions expressjs passportjs mongoosejs jwt-authentication role-based passport-local passport-jwt

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages