Skip to content

thinh105/Tourino-Backend-Nodejs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

79 Commits

.github/workflows

.github/workflows

Β 
Β 

controller

controller

Β 
Β 

dev-data/testApiRequest

dev-data/testApiRequest

Β 
Β 

models

models

Β 
Β 

routes

routes

Β 
Β 

utils

utils

Β 
Β 

.eslintrc.json

.eslintrc.json

Β 
Β 

.gitignore

.gitignore

Β 
Β 

.prettierrc

.prettierrc

Β 
Β 

README.md

README.md

Β 
Β 

SAMPLE.env

SAMPLE.env

Β 
Β 

app.mjs

app.mjs

Β 
Β 

errorTour.json

errorTour.json

Β 
Β 

package-lock.json

package-lock.json

Β 
Β 

package.json

package.json

Β 
Β 

server.js

server.js

Β 
Β 

Repository files navigation

node version

πŸŽ‰ About this project


A REST API Backend using Node - Express - Mongoose for the Tourino Project contains practical examples (CRUD, Authentication & Authorization, Error Handling, Security).


πŸ”„ API Spec

Live Demo : https://tourino.herokuapp.com/api/v1/


πŸ‚ Tours

URL HTTP Verb POST Body Authentication Authorization Result
/api/v1/tours GET Return all tours
/api/v1/tours/:id GET Return single tour (based on id)
/api/v1/tours/slug/:slug GET Return single tour (based on slug)
/api/v1/tours POST JSON String Yes moderator, admin Create new tour
/api/v1/tours/:id PATCH JSON String Yes moderator, admin Updates an existing tour
/api/v1/tours/:id DELETE Yes moderator, admin Deletes an existing tour
-
/api/v1/tours/destinations GET Return all destinations and count
/api/v1/tours/travelStyle GET Return all travel style and count

πŸ‘½ Users

URL HTTP Verb POST Body Authentication Authorization Result
/api/v1/users/signup POST JSON String Create a new user
/api/v1/users/login POST JSON String Create a new user
/api/v1/users/forgotPassword POST JSON String Create a new user
/api/v1/users/resetPassword:token POST JSON String Create a new user
-
/api/v1/users/me GET Yes Return a current user
/api/v1/users/updateMyPassword PATCH JSON String Yes Updates password for a current user
/api/v1/users/updateMe PATCH JSON String Yes Updates a current user
/api/v1/users/deleteMe DELETE Yes Deletes a current user
-
/api/v1/users GET Yes admin Return all users
/api/v1/users/role GET Yes admin Return all Role's types and count
/api/v1/users/:id GET Yes admin Return a specific user
/api/v1/users/:id PATCH JSON String Yes admin Update a specific user
/api/v1/users/:id DELETE Yes admin Delete a specific user

πŸ“ Reviews

URL HTTP Verb POST Body Authentication Authorization Result
/api/v1/tours/:tourId/reviews GET Return all reviews from a specific tour
/api/v1/reviews GET Return all reviews
/api/v1/reviews/:id GET Return a specific review
/api/v1/reviews POST JSON String Yes user Create new review
/api/v1/reviews/:id PATCH JSON String Yes user(owner of review), admin Updates a specific review
/api/v1/reviews/:id DELETE Yes user(owner of review), admin Deletes a specific review

πŸ“š Tech Stacks

  • NodeJS
  • Express
  • MongoDB
  • Mongoose

πŸ“¦ Packages used

πŸ”¨ Utility Package

  • dotenv
    • Loads environment variables from .env file
  • mongoose-id-validator
    • validate that ObjectID references refer to objects that actually exist in the referenced collection
  • mongoose-unique-validator
    • adds pre-save validation for unique fields within a Mongoose schema.
  • morgan
    • HTTP request logger middleware for node.js
  • nodemailer
    • Easy as cake e-mail sending from your Node.js applications
  • qs
    • A querystring parser that supports nesting and arrays, with a depth limit
  • slugify
    • Slugifies a String
  • validator
    • String validation and sanitization

🚫 Security Package

  • BcryptJS
    • Optimized bcrypt in plain JavaScript for NodeJS.
  • jsonwebtoken
    • JSON Web Token for node.js
  • cors
    • Node.js CORS middleware
  • express-rate-limit
    • Basic IP rate-limiting middleware for Express.
    • Use to limit repeated requests to public APIs and/or endpoints such as password reset.
  • express-mongo-sanitize
    • Sanitize your express payload to prevent MongoDB operator injection.
  • helmet
    • secure the Express apps
  • xss-clean
    • sanitize user input coming from POST body, GET queries, and url params
  • hpp
    • protect against HTTP Parameter Pollution attacks

πŸ”§ Editor setup

To keep the style of resources consistent, I decided to stick to some shared rules that have to be applied to every project using some editors plugins.

I have chosen to use

This works including specific .eslintrc.json and .prettierrc files in the root directory and making sure your editor has the necessary plugins.


πŸ› Test API

I using REST client to test my API.

File test can be found in /dev-data/testApiRequest folder


🀝 Contributing

  • Fork it!
  • Create your feature branch: git checkout -b my-new-feature
  • Commit your changes: git commit -am 'Add some feature'
  • Push to the branch: git push origin my-new-feature
  • Submit a pull request

πŸ’“ Show your support

This is just a personal project created for study/demonstration purpose, it may or may not be a good fit for your project(s).

Please ⭐ this repository if you like it or this project helped you!

Feel free to open issues or submit pull-requests to help me improving my work.

About

🌏✈ A Travel Agency REST API server using NodeJS, ExpressJS, MongoDB, Moongoose for Tourino Project. ✈🌏

tourino.herokuapp.com/api/v1/

Topics

nodejs jwt mongodb mongoose expressjs

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages