@Ifycode/buuks-express-api
Hosted on Heroku: https://buuks-express-api.herokuapp.com
"Buuks" instead of "books"... Another angle
- Create Read Update Delete operations for books which are saved in the database
- User signup, authentication and (basic) authorization
- PDF file upload to Cloudinary
- Uses zod for resource validation
API design
| Methods & endpoints | Description | Request body | Auth (access token) |
|---|---|---|---|
| POST /users/signup | Create new user | email, password, passwordConfirmation, name | Not required |
| POST /users/login | Sign in as existing user, create access token and refresh token for use in all endpoints that require access token | email, password | Access token is generated at this endpoint |
| GET /users/sessions | Gets all users sessions made through the POST /users/login endpoint. Also reissues an access token (if access token is expired and there's refresh token) | No request body | Use access token from the POST /users/login response |
| DELETE /users/sessions | Deletes the last recorded session created through the POST /users/login endpoint (Note: this endpoint may need fixing) | No request body | Use access token from the POST /users/login response |
| POST /books | Create a new book (authenticated user) | title, description, pdf (file upload) | Use access token from the POST /users/login response |
| GET /books/user/:userId | Get/view only books created by a particular user, using the user ID | No request body | Use access token from the POST /users/login response |
| GET /books/:bookId | Get/view a book stored in the database, using the book ID | No request body | Not required (for now) |
| PUT /books/:bookId | Update already existing book in the database, using the book ID | title, description, pdf (file upload) | Use access token from the POST /users/login response |
| DELETE /books/:bookId | Delete a book from the database, using the book ID | No request body | Use access token from the POST /users/login response |
Request body and (successful) response
POST /users/signup
Request body
{
"email": "string",
"password": "string",
"passwordConfirmation": "string",
"name": "string"
}
Successful response (sample)
{
"user": {
"email": "string",
"name": "string",
"_id": "string",
"createdAt": "string",
"updatedAt": "string"
}
}
POST /users/login
Request body
{
"email": "string",
"password": "string"
}
Successful response (sample)
{
"user": {
"name": "string",
"email": "string",
"_id": "string"
},
"accessToken": "string"
}
GET /users/sessions
Request body
No response body
Successful response (sample)
{
"count": number,
"sessions": [
{
"_id": "string",
"user": "string",
"password": boolean,
"userAgent": "string",
"createdAt": "string",
"updatedAt": "string"
},
// etc.
]
}
DELETE /users/sessions
Request body
No response body
Successful response (sample)
{
"accessToken": null,
"refreshToken": null
}
POST /books
Request body
Use form-data (in postman). The title and description keys should have value of type string. The pdf key should have the value of type file.
Successful response (sample)
{
"message": "string"
"user": {
"name": "string",
"_id": "string"
},
"book": {
"_id": "string",
"title": "string",
"description": "string",
"pdf": "string"
"request": {
"type": "string",
"url": "string",
"description": "string"
}
}
}
GET /books/user/:userId
Request body
No response body
Successful response (sample)
{
"count": number,
"description": "string",
"books": [
{
"_id": "string",
"title": "string",
"description": "string",
"pdf": "string",
"request": {
"type": "string",
"url": "string",
"description": "string"
}
},
// etc.
]
}
GET /books/:bookId
Request body
No response body
Successful response (sample)
{
"_id": "string",
"title": "string",
"description": "string",
"pdf": "string",
"user": {
"_id": "string"
},
"request": {
"type": "string",
"url": "string",
"description": "string"
}
}
PUT /books/:bookId
Request body
Use form-data (in postman). The title and description keys should have value of type string. The pdf key should have the value of type file.
Successful response (sample)
{
"message": "string"
"user": {
"name": "string",
"_id": "string"
},
"book": {
"_id": "string",
"title": "string",
"description": "string",
"pdf": "string"
"request": {
"type": "string",
"url": "string",
"description": "string"
}
}
}
DELETE /books/:bookId
Request body
No response body
Successful response (sample)
{
"message": "string"
"user": {
"name": "string",
"_id": "string"
},
"request": {
"type": "string",
"url": "string",
"description": "string"
}
}
Running the API in development
Make sure to either have mongoDB installed and running on your computer, or have a monogDB atlas cluster set up in the cloud. Set your API_HOST_URL and other needed environment variables in the .env file you create (see example in .env.example file). Use the commands below to run the API locally on your computer.
Install dependencies:
npm install
Start server for connection to mongoDB (local):
npm run dev
Start server for connection to mongoDB (Atlas):
npm run dev:atlas
Helpful learning (and bug fixing) resources
- TomDoesTech's youtube video: REST API with Node.js, Express, TypeScript, MongoDB & Zod
- Academind's youtube playlist: Building a RESTful API with Node.js
- Okpukoro Joe's Article: Uploading Images to Cloudinary Using Multer and ExpressJS
- Yilmaz's stackoverflow answer to multer/clouudinary issue: Converting image to base64 with data-uri with typescript
- JWT doc: Introduction to JSON Web Tokens
2 Dec 25, 2021
4 Mar 8, 2023
4 Oct 3, 2021
4 Jun 21, 2022
3 Nov 2, 2022
246 Dec 20, 2022
4 Sep 22, 2022
1 Jan 20, 2022
8 Apr 13, 2022
3 Nov 27, 2022