Skip to content

scottBowles/blog-api

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

77 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

BLOG REST API

A blog REST api allowing multiple users, admins, posts, and comments. Implements modern JWT-based authentication and authorization. Fully tested.

Coverage License

Table of Contents

  1. Technology Stack
  2. Local Installation
  3. API Resources
  4. Endpoints
  5. Endpoint Details

Technology Stack

Node.js Express MongoDB Mongoose Jest Babel ESLint Prettier JavaScript npm

Local Installation

Requirements

Instructions

  1. Clone this repository and change directory into the folder

    • Using SSH

      git clone [email protected]:scottBowles/blog-api.git
      cd blog
    • Using https

      git clone https://github.com/scottBowles/blog-api.git
      cd blog
  2. Install dependencies

    npm i
  3. Configure environment variables

    Create a filed named .env in the /blog directory with environment variables. For this you will need to set up your MongoDB databases (a dev db and a test db) and retrieve the connection URIs. The URIs will look something like this: mongodb+srv://[username]:[password]@cluster0.g79of.mongodb.net/[database_name]?retryWrites=true&w=majority

    The file's contents should include the following variables. Variables are defined in the format key=value, with no quotation marks:

    PORT=3000
    PORT_TEST=5000
    DB_URI={Dev DB Connection URI}
    DB_URI_TEST={Test DB Connection URI}
    JWT_PRIVATE_KEY=aPasskeyOfYourChoiceDefinedOnlyHere
    
  4. Success!

    Start the server with npm start and access the api at http://localhost:3000/

    Run tests with npm test

API Resources

Users

Attribute Constraints Description Type
firstName required; minimum 1 char; maximum 255 char User first name string
lastName required; minimum 1 char; maximum 255 char User last name string
email required; unique; valid email; maximum 255 char User email address string
password required; minimum 8 char; maximum 255 char User password string
isAdmin optional Defaults to false. Determines whether user has admin permissions. boolean

Posts

Attribute Constraints Description Type
title optional; minimum 1 char; maximum 255 char Title for post string
text optional; minimum 1 char; maximum 255 char Body of the post string
isPublished optional; valid email; maximum 255 char Defaults to false. When isPublished is false, the post will only be return in requests made by the post's user and admin users. See below for details on specific endpoints. boolean
user required; unique; 16 char objectID User password string

Comments

Attribute Constraints Description Type
text required; minimum 1 char; maximum 255 char Comment text string
author required; minimum 1 char; maximum 255 char Comment author's name or handle string
email optional; valid email; maximum 255 char Comment author's email address string
post required; unique; 16 char objectID Post to which the comment belongs string

Endpoints

User Endpoints

Available Methods

Method Endpoint Description
GET /users Get all users
POST /users Register a new user
GET /users/{userid} Get information about a specific user
PUT /users/{userid} Update information about a specific user
DELETE /users/{userid} Remove a user
GET /users/{userid}/posts Get a specific user's posts

Post Endpoints

Available Methods

Method Endpoint Description
GET /posts Get all posts
POST /posts Create a new post
GET /posts/{postid} Get a specific post
PUT /posts/{postid} Edit a specific post
DELETE /posts/{postid} Remove a specific post
POST /posts/{postid}/publish Publish an unpublished post
POST /posts/{postid}/unpublish Unpublish a published post
GET /posts/{postid}/comments Get the comments on a specific post
POST /posts/{postid}/comments Add a comment on a specific post
GET /posts/{postid}/comments/{commentid} Get a specific comment
PUT /posts/{postid}/comments/{commentid} Update a specific comment
DELETE /posts/{postid}/comments/{commentid} Remove a specific comment

Other Endpoints

Available Methods

Method Endpoint Description
GET /me Get the logged in user's information
POST /login Log in a user

Endpoint Details

GET /users

Get all users

Parameters

Query String Description Type
limit Response will return at most the limit number of users number
skip Query will skip the provided number of users (ordered by registration) number

Returns

An array of users

Example Request

curl --location --request GET 'http://localhost:3000/users'

Example Response

[
  {
    "_id": "604d8dc8a9c87361f984d130",
    "firstName": "Malcolm",
    "lastName": "Reynolds",
    "email": "[email protected]",
    "__v": 0,
    "fullName": "Malcolm Reynolds",
    "id": "604d8dc8a9c87361f984d130"
  },
  {
    "_id": "604d8e23a9c87361f984d131",
    "firstName": "Inara",
    "lastName": "Serra",
    "email": "[email protected]",
    "__v": 0,
    "fullName": "Inara Serra",
    "id": "604d8e23a9c87361f984d131"
  },
  {
    "_id": "604d8e60a9c87361f984d132",
    "firstName": "Zoe",
    "lastName": "Washburne",
    "email": "[email protected]",
    "__v": 0,
    "fullName": "Zoe Washburne",
    "id": "604d8e60a9c87361f984d132"
  }
]

POST /users

Register a new user

Parameters

Request Body Required / Optional Description Type
firstName Required User first name. Must be between 1 and 255 characters. string
lastName Required User last name. Must be between 1 and 255 characters. string
email Required User email. Must be unique and at most 255 characters. string
password Required User password. Must be between 8 and 255 characters. string

Returns

The newly registered user with password omitted

Example Request

curl --location --request POST 'http://localhost:3000/users/' \
--header 'Content-Type: application/json' \
--data-raw '{
"firstName": "Hoban",
"lastName": "Washburne",
"email": "[email protected]",
"password": "washPassword"
}'

Example Response

{
  "_id": "604d902aa9c87361f984d134",
  "firstName": "Hoban",
  "lastName": "Washburne",
  "email": "[email protected]",
  "fullName": "Hoban Washburne"
}

GET /users/{userid}

Get information about a specific user

Parameters

Path Description
userid The user's unique id. This will be a 16-character-long string. To get the information for the logged in user, /me may also be used for convenience

Returns

The requested user

Example Request

curl --location --request GET 'http://localhost:3000/users/604d8dc8a9c87361f984d130'

Example Response

{
  "_id": "604d8dc8a9c87361f984d130",
  "firstName": "Malcolm",
  "lastName": "Reynolds",
  "email": "[email protected]",
  "isAdmin": true,
  "__v": 0,
  "fullName": "Malcolm Reynolds",
  "id": "604d8dc8a9c87361f984d130"
}

PUT /users/{userid}

Update information about a specific user. Logged-in users who are not admins may update their own information only.

Parameters

Path Description
userid The user's unique id. This will be a 16-character-long string.
Request Body Required / Optional Description Type
firstName Optional User first name. Must be between 1 and 255 characters. string
lastName Optional User last name. Must be between 1 and 255 characters. string
email Optional User email. Must be unique and at most 255 characters. string
password Optional User password. Must be between 8 and 255 characters. string
Header Required / Optional Description
x-auth-token Required A valid JSON Web Token, which may be acquired at registration, or with the /login endpoint

Returns

The updated user

Example Request

curl --location --request PUT 'http://localhost:3000/users/604d8dc8a9c87361f984d130' \
--header 'x-auth-token: {jsonwebtoken from registration or login}' \
--header 'Content-Type: application/json' \
--data-raw '{
"email": "[email protected]"
}'

Example Response

{
  "_id": "604d8dc8a9c87361f984d130",
  "firstName": "Malcolm",
  "lastName": "Reynolds",
  "email": "[email protected]",
  "fullName": "Malcolm Reynolds"
}

DELETE /users/{userid}

Remove a user. Logged-in users who are not admins may remove their own information only.

Parameters

Path Description
userid The user's unique id. This will be a 16-character-long string.
Header Required / Optional Description
x-auth-token Required A valid JSON Web Token, which may be acquired at registration, or with the /login endpoint. Token must be for either an admin or the user being deleted

Returns

The deleted user

Example Request

curl --location --request DELETE 'http://localhost:3000/users/604d902aa9c87361f984d134' \
--header 'x-auth-token: {jsonwebtoken}'

Example Response

{
  "_id": "604d902aa9c87361f984d134",
  "firstName": "Hoban",
  "lastName": "Washburne",
  "email": "[email protected]",
  "__v": 0,
  "fullName": "Hoban Washburne",
  "id": "604d902aa9c87361f984d134"
}

GET /users/{userid}/posts

Get a specific user's posts. Non-admins will receive only published posts, unless logged in and querying their own userid, in which case unpublished posts will be included as well. Admins will receive both published and unpublished posts regardless.

Parameters

Path Description
userid The user's unique id. This will be a 16-character-long string.
Query String Description Type
limit Response will return at most the limit number of posts number
skip Query will skip the provided number of posts (ordered by date of creation) number
Header Required / Optional Description
x-auth-token Optional A valid JSON Web Token, which may be acquired at registration, or with the /login endpoint

Returns

The user's posts. Returns all posts for admins and logged in users querying their own posts. Returns only published posts for everyone else.

Example Request 1 (no logged in user)

curl --location --request GET 'http://localhost:3000/users/604e5d8458d0b87135a69402/posts'

Example Response 1

[
  {
    "isPublished": true,
    "_id": "604e634248484473c282b1dd",
    "title": "Terrifying Space Monkeys?",
    "text": "Look, I had to rewire the grav thrust because somebody won't replace that crappy compression coil.",
    "user": "604e5d8458d0b87135a69402",
    "createdAt": "2021-03-14T19:25:54.716Z",
    "updatedAt": "2021-03-14T19:25:54.716Z",
    "__v": 0
  },
  {
    "isPublished": true,
    "_id": "604e645948484473c282b1df",
    "title": "Buffet Table?",
    "text": "Well how can we be sure, unless we question it?",
    "user": "604e5d8458d0b87135a69402",
    "createdAt": "2021-03-14T19:30:33.892Z",
    "updatedAt": "2021-03-14T19:30:33.892Z",
    "__v": 0
  }
]

Example Request 2 (querying posts of the logged in user)

curl --location --request GET 'http://localhost:3000/users/604e5d8458d0b87135a69402/posts' \
--header 'x-auth-token: {jsonwebtoken}'

Example Response 2

[
  {
    "isPublished": true,
    "_id": "604e634248484473c282b1dd",
    "title": "Terrifying Space Monkeys?",
    "text": "Look, I had to rewire the grav thrust because somebody won't replace that crappy compression coil.",
    "user": "604e5d8458d0b87135a69402",
    "createdAt": "2021-03-14T19:25:54.716Z",
    "updatedAt": "2021-03-14T19:25:54.716Z",
    "__v": 0
  },
  {
    "isPublished": false,
    "_id": "604e638648484473c282b1de",
    "title": "Simon",
    "text": "How clueless can he be!?",
    "user": "604e5d8458d0b87135a69402",
    "createdAt": "2021-03-14T19:27:02.729Z",
    "updatedAt": "2021-03-14T19:27:02.729Z",
    "__v": 0
  },
  {
    "isPublished": true,
    "_id": "604e645948484473c282b1df",
    "title": "Buffet Table?",
    "text": "Well how can we be sure, unless we question it?",
    "user": "604e5d8458d0b87135a69402",
    "createdAt": "2021-03-14T19:30:33.892Z",
    "updatedAt": "2021-03-14T19:30:33.892Z",
    "__v": 0
  }
]

GET /posts

Get all posts. By default this will only return published posts.

Parameters

Query String Description Type
limit Response will return at most the limit number of posts number
skip Query will skip the provided number of posts (ordered by date of creation) number
includeunpublished Includes unpublished posts if and only if logged-in user is an admin boolean
Header Required / Optional Description
x-auth-token Optional A valid JSON Web Token, which may be acquired at registration, or with the /login endpoint

Returns

All published posts. Unpublished posts may be included for admins by using the includeunpublished query string.

Example Request 1

curl --location --request GET 'http://localhost:3000/posts/'

Example Response 1

[
  {
    "isPublished": true,
    "_id": "604e634248484473c282b1dd",
    "title": "Terrifying Space Monkeys?",
    "text": "Look, I had to rewire the grav thrust because somebody won't replace that crappy compression coil.",
    "user": "604e5d8458d0b87135a69402",
    "createdAt": "2021-03-14T19:25:54.716Z",
    "updatedAt": "2021-03-14T19:25:54.716Z",
    "__v": 0
  },
  {
    "isPublished": true,
    "_id": "604e645948484473c282b1df",
    "title": "Buffet Table?",
    "text": "Well how can we be sure, unless we question it?",
    "user": "604e5d8458d0b87135a69402",
    "createdAt": "2021-03-14T19:30:33.892Z",
    "updatedAt": "2021-03-14T19:30:33.892Z",
    "__v": 0
  },
  {
    "isPublished": true,
    "_id": "604e71ef9ba006741345437e",
    "title": "I think we should call it your grave!",
    "text": "Ah, curse your sudden but inevitable betrayal",
    "user": "604e712f9ba006741345437c",
    "createdAt": "2021-03-14T20:28:31.857Z",
    "updatedAt": "2021-03-14T20:28:31.857Z",
    "__v": 0
  }
]

Example Request 2 (using includeunpublished query string)

curl --location --request GET 'http://localhost:3000/posts?includeunpublished=true' \
--header 'x-auth-token: {jsonwebtoken for admin user}'

Example Response 2

[
  {
    "isPublished": true,
    "_id": "604e634248484473c282b1dd",
    "title": "Terrifying Space Monkeys?",
    "text": "Look, I had to rewire the grav thrust because somebody won't replace that crappy compression coil.",
    "user": "604e5d8458d0b87135a69402",
    "createdAt": "2021-03-14T19:25:54.716Z",
    "updatedAt": "2021-03-14T19:25:54.716Z",
    "__v": 0
  },
  {
    "isPublished": false,
    "_id": "604e638648484473c282b1de",
    "title": "Simon",
    "text": "How clueless can he be!?",
    "user": "604e5d8458d0b87135a69402",
    "createdAt": "2021-03-14T19:27:02.729Z",
    "updatedAt": "2021-03-14T19:27:02.729Z",
    "__v": 0
  },
  {
    "isPublished": true,
    "_id": "604e645948484473c282b1df",
    "title": "Buffet Table?",
    "text": "Well how can we be sure, unless we question it?",
    "user": "604e5d8458d0b87135a69402",
    "createdAt": "2021-03-14T19:30:33.892Z",
    "updatedAt": "2021-03-14T19:30:33.892Z",
    "__v": 0
  },
  {
    "isPublished": true,
    "_id": "604e71ef9ba006741345437e",
    "title": "I think we should call it your grave!",
    "text": "Ah, curse your sudden but inevitable betrayal",
    "user": "604e712f9ba006741345437c",
    "createdAt": "2021-03-14T20:28:31.857Z",
    "updatedAt": "2021-03-14T20:28:31.857Z",
    "__v": 0
  }
]

Example Request 3 (using limit and skip query strings -- good for pagination)

curl --location --request GET 'http://localhost:3000/posts?limit=2&skip=1'

Example Response 3

[
  {
    "isPublished": true,
    "_id": "604e645948484473c282b1df",
    "title": "Buffet Table?",
    "text": "Well how can we be sure, unless we question it?",
    "user": "604e5d8458d0b87135a69402",
    "createdAt": "2021-03-14T19:30:33.892Z",
    "updatedAt": "2021-03-14T19:30:33.892Z",
    "__v": 0
  },
  {
    "isPublished": true,
    "_id": "604e71ef9ba006741345437e",
    "title": "I think we should call it your grave!",
    "text": "Ah, curse your sudden but inevitable betrayal",
    "user": "604e712f9ba006741345437c",
    "createdAt": "2021-03-14T20:28:31.857Z",
    "updatedAt": "2021-03-14T20:28:31.857Z",
    "__v": 0
  }
]

POST /posts

Create a new post. Requires a logged-in user, which will in turn be saved as the post's user.

Parameters

Request Body Required / Optional Description Type
title Optional Post title. Must be between 1 and 255 characters long. string
text Optional Post text. Must be between 1 and 99999 characters long. string
isPublished Optional When false, post will only be visible to admins and the post's own user. boolean
user Optional User optional for admins. If not included, or if logged in user is not an admin, the user field will be set to the logged-in user and needs not be otherwise included in the request. string
Header Required / Optional Description
x-auth-token Required A valid JSON Web Token, which may be acquired at registration, or with the /login endpoint

Returns

The newly created post

Example Request

curl --location --request POST 'http://localhost:3000/posts' \
--header 'x-auth-token: {jsonwebtoken}' \
--header 'Content-Type: application/json' \
--data-raw '{
    "title": "What'\''s that make us?",
    "text": "Big damn heroes, sir.",
    "isPublished": "true"
}'

Example Response

{
  "isPublished": true,
  "_id": "604e74d79ba006741345437f",
  "title": "What's that make us?",
  "text": "Big damn heroes, sir.",
  "user": "604d8dc8a9c87361f984d130",
  "createdAt": "2021-03-14T20:40:55.541Z",
  "updatedAt": "2021-03-14T20:40:55.541Z",
  "__v": 0
}

GET /posts/{postid}

Gets a single post. If the post is unpublished, it will only be accessible to admins and the post's user.

Parameters

Path Description
postid The post's unique id. This will be a 16-character-long string.
Header Required / Optional Description
x-auth-token Optional A valid JSON Web Token, which may be acquired at registration, or with the /login endpoint

Returns

The post given in the postid path parameter

Example Request

curl --location --request GET 'http://localhost:3000/posts/604e74d79ba006741345437f'

Example Response

{
  "isPublished": true,
  "_id": "604e74d79ba006741345437f",
  "title": "What's that make us?",
  "text": "Big damn heroes, sir.",
  "user": "604d8dc8a9c87361f984d130",
  "createdAt": "2021-03-14T20:40:55.541Z",
  "updatedAt": "2021-03-14T20:40:55.541Z",
  "__v": 0
}

PUT /posts/{postid}

Updates a single post. Only accessible to admins and the post's user.

Parameters

Path Description
postid The post's unique id. This will be a 16-character-long string.
Request Body Required / Optional Description Type
title Optional Post title. Must be between 1 and 255 characters long. string
text Optional Post text. Must be between 1 and 99999 characters long. string
isPublished Optional When false, post will only be visible to admins and the post's own user. To change only this property, /posts/{postid}/publish and /posts/{postid}/unpublish routes are included for convenience. boolean
(user) (n/a) (Post user cannot be changed. If it is included in the body it will be ignored.) (n/a)
Header Required / Optional Description
x-auth-token Required A valid JSON Web Token, which may be acquired at registration, or with the /login endpoint

Returns

The updated post given in the postid path parameter

Example Request

curl --location --request PUT 'http://localhost:3000/posts/604e74d79ba006741345437f' \
--header 'x-auth-token: {jsonwebtoken}' \
--header 'Content-Type: application/json' \
--data-raw '{
    "text": "Big damn heroes, sir. / Ain'\''t we just."
}'

Example Response

{
  "isPublished": true,
  "_id": "604e74d79ba006741345437f",
  "title": "What's that make us?",
  "text": "Big damn heroes, sir. / Ain't we just.",
  "user": "604d8dc8a9c87361f984d130",
  "createdAt": "2021-03-14T20:40:55.541Z",
  "updatedAt": "2021-03-14T20:46:49.537Z",
  "__v": 0
}

DELETE /posts/{postid}

Remove a user. Logged-in users may remove their own account only. Admins may remove any account.

Parameters

Path Description
postid The post's unique id. This will be a 16-character-long string.
Header Required / Optional Description
x-auth-token Required A valid JSON Web Token, which may be acquired at registration, or with the /login endpoint

Returns

The deleted post

Example Request

curl --location --request DELETE 'http://localhost:3000/posts/604e634248484473c282b1dd' \
--header 'x-auth-token: {jsonwebtoken}'

Example Response

{
  "isPublished": true,
  "_id": "604e634248484473c282b1dd",
  "title": "Terrifying Space Monkeys?",
  "text": "Look, I had to rewire the grav thrust because somebody won't replace that crappy compression coil.",
  "user": "604e5d8458d0b87135a69402",
  "createdAt": "2021-03-14T19:25:54.716Z",
  "updatedAt": "2021-03-14T19:25:54.716Z",
  "__v": 0
}

POST /posts/{postid}/publish

Sets the isPublished attribute for the given post to true. Posts may be published by their own user or admins.

Parameters

Path Description
postid The post's unique id. This will be a 16-character-long string.
Header Required / Optional Description
x-auth-token Required A valid JSON Web Token, which may be acquired at registration, or with the /login endpoint

Returns

The newly-published post

Example Request

curl --location --request POST 'http://localhost:3000/posts/604e638648484473c282b1de/publish' \
--header 'x-auth-token: {jsonwebtoken}'

Example Response

{
  "isPublished": true,
  "_id": "604e638648484473c282b1de",
  "title": "Simon",
  "text": "How clueless can he be!?",
  "user": "604e5d8458d0b87135a69402",
  "createdAt": "2021-03-14T19:27:02.729Z",
  "updatedAt": "2021-03-14T20:56:23.672Z",
  "__v": 0
}

POST /posts/{postid}/unpublish

Sets the isPublished attribute for the given post to false. Posts may be unpublished by their own user or admins.

Parameters

Path Description
postid The post's unique id. This will be a 16-character-long string.
Header Required / Optional Description
x-auth-token Required A valid JSON Web Token, which may be acquired at registration, or with the /login endpoint

Returns

The newly-unpublished post

Example Request

curl --location --request POST 'http://localhost:3000/posts/604e638648484473c282b1de/unpublish' \
--header 'x-auth-token: {jsonwebtoken}'

Example Response

{
  "isPublished": false,
  "_id": "604e638648484473c282b1de",
  "title": "Simon",
  "text": "How clueless can he be!?",
  "user": "604e5d8458d0b87135a69402",
  "createdAt": "2021-03-14T19:27:02.729Z",
  "updatedAt": "2021-03-14T21:00:40.171Z",
  "__v": 0
}

GET /posts/{postid}/comments

Get the comments for the given post. Comments may only be retrieved for published posts.

Parameters

Path Description
postid The post's unique id. This will be a 16-character-long string.
Query String Description Type
limit Response will return at most the limit number of comments number
skip Query will skip the provided number of comments (ordered by date of creation) number

Returns

All comments for the post indicated by postid in the path

Example Request

curl --location --request GET 'http://localhost:3000/posts/604e638648484473c282b1de/comments'

Example Response

[
  {
    "_id": "604e7a0a9ba0067413454380",
    "text": "Who, me?",
    "author": "Dr. Simon Tam",
    "email": "[email protected]",
    "post": "604e638648484473c282b1de",
    "createdAt": "2021-03-14T21:03:06.044Z",
    "updatedAt": "2021-03-14T21:03:06.044Z",
    "__v": 0
  }
]

POST /posts/{postid}/comments

Create a new comment for the given post. Comments may only be created for published posts.

Parameters

Path Description
postid The post's unique id. This will be a 16-character-long string.
Request Body Required / Optional Description Type
text Required Comment text. string
author Required Comment author - a name or handle for display. string
email Optional An email address for the comment's author. boolean
(post) (n/a) (post will be set to the post retrieved by the postid Path) n/a

Returns

The newly-created comment

Example Request

curl --location --request POST 'http://localhost:3000/posts/604e638648484473c282b1de/comments' \
--header 'Content-Type: application/json' \
--data-raw '{
    "text": "Who, me?",
    "author": "Dr. Simon Tam",
    "email": "[email protected]",
    "post": "604e638648484473c282b1de"
}'

Example Response

{
  "_id": "604e7a0a9ba0067413454380",
  "text": "Who, me?",
  "author": "Dr. Simon Tam",
  "email": "[email protected]",
  "post": "604e638648484473c282b1de",
  "createdAt": "2021-03-14T21:03:06.044Z",
  "updatedAt": "2021-03-14T21:03:06.044Z",
  "__v": 0
}

GET /posts/{postid}/comments/{commentid}

Get a single comment.

Parameters

Path Description
postid The post's unique id. This will be a 16-character-long string.
commentid The comment's unique id. This will be a 16-character-long string.

Returns

The comment comment indicated by commentid in the path

Example Request

curl --location --request GET 'http://localhost:3000/posts/604e74d79ba006741345437f/comments/604e7aa59ba0067413454381'

Example Response

{
  "_id": "604e7aa59ba0067413454381",
  "text": "Ain't we just",
  "author": "Mal",
  "email": "[email protected]",
  "post": "604e74d79ba006741345437f",
  "createdAt": "2021-03-14T21:05:41.997Z",
  "updatedAt": "2021-03-14T21:05:41.997Z",
  "__v": 0
}

PUT /posts/{postid}/comments/{commentid}

Update a single comment. Only accessible for admins.

Parameters

Path Description
postid The post's unique id. This will be a 16-character-long string.
commentid The comment's unique id. This will be a 16-character-long string.
Request Body Required / Optional Description Type
text Required Comment text. string
author Required Comment author - a name or handle for display. string
email Optional An email address for the comment's author. boolean
(post) (n/a) (post will be set to the comment's original post and cannot be changed) n/a
Header Required / Optional Description
x-auth-token Required A valid JSON Web Token, which may be acquired at registration, or with the /login endpoint

Returns

The updated comment comment indicated by commentid in the path

Example Request

curl --location --request PUT 'http://localhost:3000/posts/604e74d79ba006741345437f/comments/604e7aa59ba0067413454381' \
--header 'x-auth-token: {jsonwebtoken}' \
--header 'Content-Type: application/json' \
--data-raw '{
    "email": "[email protected]"
}'

Example Response

{
  "_id": "604e7aa59ba0067413454381",
  "text": "Ain't we just",
  "author": "Mal",
  "email": "[email protected]",
  "post": "604e74d79ba006741345437f",
  "createdAt": "2021-03-14T21:05:41.997Z",
  "updatedAt": "2021-03-14T21:16:37.470Z",
  "__v": 0
}

DELETE /posts/{postid}/comments/{commentid}

Removes a comment. Logged in users may remove comments on their own posts. Admins may remove any comment.

Parameters

Path Description
postid The post's unique id. This will be a 16-character-long string.
commentid The comment's unique id. This will be a 16-character-long string.
Header Required / Optional Description
x-auth-token Required A valid JSON Web Token, which may be acquired at registration, or with the /login endpoint

Returns

The deleted comment comment indicated by commentid in the path

Example Request

curl --location --request DELETE 'http://localhost:3000/posts/604e74d79ba006741345437f/comments/604e7aa59ba0067413454381' \
--header 'x-auth-token: {jsonwebtoken}'

Example Response

{
  "_id": "604e7aa59ba0067413454381",
  "text": "Ain't we just",
  "author": "Mal",
  "email": "[email protected]",
  "post": "604e74d79ba006741345437f",
  "createdAt": "2021-03-14T21:05:41.997Z",
  "updatedAt": "2021-03-14T21:16:37.470Z",
  "__v": 0
}

GET /me

Get the logged in user's information.

Parameters

Header Required / Optional Description
x-auth-token Required A valid JSON Web Token, which may be acquired at registration, or with the /login endpoint

Returns

The logged in user

Example Request

curl --location --request GET 'http://localhost:3000/me' \
--header 'x-auth-token: {jsonwebtoken}'

Example Response

{
  "_id": "604d8dc8a9c87361f984d130",
  "firstName": "Malcolm",
  "lastName": "Reynolds",
  "email": "[email protected]",
  "isAdmin": true,
  "__v": 0,
  "fullName": "Malcolm Reynolds",
  "id": "604d8dc8a9c87361f984d130"
}

POST /login

Log in a user. Returns a JSON Web Token to be included in the x-auth-token header of requests.

Parameters

Request Body Required / Optional Description Type
email Required User's email address, provided at registration or updated since. string
password Required User's password, provided at registration or updated since. string

Returns

A json web token for use in 'x-auth-token' request headers

Example Request

curl --location --request POST 'http://localhost:3000/login' \
--header 'Content-Type: application/json' \
--data-raw '{
    "email": "[email protected]",
    "password": "riverPassword"
}'

Example Response

"eyJhbGciOiJLUzI1NiIsInR5cCI6IkpXVCJ9.eyJfaWQiOiI2MDRlYWQwYLc0Y2YwOTdjZTlkZjgxZD4iLCJpYXQiOjE2MTU3Njg4NzN9.ZKoc-bCCqpL421PHt_3vDzPtdg-Tv0jcTFh48VPt-ZU"

(Note: This is not the actual token response for the above response. Just an example of what your json web token will look like, give or take.)

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published