======================== db_name : project1
Requirment:
- Buat Rest API dengan menggunakan stack: ExpressJs, bcyrpt, jwt, pg. (tidak boleh menggunakan sequelize)
- Menggunakan sql query untuk CRUD ke database
- Password yang disimpan di database harus dihash
- Implement Authentication dan Authorization menggunakan jwt
- Setiap user hanya bisa CRUD terhadap Reflection miliknya sendiri
- Table Users: id, email, password
- Table Reflections: id, success, low_point, take_away, UserId, createdAt, updatedAt
- Relasi table Users ke Reflections (One to Many)
Deadline: 03 Novemeber 2023 jam 23:59
Spec API
-
POST /api/v1/users/register
Request Body
{ "email": "<email>", "password": "<password>" }Response (201 - Created)
{ "id": <given id by system>, "email": "<email>" }Response (400 - Bad Request)
{ "message": "Email already used!" } -
POST /api/v1/users/login
Request Body
{ "email": "<email>", "password": "<password>" }Response (200)
{ "access_token": "<your access token>" }Response (401)
{ "message": "Email or password invalid!" } -
POST /api/v1/reflections ⇒ create reflection
Request Body
{
"success": "<posted success>",
"low_point": "<posted low point>",
"take_away": "<posted take away>",
}Request Header
{
"Authorization": "bearer <your access token>"
}Response (201 - Created)
{
"id": <given id by system>,
"success": "<posted success>",
"low_point": "<posted low point>",
"take_away": "<posted take away>",
"UserId": "<UserId>",
"createdAt": "2023-04-20T07:15:12.149Z",
"updatedAt": "2023-04-20T07:15:12.149Z",
}
Response (401)
{
"message": "Unauthorized"
}-
GET /api/v1/reflections ⇒ mendapatkan semua data reflections milikinya sendiri
Request Header
{ "Authorization": "bearer <your access token>" }Response (200)
[ { "id": <given id by system>, "success": "<posted success>", "low_point": "<posted low point>", "take_away": "<posted take away>", "UserId": "<UserId>", "createdAt": "2023-04-20T07:15:12.149Z", "updatedAt": "2023-04-20T07:15:12.149Z", } ]
Reponse (401)
{ "message": "Unauthorized" } -
PUT /api/v1/reflections/:id ⇒ edit reflection miliknya sendiri
Request Header
{ "Authorization": "bearer <your access token>" }Request Param
{ "id": "<id reflections>" }Request Body
{ "success": "<posted success>", "low_point": "<posted low point>", "take_away": "<posted take away>" }Response (200)
{ "id": <given id by system>, "success": "<posted success>", "low_point": "<posted low point>", "take_away": "<posted take away>", "UserId": "<UserId>", "createdAt": "2023-04-20T07:15:12.149Z", "updatedAt": "2023-04-20T07:15:12.149Z", }Response (401)
{ "message": "Unauthorized" } -
DELETE /api/v1/reflections/:id ⇒ menghapus reflection sendiri
Request Header
{ "Authorization": "bearer <your access token>" }Request Params
{ "id": "<id reflections>" }Response (200)
{ "message": "Success delete" }Response (401)
{ "message": "Unauthorized" }Note :
- riset auto increment pgadmin4 : ALTER TABle "Users" ALTER COLUMN id RESTART WITH 1;
- hapus data di table users yang berelasi dengan table lain: TRUNCATE "Users" CASCADE;
- ubah colom menjadi uniq value : ALTER TABLE "Users" ADD UNIQUE (email);