Web server providing endpoints for the UPchieve web client
Table of Contents
- Local Development
- Structure
- Endpoints
- POST /auth/login
- GET /auth/logout
- POST /auth/register/checkcred
- POST /auth/register
- POST /auth/reset/send
- POST /auth/reset/confirm
- POST /api/session/new
- POST /api/session/check
- POST /api/training/questions
- POST /api/training/score
- POST /api/calendar/init
- POST /api/calendar/get
- POST /api/calendar/save
- POST /api/feedback
- GET /api/user
- PUT /api/user
- GET /api/user/:id
- POST /api/verify/send
- POST /api/verify/confirm
- POST /moderate/message
The recommended tool for runtime version managment is asdf
. To use asdf
on Windows, first install the appropriate Linux shell distribution using WSL
(Windows Subsystem for Linux).
Install the following asdf plugins:
- Node.js (see version listed in
.tool-versions
) - MongoDB (see version listed in
.tool-versions
)
asdf plugin-add nodejs https://github.com/asdf-vm/asdf-nodejs.git
bash ~/.asdf/plugins/nodejs/bin/import-release-team-keyring
asdf install nodejs [VERSION]
asdf plugin-add mongodb https://github.com/UPchieve/asdf-mongodb
asdf install mongodb [VERSION]
- Start a local MongoDB server by running
mongod
. In a separate terminal, you can try connecting to the database by runningmongo
(mongod
to start the database vs.mongo
to connect via command line!). Runquit()
to exit the shell. You can also interface with the database using a free MongoDB GUI such as MongoDB Compass Community - Run
bin/setup
to set up the database with test users and install dependencies. Run with--verbose
to debug if needed. - Run
node init
to add "questions" collection to database - Populate
config.js
with auth tokens (ask a teammate if you need any of these--improvements forthcoming). - Run
npm run dev
to start the dev server onhttp://localhost:3000
. If you get abcrypt
compilement error, runnpm rebuild
. - See the web client repo for client installation
The database is populated with the following users for local development:
password | |
---|---|
student1@upchieve.org |
Password123 |
volunteer1@upchieve.org |
Password123 |
volunteer2@upchieve.org |
Password123 |
The root folder of the repository provides the bootstrap file main.js
and a
package definitions file.
config.js
contains a map of configuration keys for running the server. All
keys and sensitive information should be placed in this file.
Model definitions that map to database models, along with related methods to act on those models, such as parsing, validation, and data transformations.
Directory structure mimics the endpoint structure exposed by the server. Each file provides one or more endpoint routes, responsible for request acceptance/rejection and error handling.
Routes use controllers to perform the business logic of the server, providing separation of concerns: the controllers have no need to be aware of how the endpoints work. Instead, a controller provides ways to allow the routes to trigger something (a user update, e.g.)
A service is a step higher than a controller. Services provide abstract functions to one or many controllers, often to interface with third party services.
Expects the following request body:
{
"email": "String",
"password": "String"
}
Authenticates the user with a session if credentials are correct.
Removes the user's current session.
Check whether the credential user entered is valid. (first step of registeration) The server will check is there any duplications for email and validate the password.
{
"email": "String",
"password": "String"
}
Possible errors:
- Email/password not provided
- Password does not meet requirements
- Email is not valid
- Email already exists
Create a new account based on the information posted.
{
"email": "String",
"password": "String",
"code": "String",
"highSchool": "String",
"firstName": "String",
"lastName": "String"
}
Possible errors:
- Email/password not provided
- Password does not meet requirements
- Email is not valid
- Email already exists
- Could not hash password
- Could not send verification email (for volunteers)
{
"email": "String"
}
{
"email": "String",
"password": "String",
"newpassword": "String",
"token": "String"
}
{
"sessionType": "String",
"sessionSubTopic": "String"
}
{
"sessionId": "String"
}
{
"category": "String"
}
{
"userid": "String",
"idAnswerMap": "String",
"category": "String"
}
{
"userid": "String"
}
{
"userid": "String"
}
{
"userid": "String",
"availability": "String"
}
{
"sessionId": "String",
"responseData": "String"
}
Returns a sanitized public user record for the currently authenticated user
Accepts a request body with fields mapping to profile fields to update for the currently authenticated user:
{
"picture": "String"
}
Returns a sanitized public user record for a user with the given id. May perform checks on the authorization level of the current user to strip out priveliged information.
Sends an email to verify the current user with unique hash. The email provided will overwrite the user record's email, in the event that the two do not match.
{
"email": "String"
}
Accepts a token used to verify the current user.
{
"token": "String"
}
Expects the following request body:
{
"content": "string with the content of a message"
}
Returns a boolean indicating whether or not the message is clean.
The response body looks like this if no error occurred:
{
"isClean": true // or false
}