A Blog API, with full CRUD using NodeJS, Express, Mongoose, and MongoDB. Allows user to register though the auth route, where the user receives a token. With the token the user can view and create blogs. The user can update and create the user's own blogs. The user can also add comments and like a blog. This app is deployed on Heroku at BlogAPI
- Node.js - an open source asynchronous event-driven server environment that executes JavaScript code outside a web browser.
- Express - a back end web application framework for Node.js
- Nodemon - a tool that automatically restarts a node application when file changes in the directory are detected.
- MongoDB - a non-relational document database that stores data in a format similar to Javascript Object Notation.
- Mongoose - a JavaScript library that creates a connection between MongoDB and the Express web application framework.
- MORGAN - an Express middleware to log HTTP requests and errors, and simplifies the process.
- HELMET - an Express middleware that helps secure HTTP headers returned by an Express apps.
- Express-Validator - an express middleware that provides validation and sanitization functions
- Bcrypt - a library to help you hash passwords.
- jsonwebtoken - an implementation of JSON Web Token (JWT), which is a standard for sharing security information between a client and a server. Each JWT contains encoded data that is cryptographically signed with a secret value that can act like a "key". It can be sent to a client as proof of authenticity and sent back to the server on subsequent requests as proof of the client's authenticity.
- dotenv - module that loads environment variables from a .env file into process.env
- Postman - an API platform for developers to design, build, test and iterate their APIs.
These variables are needed in the .env file
- MONGODB_URI
- SECRET_KEY
- Create a folder for project on your local machine.
- Open a bash shell.
- cd into folder that was created in step 1
- In the terminal type: git clone https://github.com/jsnmui/blogapi.git
- Go to https://nodejs.org/en/download/
- Download the correct installer for your system.
- Run the installer.
- Create account on https://www.mongodb.com/
- Create a new cluster.
- Click connect to get connection string,
- Add connection string to MONGODB_URI in .env file.
- In Git Bash terminal, type npm init -y
- Type 'npm install' before each of the following:
- express
- mongoose
- bcrypt
- dotenv
- jsonwebtoken
- morgan
- helmet
- express-validator
In server.js, root route for app.get(/) returns "Welcome to my API"
- post('/registration') - Register new users. userSchema is used. Password hasehd with bcrypt.hash. Token generated with jwt.sign.
- post('/login') - Login with user's email and password. Token generated with jwt.sign
- get('/') - Must be a registered user with a valid token to get all users.
- get('/:id') - Get a user by setting parameter id to the user's id. Must be a registered user with a valid token.
- put('/:id') - Updates a user. Must be a registered user with a valid token. Check id parameter to see if the user is owner of the account and updates user information.
- delete('/:id') - Deletes a user. Protected with token. Check id parameter to see if the user is owner of the account and deletes user account.
- get('/') - Retrieves all blogs. User must be registered and have a valid token. Sorted by date in descending order.
- get('/nonprivate') - Gets public blogs. Doesn't require registration token.
- post('/') - Creates a new blog post. User needs to be registered and have a valid token.
- get('/:id') - Get a blogs by sending the blog id as the parameter. User needs to be registered and have a valid token.
- put('/:id') - Update a blog by sending the blog id as the parameter. User needs to be registered and have a valid token.
- delete('/:id') - Delete a blog by sending the blog id as the parameter. User needs to be registered and have a valid token.
- put('/like/:blogid') - Allows a registered user to like a blog post and increase the like counter for a post. Each user can like a post only once. Takes the blog id as the parameter. A user can like a post by sending the id. A user can remove the same like by sending the id again.
- get('/likedby/:userid') - Allows a registered user to find all blog posts liked by another user. Takes a user id as a parameter.
- put('/addcomment/:id') - Allows a registered user to add a comment to a post. Needs a blog id as a parameter.
- username: type: String, required: true
- email: type: String, required: true, unique: true
- birthday: type: Date, required: true
- age: type: Number
- password: type: String, required: true
- creator_id: type: mongoose.Schema.Types.ObjectId, ref: 'user', required: true
- created_by: type: String, required: true
- created_at: type: Date, required: true, default: Date.now()
- blog_title: type: String,required: true
- blog_content: type: String,required: true
- comments: [creator_id: type: mongoose.Schema.Types.ObjectId, ref:'user', created_at: type: Date, default: Date.now(), comment: type: String]
- likesHistory:[user_id: type: mongoose.Schema.Types.ObjectId, ref: 'user', like: type: Boolean]
- likes: type: Number, default: 0
- private: type: Boolean, required: true
- Token taken from req.header('x-auth-token'). In Postman, x-auth-token was set to the token generated at users/login or users/registration routes.
- Token is verified using the jwt.verify method and the unique SECRET_KEY.
- Decoded data that is returned from jwt.verify is saved in req.user to be used in other routes.