This is a backend API for an educational CMS built with Express.js and Typescript on a MongoDB database.
It uses Firebase for file storage, Redis for caching, RabbitMQ as a message broker and Gmail API for email notifications.
Requirements:
- Node.js
- A MongoDB cluster
- Firebase Cloud Storage credentials
- A Redis instance
- A RabbitMQ instance
Fill up the .env-example
file and rename it to .env
. After that, run:
npm install
npm run build
npm run start
Endpoint | Method | Description | Body | Bearer Token | User Permissions | Response |
---|---|---|---|---|---|---|
/auth/register |
POST | Register new user | <userSchema> |
optional (see below) | - | <userSchema> |
/auth/login |
POST | Login user | <loginSchema> |
- | - | <userSchema>, <tokens> |
/auth/refresh-token |
POST | Generate new accessToken |
<refreshToken> |
- | - | <accessToken> |
/auth/logout |
POST | Logout user | <refreshToken> |
<accessToken> |
- | - |
/auth/confirm/{code} |
GET | Callback URL for email verification on registering | - | - | - | <userSchema> |
/user/me |
GET | Get current user info | - | <accessToken> |
- | <userSchema> |
/user/me |
PUT | Modify current user info | <userSchema> |
<accessToken> |
- | <userSchema> |
/user/me |
DELETE | Delete current user | - | <accessToken> |
- | - |
/user/{userId} |
GET | Get user info | - | <accessToken> |
- | <userSchema> |
/user/{userId} |
PUT | Modify user info | <userSchema> |
<accessToken> |
Same User (or) Admin | <userSchema> |
/user/{userId} |
DELETE | Delete user | - | <accessToken> |
Same User (or) Admin | - |
/course/create |
POST | Create new course | <courseSchema> |
<accessToken> |
Professor | <courseSchema> |
/course/{courseId} |
GET | Get course details (cached) | - | <accessToken> |
Enrolled User | <courseSchema> |
/course/{courseId} |
PUT | Modify course details | <courseSchema> |
<accessToken> |
Enrolled Professor | <courseSchema> |
/course/{courseId} |
DELETE | Delete course | - | <accessToken> |
Enrolled Professor | - |
/course/{courseId}/enroll/{userId} |
POST | Enroll user in course | - | <accessToken> |
Enrolled Professor | - |
/course/{courseId}/unenroll/{userId} |
POST | Unenroll user in course | - | <accessToken> |
Enrolled Professor | - |
/course/{courseId}/post/create |
POST | Create new post | <postSchema> |
<accessToken> |
Enrolled Professor | <postSchema> |
/course/{courseId}/post/{postId} |
GET | Get post details | - | <accessToken> |
Enrolled User | <postSchema> |
/course/{courseId}/post/{postId} |
PUT | Modify post details | <postSchema> |
<accessToken> |
Post Author | <postSchema> |
/course/{courseId}/post/{postId} |
DELETE | Delete post | - | <accessToken> |
Post Author | - |
/course/{courseId}/post/{postId}/comment/create |
POST | Create new comment | <commentSchema> |
<accessToken> |
Enrolled User | <commentSchema> |
/course/{courseId}/post/{postId}/comment/{commentId} |
GET | Get comment details | - | <accessToken> |
Enrolled User | <commentSchema> |
/course/{courseId}/post/{postId}/comment/{commentId} |
PUT | Modify comment details | <commentSchema> |
<accessToken> |
Comment Author | <commentSchema> |
/course/{courseId}/post/{postId}/comment/{commentId} |
DELETE | Delete comment | - | <accessToken> |
Comment Author (or) Professor (or) Admin | - |
The schemas can be found in models/
or helpers/validation.ts
. Some other things to note:
-
/auth/register
can optionally be called with an access token. If it matchesADMIN_ACCESS_TOKEN
, the type of the newly-created user will matchtype
from the request body.If no token or some other token is provided, the
type
parameter is ignored and a Student is created by default. This allows authorised creation of Admin and Professor accounts. -
/auth/login
can be provided with either username or email. -
All endpoints that require
<accessToken>
also need the user's email to be verified. -
/course/create
automatically enrolls the course creator. -
PUT /course/{courseId}
does not updateusers
(use theenroll
/unenroll
endpoints instead). -
/course/{courseId}/post/create
accepts onlymultipart/form-data
for file uploads. -
/course/{courseId}/post/create
can optionally have ascheduled
parameter. If it is set totrue
, the post is scheduled to be created at the Unix time given by thetime
parameter.