Web server providing endpoints for the UPchieve web client
-
Install NodeJS either via binary or Homebrew (
brew install node
) -
Clone repository
-
Copy
config.example.js
toconfig.js
and setup handle to database and SMTP server. -
In repository folder:
# install dependencies
npm install
# optionally, set session secret
setenv SESSION_SECRET='secret'
# start server on localhost:3000
npm start
The root folder of the repository provides the bootstrap file main.js
and a package definitions file.
config.js
contains a map of configuration keys for running the server. All keys and sensitive information should be placed in this file.
Model definitions that map to database models, along with related methods to act on those models, such as parsing, validation, and data transformations.
Directory structure mimics the endpoint structure exposed by the server. Each file provides one or more endpoint routes, responsible for request acceptance/rejection and error handling.
Routes use controllers to perform the business logic of the server, providing separation of concerns: the controllers have no need to be aware of how the endpoints work. Instead, a controller provides ways to allow the routes to trigger something (a user update, )
A service is a step higher than a controller. Services provide abstract functions to one or many controllers, often to interface with third party services.
Expects the following request body:
{
"email": "String",
"password": "String"
}
Authenticates the user with a session if credentials are correct.
Removes the user's current session.
{
"email": "String",
"password": "String"
}
Possible errors:
- Email is not valid
- Email already exists
Returns a sanitized public user record for the currently authenticated user
Accepts a request body with fields mapping to profile fields to update for the currently authenticated user:
{
"picture": "String"
}
Returns a sanitized public user record for a user with the given id. May perform checks on the authorization level of the current user to strip out priveliged information.
Sends an email to verify the current user with unique hash. The email provided will overwrite the user record's email, in the event that the two do not match.
{
"email": "String"
}
Accepts a token used to verify the current user.
{
"token": "String"
}