Skip to content

Sofialv05/Blog-app-server

BranchesTags

Repository files navigation

Open in Visual Studio Code

P2-Challenge-1 (Server Side)

Architecture Blog API Documentation

User Endpoints

List of available endpoints:

  • POST /add-user
  • POST /login

1. POST /add-user

Description: In order to use this feature, login is required beforehand. Only users with the Admin role can register staff members.

Request:

  • headers:
{
    "Authorization": "Bearer <access_token>"
}
  • body:
{
    "username": "string",
    "email": "string",
    "passsword": "string",
    "phoneNumber": "string",
    "address": "string"
}

Response (201 - Created)

{
    "id": "number",
    "email": "string"
}

Response (400 - Bad Request)

{
    "message": "Please provide a valid email address"
}

OR

{
    "message": "This email is already in use"
}

OR

{
    "message": "email is required"
}

OR

{
    "message": "password is required"
}

OR

{
    "message": "Password must be at least 5 characters"
}

Response (401 - Unaouthorized)

{
    "message": "Unauthenticated"
}

Response (403 - Forbidden)

{
    "message": "Unauthorized"
}

Response (500 - Internal Server Error)

{
    "message": "Internal Server Error"
}

2. POST /login

Description: The login feature allows access to registered users with the role staff or admin. Users with the staff or admin role can need to login first in order to access some features like create, edit, and delete posts.

  • body:
{
    "email": "string",
    "passsword": "string"
}

Response (200 - OK)

{
    "access_token": "string"
}

Response (400 - Bad Request)

{
    "message": "Email is required"
}

OR

{
    "message": "Password is required"
}

Response (401 - Unauthorized)

{
    "message": "Email has not been registered"
}

OR

{
    "message": "Invalid password"
}

Response (500 - Internal Server Error)

{
    "message": "Internal Server Error"
}

 

Post Endpoints

List of available endpoints:

  • GET /posts
  • POST /posts
  • GET /posts/:postId
  • PUT /posts/:postId
  • PATCH /posts/:postId/img
  • DELETE /posts/:postId

1. GET /posts

Description: Get all posts from database with the author's data. Login is required to access this endpoint.

Request:

  • headers:
{
  "Authorization": "Bearer <access_token>"
}

Response (200 - OK)

[
    {
        "id": "number",
        "email": "string",
        "content": "text",
        "imgUrl": "string",
        "CategoryId": "number",
        "Author": {
            "id": "number",
            "username": "string",
            "email": "string",
            "role": "string",
            "phoneNumber": "string",
            "address": "string",
            "createdAt": "date",
            "updatedAt": "date"
        },
    }
]

Response (401 - Unauthorized)

{
    "message": "Unauthenticated"
}

Response (500 - Internal Server Error)

{
    "message": "Internal Server Error"
}

2. POST /posts

Description: Create a post and save it to database. Login is required to access this endpoint.

Request:

  • headers:
{
  "Authorization": "Bearer <access_token>"
}
  • body:
{
    "title": "string",
    "content": "text",
    "imgUrl": "string",
    "CategoryId": "number"
}

Response (201 - Created)

{
    "id": "number",
    "title": "string",
    "content": "text",
    "imgUrl": "string",
    "CategoryId": "number",
    "AuthorId": "number",
    "createdAt": "date",
    "updatedAt": "date",
}

Response (400 - Bad Request)

{
    "message": "Title is required"
}

OR

{
    "message": "Content is required"
}

OR

{
    "message": "Category is required"
}

Response (401 - Unauthorized)

{
    "message": "Unauthenticated"
}

Response (500 - Internal Server Error)

{
    "message": "Internal Server Error"
}

3. GET /posts/:postId

Description: Get and return a post data by post's id in database. Login is required to access this endpoint.

Request:

  • headers:
{
  "Authorization": "Bearer <access_token>"
}

Response (200 - OK)

{
    "id": "number",
    "title": "string",
    "content": "text",
    "imgUrl": "string",
    "CategoryId": "number",
    "AuthorId": "number"
}

Response (401 - Unauthorized)

{
    "message": "Unauthenticated"
}

Response (404 - Not Found)

{
    "message": "Post not found"
}

Response (500 - Internal Server Error)

{
    "message": "Internal Server Error"
}

4. PUT /posts/:postId

Description: Update one post that already exists in database. Login is required to access this endpoint. Staff user has no permission on updating other staff user's post.

Request:

  • headers:
{
  "Authorization": "Bearer <access_token>"
}
  • body:
{
    "title": "string",
    "content": "text",
    "imgUrl": "string",
    "CategoryId": "number"
}

Response (200 - OK)

{
    "id": "number",
    "title": "string",
    "content": "text",
    "imgUrl": "string",
    "CategoryId": "number",
    "AuthorId": "number"
}

Response (400 - Bad Request)

{
    "message": "Title is required"
}

OR

{
    "message": "Content is required"
}

OR

{
    "message": "Category is required"
}

Response (401 - Unauthorized)

{
    "message": "Unauthenticated"
}

Response (403 - Forbidden)

{
    "message": "Unauthorized"
}

Response (404 - Not Found)

{
    "message": "Post not found"
}

Response (500 - Internal Server Error)

{
    "message": "Internal Server Error"
}

5. PATCH /posts/:postId/img

Description: Only update image in one post that already exists in database. Login is required to access this endpoint. Staff user has no permission on updating other staff user's post.

Request:

  • headers:
{
  "Authorization": "Bearer <access_token>"
}
  • body:
{
    "imgUrl": "string"
}

Response (200 - OK)

{
    "id": "number",
    "title": "string",
    "content": "text",
    "imgUrl": "string",
    "CategoryId": "number",
    "AuthorId": "number"
}

Response (401 - Unauthorized)

{
    "message": "Unauthenticated"
}

Response (403 - Forbidden)

{
    "message": "Unauthorized"
}

Response (404 - Not Found)

{
    "message": "Post not found"
}

Response (500 - Internal Server Error)

{
    "message": "Internal Server Error"
}

6. DELETE /posts/:postId

Description: Delete one post that already exist in database. Login is required to access this endpoint. Staff user has no permission on deleting other staff user's post.

Request:

  • headers:
{
  "Authorization": "Bearer <access_token>"
}

Response (200 - OK)

{
"message": "Success deleting post with id <post_id>"
}

Response (401 - Unauthorized)

{
    "message": "Unauthenticated"
}

Response (403 - Forbidden)

{
    "message": "Unauthorized"
}

Response (404 - Not Found)

{
    "message": "Post not found"
}

Response (500 - Internal Server Error)

{
    "message": "Internal Server Error"
}

Category Endpoints

List of available endpoints:

  • GET /categories
  • POST /categories
  • PUT /categories/:categoryId

1. GET /categories

Description: Show all available categories. Login is required to access this endpoint.

Request:

  • headers:
{
  "Authorization": "Bearer <access_token>"
}

Response (200 - OK)

[
    {
        "id": "number",
        "name": "string",
        "createdAt": "date",
        "updatedAt": "date"
    }
]

Response (401 - Unauthorized)

{
    "message": "Unauthenticated"
}

Response (500 - Internal Server Error)

{
    "message": "Internal Server Error"
}

2. POST /categories

Description: Create a new category name. Login is required to access this endpoint.

Request:

  • headers:
{
  "Authorization": "Bearer <access_token>"
}
  • body:
{
    "name": "string"
}

Response (201 - Created)

{
    "id": "number",
    "name": "string"
}

Response (400 - Bad Request)

{
    "message": "Category name is required"
}

Response (401 - Unauthorized)

{
    "message": "Unauthenticated"
}

Response (500 - Internal Server Error)

{
    "message": "Internal Server Error"
}

3. PUT /categories/:categoryId

Description: Update a category name that already exists in database. Login is required to access this endpoint.

Request:

  • headers:
{
  "Authorization": "Bearer <access_token>"
}
  • body:
{
    "name": "string"
}

Response (200 - OK)

{
    "id": "number",
    "name": "string"
}

Response (400 - Bad Request)

{
    "message": "Category name is required"
}

Response (401 - Unauthorized)

{
    "message": "Unauthenticated"
}

Response (404 - Not Found)

{
    "message": "Category not found"
}

Response (500 - Internal Server Error)

{
    "message": "Internal Server Error"
}

Public Endpoints

List of available endpoints:

  • GET /pub/posts
  • GET /pub/posts/:postId

1. GET /pub/posts

description: Get all posts data for public.

Response (200 - OK)

{
    "page": "number",
    "data": [
                {
                    "id": "number",
                    "title": "string",
                    "content": "text",
                    "imgUrl": "string",
                    "CategoryId": "number",
                    "AuthorId": "number"
             }
        ],
    "totalData":"number",
    "totalPage": "number",
    "dataPerPage": "number"
}

Response (500 - Internal Server Error)

{
    "message": "Internal Server Error"
}

2. GET /pub/posts/:postId

description: Get one post data for public.

Response (200 - OK)

{
    "id": "number",
    "title": "string",
    "content": "text",
    "imgUrl": "string",
    "CategoryId": "number",
    "AuthorId": "number"
}

Response (404 - Not Found)

{
    "message": "Category not found"
}

Response (500 - Internal Server Error)

{
    "message": "Internal Server Error"
}

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages