- clone / download
- go to the project dir
- run
docker-compose up - wait for the MySql db , PhpMyAdmin & the App to fully initialize
- Once every thing is properly runnig start playing with the end points
- Mysql
- NodeJs, Npm
- Globally installed sequelize-cli
- to install sequelize-cli globally run this ->
npm install -g sequelize-cliin the terminal
- to install sequelize-cli globally run this ->
- Once you have all of this, go to the project dir
- put your database
usernamepasswordhostportinconfig/config.jsonfile
- put your database
- Open terminal in the project root dir and type
npm install
- Make sure your mysql database is running & then in console type
npm run local-boot-up
Take a look at scripts in package.json so you know what command you need to run,
"scripts": {
"start": "node server.js",
"migU": "sequelize db:migrate",
"migD": "sequelize db:migrate:undo:all",
"migF": "npm install && npm run migD && npm run migU",
"docker-server": "nodemon server.js 0.0.0.0 5000",
"docker-boot-up": "npm run migU && npm run docker-server",
"local-server": "nodemon server.js 127.0.0.0 5000",
"local-boot-up": "npm run migU && npm run local-server"
}If any problem occurs with migration, run the scripts for migration manually
- Books
- Authors
- Book-loans
- Users
The purpose of the API is to provide a management system for a library. There are two types of users in a Library.
-
Library Member Browse books, authors, request and view Book-Loans
-
Library Admin Create, update, remove Books and Authors. Accepet, reject Book-Loan requests. Update Book-Loan when book is returned In addtion to providing the basic RESTful API endpoints and their role based access specified above, API should also have the following features
-
Token Based Authentication (timeout can be as much as wish) Profile image upload for users (store image anywhere like) Browse books by author Excel export for Book-Loans data (only Library Admin) Implementation It is required to implement the API using the either Django or NodeJs and any database(relational, nosql etc) of choice
- From Performence Perspective
- Fast response time. No endpoint should have a response time over 1 second regardless of the data size
- Appropriate status codes with all the responses.
- From Coding Prespective
- Proper and easy to understand naming of variables, function and classes
- Clear and to the point commenting of code
- Good common sense in selecting fields for the resources
POST localhost:5000/api/auth/register/admin/{:key}
POST localhost:5000/api/auth/register
POST localhost:5000/profile-image/User-One-1617391248.jpeg
POST localhost:5000/api/auth/login
GET localhost:5000/api/auth/user
GET localhost:5000/api/authors?page=1
GET localhost:5000/api/authors (req.query.page is set 0 by default)
GET localhost:5000/api/authors/{:id?}
POST localhost:5000/api/authors
PUT localhost:5000/api/authors/{:id}
DELETE localhost:5000/api/authors/1
GET localhost:5000/api/books?page=1
GET localhost:5000/api/books (req.query.page is set to 0 by default)
GET localhost:5000/api/books/{:id?}
POST localhost:5000/api/search/by-any?page=1
POST localhost:5000/api/search/by-any (req.query.page is set to 0 by default)
POST localhost:5000/api/books
PUT localhost:5000/api/books/{:id}
DELETE localhost:5000/api/books/{:id}
GET localhost:5000/book-loans?page=0
GET localhost:5000/book-loans/{:id?}
GET localhost:5000/book-loans/users/{:id}?page=3
GET localhost:5000/book-loans/admin/{:id}
POST localhost:5000/book-loans/loan
POST localhost:5000/book-loans/return
PUT localhost:5000/book-loans/{id}/take/{action} -> await/accept/reject
GET localhost:5000/api/book-loans/report/excel
GET localhost:5000/api/book-loans/report/excel/composite
Admin registration can be turned on/off from config/default.json
{
"jwtSecret": "secret",
"jwtTokenName": "x-auth-token", // Name of Token, Auth Middleware will look for
"adminRegistrationSecret": "admin-101", // Needs to be passed in URL
"adminRegistrationOn": false, // true for enabling Admin Registration
"perPage": 5, // Default Query / Result Limit
"baseUrl": "http://localhost:5000/"
}Admin Registration Route ,
POST: localhost:5000/api/auth/register/admin/admin-101
Validation is enabled with proper status code
Profile Picture is not required for Admins but required for Users
Following fields are required:
{
"name": "Admin 1",
"email": "admin1@admin.com",
"password": "123456"
}- In users table isAdmin field is set to 1 for Admins
User Registration Route ,
POST: localhost:5000/api/auth/register/
Form Data is Required for User Registration
As Profile Image is Mandatory
Validation is enabled with proper status code
Profile Picture is required for Users
Following fields are required:
- name <type: text>
- password <type: text>
- email <type: text>
- profile_image <type: file, Only JPEG or PNG>
- Profile Image is saved in
storage/images/UserProfileImage - base url,
localhost:5000/needs to be added
before returned profile image link
/profile-image/User-One-1617391248.jpeg
ie:localhost:5000/profile-image/User-One-1617391248.jpeg
File size limit can be changed from config/imageUpload.settings.json through sizeLimit
{
"userProfileImagePath" : "storage/images/UserProfileImage",
"serverStaticPath": "/profile-image",
"sizeLimit" : 1000000 // in-bytes
}- In users table isAdmin field is set to 0 for Users
Authentication / Login for both User & Admin is handled through same route
User/Admin Login/Authentication Route
POST: localhost:5000/api/auth/login/
Validation is enabled with proper status code
Following fields are required:
{
"name": "User One",
"email": "user@One.com",
"password": "123456"
}Getting Logged in User's Info
GET localhost:5000/api/auth/user/
Here we have implemented 3 middlewares for Access Control
- Auth Middleware
- Auth.pass checks auth access & let pass
- Auth.block checks auth access & blocks (Prevents Login & Registration when already logged in)
- Role Middleware
- Role.Admin only lets Admin pass & blocks User
- Role.User only lets User pass & blocks Admin
- Feature Middleware
- Admin Registration, Enable access to Admin Registration Link, checks Url key
- setDefaultPage, sets {req.query.page} to
0if not provided in the Url
Users can view / browse books & authors as a collection as well as individually
Users can also search books by book name / author name
Only Admins can CREATE , UPDATE , DELETE books & authors
-
Show All, Access user , admin
GETlocalhost:5000/api/authors?page=1
GETlocalhost:5000/api/authors(req.query.page is set 0 by default) -
Show Individual, Access admin
GETlocalhost:5000/api/authors/1 -
Create Author, Access admin (Expects JSON)
POSTlocalhost:5000/api/authors/
{
"name": "Degemon Big Brain"
}- Update Author, Access admin (Expects JSON)
PUTlocalhost:5000/api/authors/1
{
"name": "Degemon Small Brain"
}- Delete Author, Access admin
DELETElocalhost:5000/api/authors/1
-
Show All, Access admin , user
GETlocalhost:5000/api/books?page=1
GETlocalhost:5000/api/books(req.query.page is set to 0 by default) -
Search By Any(Book/Author), Access admin , user
POSTlocalhost:5000/api/search/by-any?page=1
POSTlocalhost:5000/api/search/by-any(req.query.page is set to 0 by default)
{
"key" : "Author Name"
}Or,
{
"key" : "Book Name"
}-
Show Individual, Access admin , user
GETlocalhost:5000/api/books/1 -
Create Book, Access admin (Expects JSON)
POSTlocalhost:5000/api/books/
{
"name": "Leopard's Hustle",
"authors": [3,4] // authors id can be passed
}- Update Book, Access admin (Expects JSON)
PUTlocalhost:5000/api/books/1
{
"name" : "Leopards Hustle",
"authors" : [4]
}- Delete Book, Access admin
DELETElocalhost:5000/api/books/1
- Users can request for a book to loan or return
- Users can also view their own Book-loans
- Only Admins can Handle the Requests for Books Loan / Return
-
Show All Book-loans , Access admin, user
GETlocalhost:5000/book-loans?page=0- User will see all of his / her Book-loan / return requests
- Admin will see all kinds of requests of all users
-
Show Individual Book-loan , Access admin, user
GETlocalhost:5000/book-loans/1- Admin can view any ones Book-loan / return request
- User can view the request matching {route.params.id} if that request was made by him / her
-
Show Individual Users Book-loan , Access admin
GETlocalhost:5000/book-loans/users/1
GETlocalhost:5000/book-loans/users/1?page=3- Admin can view any ones Book-loan / return request matching {route.params.id}
-
Show Processed / handled Book-loan by individual admin , Access admin
GETlocalhost:5000/book-loans/admin/1- Admin can view all Book-loan / return requests handled by any admin matching {route.params.id}
-
Loan Request for A Book , Access user (Expects JSON)
POSTlocalhost:5000/book-loans/loan
{
"book_slug" : "Book-6-1617084129"
}- Have to send the slug to make a loan request for a book
- Return Request for A Book , Access user (Expects JSON)
POSTlocalhost:5000/book-loans/return
{
"tracking_id" : "4Book-6-1617084129-1617104050"
}- Have to send the tracking id of the loan request to make a return request for a lend book
- Accept / Reject / Await a Request , Access admin
PUTlocalhost:5000/book-loans/17/take/await
PUTlocalhost:5000/book-loans/17/take/accept
PUTlocalhost:5000/book-loans/17/take/reject
- Have to send the request id in the Url, Update the status of Request matching that {req.params.id}
awaitchanges status to pendingrejectchanges status to acceptedacceptchanges status to rejected
- Generate Book-loans Report & Export , Access admin
-
A Usual Excel Report with all the required column
GETlocalhost:5000/api/book-loans/report/excel/ -
A Pair Matched Excel Composite Report
GETlocalhost:5000/api/book-loans/report/excel/composite