A basic CRUD Express+Mongo stack API.
Routes - routes/
DB Schemas/Models - models/
Entrypoint - app.js
Users have a basic model - email, password, and a name. Passwords are hashed with BCrypt.
API Version: v1
All endpoints are of form:
http(s)://<server>:<port>/v1/<route>
For example running it locally,
http://localhost:3000/v1/status
All endpoints return errors in the format:
{
"error": "message"
}
Please take note that common HTTP error codes are used.
Basic security is implemented - Helmet and SlowDown on the app, and JWT on the API.
GET
/status
Example:
curl --request GET \
--url http://localhost:3000/v1/status
POST
Content-Type: application/json
/signup
Example:
curl --request POST \
--url http://localhost:3000/v1/signup \
--header 'content-type: application/json' \
--data '{
"email": "[email protected]",
"password": "password",
"name": "Example 1"
}'
Returns:
{
"success": true
}
POST
Content-Type: application/json
/login
Example:
curl --request POST \
--url http://localhost:3000/v1/login \
--header 'content-type: application/json' \
--data '{
"email": "[email protected]",
"password": "password"
}'
Returns:
{
"accessToken": "your token here"
}
You can now use this token for further authenticated requests.
POST
Content-Type: application/json
x-access-token: your token here
/me
Example:
curl --request POST \
--url http://localhost:3000/v1/me \
--header 'x-access-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjVkZWRiNTBkMjk4ZTc5MDBjYTgxY2M1YyIsImlhdCI6MTU3NTg1OTU3MiwiZXhwIjoxNTc1OTQ1OTcyfQ.qu51CQ8GidBOk4W--AaKQ96-Fv1XjQ6HXXAcbi2SEBk'
Returns:
{
"_id": "5dedb91b298e7900ca81cc5e",
"email": "[email protected]",
"name": "Example 1"
}
POST
Content-Type: application/json
x-access-token: your token here
/update
Example:
curl --request POST \
--url http://localhost:3000/v1/update \
--header 'content-type: application/json' \
--header 'x-access-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjVkZWRiOTFiMjk4ZTc5MDBjYTgxY2M1ZSIsImlhdCI6MTU3NTg2MDUxMiwiZXhwIjoxNTc1OTQ2OTEyfQ.ssRAlJRghnjkb58Gb3bMq2CpUmF8jrujqKtsCRjwWa4' \
--data '{
"name": "Example 2",
"email": "[email protected]"
}'
Returns:
{
"_id": "5dedb91b298e7900ca81cc5e",
"email": "[email protected]",
"name": "Example 2"
}
POST
Content-Type: application/json
x-access-token: your token here
/delete
Caution: this is permanent!
Example:
curl --request POST \
--url http://localhost:3000/v1/delete \
--header 'content-type: application/json' \
--header 'x-access-token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjVkZWRiOTFiMjk4ZTc5MDBjYTgxY2M1ZSIsImlhdCI6MTU3NTg2MDUxMiwiZXhwIjoxNTc1OTQ2OTEyfQ.ssRAlJRghnjkb58Gb3bMq2CpUmF8jrujqKtsCRjwWa4' \
--data '{
"email": "[email protected]",
"password": "password"
}'
Returns:
{
"success": true
}