VidlyAPI

Deployed Version

Live demo (Feel free to visit) 👉 : https://vidly-rental-api.herokuapp.com

API Usage

Check Vidly API Documentation for more info.

Deployment

The website is deployed with git into heroku. Below are the steps taken:

git init
git add -A
git commit -m "Commit message"
heroku login
heroku create
heroku config:set CONFIG_KEY=CONFIG_VALUE
git push heroku master
heroku open

Installation

You can fork the app or you can git-clone the app into your local machine. Once done that, please install all the dependencies by running

$ npm i
$ npm start

Build With

• Node.js - JS runtime environment
• VSCode - Free source-code editor made by Microsoft
• Express - The web framework used
• Mongoose - Object Data Modelling (ODM) library
• MongoDB Atlas - Cloud database service
• Postman - API testing
• Git - Open source distributed version control system
• MailTrap - Email delivery platform
• Cloudinary - an end-to-end image and video management solution
• Heroku - Cloud platform

NPM Packages

• dotenv
• morgan
• multer
• eslint
• eslint-config-airbnb
• eslint-config-prettier
• eslint-plugin-import
• eslint-plugin-jsx-a11y
• eslint-plugin-node
• eslint-plugin-prettier
• eslint-plugin-react
• ndb
• prettier
• nodemon
• chalk
• slugify
• jsonwebtoken
• nodemailer
• express-mongo-sanitize
• xss-clean
• helmet
• hpp
• express-rate-limit
• cors
• validator
• compression
• argon2
• cloudinary
• cookie-parser
• moment
• sharp
• streamifier
• winston

Demonstration

1) Genres

• Get All Genres
  • This route will return all the genres in the database.
  • Anyone can access this route.
• Get Movie
  • This route will return a specific genre's data by providing it's ID.
  • Anyone can access this route.
• Create New Movie
  • This route will allow the user to create new genre by providing name.
  • Only Logged in user can access this route.
• Update Movie
  • This route will allow the user to update a specific genre by providing it's ID.
  • Only Logged in user can access this route.
• Delete Move
  • This route will allow the user to delete a specific genre by providing it's ID.
  • Only Logged in user can access this route.

2) Customers

• Get All Customers
  • This route will return all the customers in the database.
  • Anyone can access this route.
• Get Movie
  • This route will return a specific customers's data by providing it's ID.
  • Anyone can access this route.
• Create New Movie
  • This route will allow the user to create new customer by providing name, phone and isGold(BOOLEAN true/false) Fields.
  • Only Logged in user can access this route.
• Update Movie
  • This route will allow the user to update a specific customer by providing it's ID.
  • Only Logged in user can access this route.
• Delete Move
  • This route will allow the user to delete a specific customer by providing it's ID.
  • Only Logged in user can access this route.

3) Movies

• Get All Movies
  • This route will return all the movies in the database.
  • Anyone can access this route.
• Get Movie
  • This route will return a specific movie's data by providing it's ID.
  • Anyone can access this route.
• Create New Movie
  • This route will allow the user to create new movie by providing it's title, genere ID, year, dailyRentalRate and numberInStock fields (optional fields: directors list / writers list / cast list).
  • Only Logged in user can access this route.
• Update Movie
  • This route will allow the user to update a specific movie by providing it's ID.
  • Only Logged in user can access this route.
• Delete Move
  • This route will allow the user to delete a specific movie by providing it's ID.
  • Only Logged in user can access this route.

4) Rental

• Get All Rentals
  • This route will return all the rentals in the database.
  • Anyone can access this route.
• Get Rental
  • This route will return a specific rental's data by providing the it's ID.
  • Anyone can access this route.
• Create New Rental
  • This route will allow the user to create new rental by providing the Movie's ID and the Customer's ID.
  • Only Logged in user can access this route.
• Update Rental
  • This route will allow the user to update a specific rental by providing it's ID.
  • Only Logged in user can access this route.
• Delete Rental
  • This route will allow the user to delete a specific rental by providing it's ID.
  • Only Logged in user can access this route.
• Return Rental
  • Returning a Rental and create a new document in the return collection in the database and update the rental document.
  • Only Logged in user can access this route.

5) Users & Authentication

• User Login
  • User can login by sending his correct email and password.
  • Plain text password will compare with stored hashed password.
  • JWT and cookie should expire in 30 days.
  • Anyone can access SignIn route.
  • Once logged in, a token will be sent along with a cookie (token = xxx).
• User registration
  • Register as a "user" or "admin"
  • The user should enter the main data which is (name/email/role/password/passwordConfirm).
  • Once registered, a token will be sent along with a cookie (token = xxx)
  • Password is going to be hashed and saved into the database.
  • A message sent to the user's own email with the activation token of his email.
• User logout
  • Cookie will be sent to set token = none.
  • Only Logged in user can access this route.
• Fogot Password
  • When the user forget his password he can enter this route.
  • User should send his email.
  • The route will send an message to the user's email contains the reset password link (token).
  • Anyone can access this route.
• Reset Password
  • User can request to reset password.
  • A hashed token will be emailed to the users registered email address.
  • A put request can be made to the generated url to reset password.
  • The token will expire after 10 minutes.
  • Only Valid Tokens will allow the user to reset his password.
• Get current user data
  • Route to get the currently logged in user (via token).
  • Only Logged in user can access this route.
• Update Current User Data
  • This route allow the user to update his email and name only.
  • Only Logged in user can access this route.
• Delete Current User Data
  • This route allow the user to remove himself from the database, so he cannot login again.
  • Only Logged in user can access this route.
• Update user info
  • Separate route to update password.
  • Only Logged in user can access this route.
• Upload Current User Photo.
  • This route allow the user to upload his own avatar to the cloud and the database.
  • Only Logged in user can access this route.
• Delete Current User Photo.
  • This route allow the user to delete his own avatar from the cloud and the database.
  • Only Logged in user can access this route.
• Get User Avatar
  • This route will allow you to get user's avatar by providing user's ID.
• Confirm Email.
  • This route allow the user to active and confirm his Email.
  • Only user who have the confirmation token can active his email.
• User CRUD
  • Admin only can access these routes.

Future Updates

• Create Front-End design for the api
• Improve authentication and authorization
• And More ! There's always room for improvement!

Known Bugs

Feel free to email me at [email protected] if you run into any issues or have questions, ideas or concerns. Please enjoy and feel free to share your opinion, constructive criticism, or comments about my work. Thank you! 🙂