This repository is for development of TWE Web Application for The Hindu Education Plus Club.
Checkout the The Weekly Edge here
Login to as a THEPC Member here
Progress tested with basic ui for now
- Routes for basic user operations set up - Login, Register, Signup, Update, Delete, logout, logout everywhere, forgot password.
- Routes for handling articles set up - create, update, list by id, list all, delete
- basic frontend with hbs dynamic rendering
- validation using validator during db storage
- auth middleware - checks for jwt token during login/signup and stored browser cookie.
- picture upload for each article
Request Body or Request Query or Request Params are Null unless stated otherwise
All Responses are in Status Codes and JSON
-
Create User - POST api/users/signup
- Request Body: JSON with name,email,password,department
- On Success: 200, {created User,token}
- On failiure: 400
-
Login User - POST api/users/login
- Request Body: email,password
- On Success: 200, {user,token}
- On post failure: 400
-
Logout User - POST api/users/logout & Logout from everywhere api/users/logoutAll
- On success: 200
- Request Header - "Authorization" - with Bearer token recieved (referred from here on as AUTH HEADER)
- Auth Failiure: 401
- On post Failiure: 500
-
Get Dashboard api/users/dashboard, Login api/users/login, Signup api/users/signup
- Give back 200 - Render from react
-
Fetch User Name by ID - GET /api/users/name/:id
- No Auth
- Success - 200, user's name as string (not object)
- Failiure - 400 /(If not found 404)
-
Update User - PATCH api/users/me
- Request Body: JSON with keys as valid fields that can be changed (name, email,password,age,department)
- Auth Header - 401 on Failiure
- On Success: 200, updated user
- On Failiure (patch or invalid update): 400
-
Delete User - DELETE api/users/me
- Auth Header - 401 on Failiure
- On Success: 200
- On delete Failiure: 500
-
Read User - GET api/users/me
- Auth Header - 401 on Failure
- On success - 200, UserObject of the jwt token
- On failure - 404
-
Request Password Reset - POST api/users/recover
- No Auth
- On success - 200
- On failure - 500
-
Reset User Password - POST api/users/recover/:token
- No Auth
- On success - 200
- On failure - 500
-
Read Contributions of all users - GET api/users/me/contribution
-
Auth Header - 401 on Failure
-
On Success - 200, List of objects with id,name and contribution field objects - (that in turn has myTotalContribution,myTotalNewsContibution,mySatireNewsContibution,myTotalFactsContibution,myEditorialNewsContibution)
-
On Failure - 404
-
Create Article - POST api/articles
- Request Body: JSON with atype,atitle,acontent,picture(picture is type: file) -- UPDATE: Picture Upload Disabled for Now
- approved is "pending" by default
- Auth Header (Here checks author also - only author can see their articles)
- On success: 200, created article
- On post Failiure: 500
-
Get Picture - GET /articles/:id/picture
- Request Param: ID of the picture
- Auth header
- On success: 200, picture as png
- On failiure: 404
-
List all articles by the user - GET /articles/list
- Request Query:
- No Query - List all articles by default order
- GET /articles/list?limit=2&skip=2 for Pagination - eg: if 4 articles are present: lists 2 after skipping first 2
- GET /articles/list?sortBy=createdAt:asc - lists articles sorted by any feature - here by createdAt
- On Success: 200, list of articles
- Request Query:
-
List article by ID - GET /articles/:id
- Request Params: Article ID
- On Success: 200, article
- On Failiure: 400
-
Update article by ID - PATCH /articles/:id
- Request Param: Article ID
- Request Body: JSON with key value pairs to be updated
- On Success:200, updated article
- On patch failiure: 400
- On invalid ID: 404
-
Delete Article By ID - DELETE /articles/:id
- Request Param: Article ID
- On Success:200, deleted article
- On patch failiure: 400
- On invalid ID: 404
-
Approve and Select Edition Route - PATCH /articles/select/edition/:id
- Request Param : Article ID
- Request Body : JSON with approved: "approved"/"rejected" and edition:'edition number'
- On Success:200, updated article with new approved and (edition (id),editionNumber)
- On Auth Failure - 401
- On Failure - 400
-
Check Admin for Dashboard - POST /check/admin
- On failure - 401 ,"Please Authenticate"
- On success - 200, {"admin":true} or {"admin":false}
-
List all articles in the database (irrespective of edition etc) - POST /admin/allarticles
- On Success - 200, List of all articles
- Auth Header - On failiure 401 (could be user login auth failure or admin auth (from middleware) failure)
- On Failure - 400
-
Create Edition - POST /edition/create/
- Input - JSON with ename, enumber,edesc (edesc len <= 5000 chars)
- On Success - 201, edition
- Admin Auth - 401 on Failure
- On Failure - 400
-
Read Edition details by edition number - GET /edition/:number
- req.params.number is edition number 'enumber' in edition object
- Public - No Authorization
- On success - 200, edition
- On Failure - 400
-
All Edition Details without articles - GET /edition
- Public - No Authorization
- On success - 200, editions
- On Failure - 400,404
-
Admin Add HOV Link to Edition - PATCH /edition/adminhovpost/:number
- req.params.number : edition number
- req.body JSON with "hov" : "youtube link"
- Admin auth
- On success - 200, edition
- On Failure - 400
-
Update Edition - PATCH /edition/update/:id
- Request Param: Edition ID
- Request Body: JSON with key value pairs to be updated (ename, enumber)
- Admin auth
- On Success:200, updated edition
- On patch failiure: 400
- On invalid ID: 404
© Copyright of The Hindu Education Plus Club VIT Vellore