Code Monkey home page Code Monkey logo

guestbook-api's Introduction

Guestbook

The API serves as an Oracle/Directory for users to attach cross-crypto currencies to their account.

This serves as a place to verify the address and validity of profiles when trading/exchanging crypto.

Getting Started

Clone the repo.

Install Node.js and required packages: npm install

Run the server: npm run dev

Running Project (Docker)

Pull and run mongodb

docker pull mongo
docker run -d -p 27017:27017 mongo:latest

Build the docker image using docker build -t guestbook-api .

Copy the contents of .env.template file to .env and update the environment variables.

Run the docker image using docker run -p 3000:3000 --env-file=.env --network="host" guestbook-api

The API docs are now available on http://localhost:3000/api/v1/api-docs.

Authentication Flow

Authentication flow of guestbook api.

Happy Coding.

guestbook-api's People

Contributors

hussu010 avatar wakawakathedev avatar probablyarth avatar

Forkers

wakawakathedev probablyarth

guestbook-api's Issues

Implement POST /login endpoint

  • Pass "account_number", and "signature" in the body request.
  • Check if nonce is signed by the "account_number" and matches the "signature".
  • Generate JWT if yes.

Implement CRUD /profile_link endpoint

Breakdown

  • Implement POST /profile_link
  • Implement GET /profile_link/:id
  • Implement GET /profile_link/:id
  • Implement PATCH /profile_link/:id
  • Implement DELETE /profile_link/:id

Feat: ability to revoke refresh tokens

As a user, I wish to be able to revoke refresh tokens so that if refresh tokens get leaked, the attacker wone be able to generate new access tokens.

Implementation details:

  • Add an extra field on refreshToken payload called tokenId
  • Create a table called BlacklistedRefreshToken.
  • Add the revoked refreshTokens to that table.
  • While the user tries to generate accessToken using refreshToken, verify its not blacklisted.

Feat: addresses

As a user, I wish to be able to add addresses of different chains, so that I can receive donations.

Finalize the API endpoints for the MVP

Base endpoint: xyz.com/api/v1

/users/:account_number
GET
returns the account number and nonce associated with that account number.

/login
POST
Parameters: account_number, signature
returns JWT or error message.

/addresses
CRUD
Parameter: token, address, metadata (optional)
Requires: Authentication
returns success or error message.

/profile/:username
GET, PATCH
Parameters: username (requires to be gold tier for patch), description, avatar_url

/social_profile
CRUD
Requires: Authentication
Parameters: social_media, username

/profile_links
CRUD
Requires: Authentication
Parameter: title, URL

/token
GET
returns uuid, name, symbol, logo_url, requires_metadata, token_info_url

Research TNBC (Keysign) integration.

ref:
https://www.toptal.com/ethereum/one-click-login-flows-a-metamask-tutorial
https://www.topcoder.com/thrive/articles/authentication-and-authorization-in-express-js-api-using-jwt
https://www.section.io/engineering-education/how-to-build-authentication-api-with-jwt-token-in-nodejs/
https://www.simplilearn.com/tutorials/nodejs-tutorial/jwt-authentication
https://www.sohamkamani.com/nodejs/jwt-authentication/
https://www.digitalocean.com/community/tutorials/nodejs-jwt-expressjs

Generate a random avatarUrl

  • Host default avatars in incremental order on amazon s3 bucket. Format: /profile/id.png
  • Assign random avatars to the user profile.

Implement PATCH /profile endpoint

  • Only let users with GOLD and DIAMOND tier update username.
  • Validate the uniqueness of the username.
  • Allow any user update description and avatar_url.

feat: social links

As a user, I wish to be able to create social links so that i can add my social media handles in my account.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.