softwareengineeringdaily / software-engineering-daily-api Goto Github PK
View Code? Open in Web Editor NEWBackend API for Software Engineering Daily
Home Page: https://softwareengineeringdaily.github.io/
License: MIT License
Backend API for Software Engineering Daily
Home Page: https://softwareengineeringdaily.github.io/
License: MIT License
We need a separate model to track user listening. This will help create recommendations for our ML algorithms, but will also help us not recommend podcast the user already listened to. Extra points if you have a good solution (probably using Redis) to quickly get what the user listened to.
Heroku is set up with two pipelines:
Backend: https://dashboard.heroku.com/pipelines/fede41a2-4266-4945-ad9b-6dbbc048390a
Frontend: https://dashboard.heroku.com/pipelines/05ed1ae0-571e-459b-bca2-9a3aa3562bc9
Both of these have staging environments (4 total environments)
master is deployed to all 4
Backend environments respond to Postman requests, but not frontend requests
software-enginnering-daily-api -> sedaily-backend
Update User model so it doesn't include passwords on find queries..
Use: password: { type: String, select: false }
And including the password should be explicit, via : query.select('+password')
There are two mongodb services declared in the docker-compose.yml file: a mongo 3.5 and a mongo 3.4.2. This makes it confusing as to which container hostname to use in the .env.docker_example.
We should make a global event log to decouple event creation from writing to the database. That will make it easier for people to build applications on top of SE Daily infrastructure.
A user called ambrosi9 pinged me on Slack and said they cannot login and aren't sure what to do.
We need to set up password reset via email.
Is there an ad hoc solution that we can implement to get ambrosi9 back online?
Okay - I got a bit confused over this one and responded posted too quickly (web vs mobile facebook auth). But this morphs my issue into a new one - If we're going to use facebook mobile token auth should we not be implementing web based as well? I'm willing to give it a try.
I'm trying to get the API documented up-to-speed with swagger/jsdoc and am struggling with Facebook auth. It doesn't follow the typical passport/oauth2 flow (two GET routes - one for request access, one with callback). I also don't see this in use in any of the front-ends. Can anyone provide clarity?
It is becoming a consensus that Javascript needs to be statically typed to prevent bugs. I'd like to add Flow to this: https://flow.org/. I'm also open to looking in to ReasonJS/ReactReason, but I think that may be front end only.
npm run test:coverage
=============================== Coverage summary ===============================
Statements : 68.03% ( 349/513 )
Branches : 51.52% ( 102/198 )
Functions : 52.21% ( 59/113 )
Lines : 68.8% ( 333/484 )
================================================================================
The vote logic is currently in the post controller. We need to organize it into the vote controller and remove the old unused code.
S3 probably
🚨 You need to enable Continuous Integration on all branches of this repository. 🚨
To enable Greenkeeper, you need to make sure that a commit status is reported on all branches. This is required by Greenkeeper because we are using your CI build statuses to figure out when to notify you about breaking changes.
Since we did not receive a CI status on the greenkeeper/initial
branch, we assume that you still need to configure it.
If you have already set up a CI for this repository, you might need to check your configuration. Make sure it will run on all new branches. If you don’t want it to run on every branch, you can whitelist branches starting with greenkeeper/
.
We recommend using Travis CI, but Greenkeeper will work with every other CI service as well.
Once you have installed CI on this repository, you’ll need to re-trigger Greenkeeper’s initial Pull Request. To do this, please delete the greenkeeper/initial
branch in this repository, and then remove and re-add this repository to the Greenkeeper integration’s white list on Github. You'll find this list on your repo or organization’s settings page, under Installed GitHub Apps.
Right now we loop through parent comments and make a query for each of them to get their children. What we really should be doing is making 1 query that grabs all the ids of the parents and then we make a second query to fetch all the children. So two queries instead of number-of-parent-comment-queries
.
In order to fully implement #3 (adding social auth), there needs to be a Facebook app created and configured at https://developers.facebook.com
Even if encrypted & even if returning my own password hash.
It seems it still does return hashed passwords in certain cases.
This method did not work:
Reproduce on frontend by looking at Vuex in chrome and seeing "me.password" field
TravisCI is linked correctly but the config seems to be incorrect.
We need to add social auth. I'm also open to other auths as well, but Facebook and Google were requested. The requirements are:
Currently will only be validated on updates but we eventually want to require these fields: [username, email, name]
What do you guys think? If we are using "real names" to display in the app we should require that field, otherwise we can use username (at the moment probably contains emails so that's why I'm adding name).
I can see leaving email as optional. Seems a bit weird to have both email and username but it's not the end of the world? Eventually we can allow users to login via either username or email like many sites do.
Hey everyone,
This probably was discussed on the Slack channel and I just missed it but would love to have the option to pick a different speed for the audio.
Not sure if there should be pending tests.
// TODO: add a test to make sure we can't update
// username to that of an existing user!
// TODO: add test so we make sure we can only modify our
// own data. (I've been testing this edge case with postman).
Seems that if the token is invalid user stays logged in.
Also should tie into Heroku.
Open to discussion. Here are some ideas.
What's the intended use of favoriting vs upvote/downvote?
I see the use of upvote/downvote as similar to youtube which makes sense. Why also have favoriting? From my perspective, you would have one function or the other in an app, but not both.
Similar but perhaps semantically more meaningful might be "bookmark", which could be used if you want to keep as a list eps to listen to later, eps you might like to listen to again/do more research on related resources. Upvote/downvote would be intended only for those you've listened to (or partially listened to) already.
Specifically for usernames.
Currently done at the controller level / auth route:
Algolia (maybe free because we are Open Source)
ElasticSearch
Users need to be able to favorite posts. We need:
Just in case we break anything
This wasn't a problem previously, because /users
wasn't used in index.route.js
. But now that it is, a call to api/users/:userId
will return all user info even if you're not that same user or even logged in.
Something that might address this as well as support issues #36 and #56 going forward, could be a toAuthJSON
and toProfileJSON
functions which would only expose those elements to the same authenticated user and to anyone respectively. Here is a similar example.
Because there is both auth and user controller it seems it would be easiest to put in model but its worth discussing.
As a stop gap - simply disabling the route might be the best choice (my guess is it isn't used anywhere, because the /users was only recently exposed)
(node:23702) DeprecationWarning: open()
is deprecated in mongoose >= 4.11.0, use openUri()
instead, or set the useMongoClient
option if using connect()
or createConnection()
. See http://mongoosejs.com/docs/connections.html#use-mongo-client
Currently the implementation is not ideal.
Here is an example on one idea on how to make it a bit cleaner:
Just a note here, that we should set up guidelines for the best practices and architecture we want to follow. We don't have to implemented everything at once, but it would be good to have a plan and outline.
Update I have a doc written and will post that soon. Then we can develop tasks based on that. Feel free to post your ideas.
limit
is a parameter in the posts.controller
list
method but doesn't actually do anything. post.model
expects limitOption
instead and so the default value of 10 is always used regardless of what is provided.
I think this would be a fairly straight forward fix - but if I wanted to update the tests it gets a little more complicated (see below). So should this be done now, or, since existing front-end app functionality doesn't seem to be affected, perhaps it's better addressed along with implementation of type system - see issue #9
For the tests - I'm looking at post.test.js
and it seems like the idea is we're mocking the creation of data in an empty Mongo test database. However, when saving a new posts, there is no date because there is no date in the Mongoose model. As far as I can tell this is only available when loading data from wordpress - so I can't see how the should get all posts (with limit and skip)
test would pass with mock data (not loaded from WP).
Anyways, I could figure this out but I'm wondering if it's worth it to be done now or just addressed along with the type system because the whole code base will be changed anyways.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.