Standard rails application setup
bundle install
bin/rails db:setup
You can confirm that everything is working by running specs
bundle exec rspec
Registration is somewhat product driven. Questions like:
- Do we need a password confirmation or we want as simple sign up as possible?
- What security requirements should we add to our passwords?
I've purposefully haven't answered those questions myself since they are both opiniated and not challanging to introduce
There are multiple things that can be improved in terms of security UX. Although, some of them would require introduction of ActionMailer
- Password Recovery or Password reset
- ApiTokens endpoints a. Save current user agents or other device information a. List all currently used api tokens b. Retract access from all tokens
- Add loyalty system when user makes first deposit/transfer
- All Endpoints may return
404
or422
errors with body containingerror_message
- For authentication pass header
X-API-TOKEN
with token you acquire from authentication or user creation
POST /user
Request Params
Field | Required | Type |
---|---|---|
true | String | |
password | true | String |
Response Body
{
"api_token":"b2ae5fce5685902c2a0728fac9a7be6f",
"balance":0,
"email":"[email protected]"
}
POST /user
Field | Required | Type |
---|---|---|
true | String | |
password | true | String |
Response Body
{
"api_token":"b2ae5fce5685902c2a0728fac9a7be6f",
"balance":0,
"email":"[email protected]"
}
GET /user
Response Body
{
"balance":0,
"email":"[email protected]"
}
GET /transactions
Response Body
[
{
"created_at": "2023-05-24 09:36:03 UTC",
"data": {},
"operation_description": "incoming",
"operation_type": "deposit",
"quantity": 100
},
{
"created_at": "2023-05-24 09:36:03 UTC",
"data": {},
"operation_description": "incoming",
"operation_type": "deposit",
"quantity": 100
},
{
"created_at": "2023-05-24 09:36:03 UTC",
"data": {
"transfer_to": "[email protected]"
},
"operation_description": "outgoing",
"operation_type": "transfer_sent",
"quantity": 100
}
]
POST /transactions
Request Params
Field | Required | Type | Value |
---|---|---|---|
quantity | true | Integer | |
operation_type | true | String | Deposit |
POST /transactions
Request Params
Field | Required | Type | Value |
---|---|---|---|
quantity | true | Integer | |
recipient_email | true | Integer | |
operation_type | true | String | Transfer |