This is API that gives you a possibility to manipulate with tweets (some blocks of news, that users post). The idea was to create a simulation of popular social network twitter. The API consists of 3 controllers:
- UserController - create, modify and delete users. Subscribe/unsubscribe + getSubscriptions/Subscribers.
- AuthController - authentificate users (by JWT) + updating tokens
- TwitterController - create and delete tweets. Comment, rate(likes/dislikes), retweet. Get tweets by TweetId/UserLogin
- 3 controllers, 40 methods, 9 request bodies
- HEAD and OPTIONS methods realization
- Models for requests bodies realization with T-type and Tuples
- Authentication of the user with JWT (created manually without any libraries)
- 2 tokens authentication (JWT + RefreshTokens in database)
- Secure storing passwords (with SHA512 hash)
- Admin user role is available
- Sophisticated work with the database (many-to-many, one-to-many relationships)
- Self-referencing many-to-many connection (for subscribing system)
- Logging of all actions (and writing down them to database)
- Beautiful and convenient documentation
- All requests are ready for you to test in Postman - (see
Postman_collection.jsonfile)
| Method | URL | Body | Description | Status codes |
|---|---|---|---|---|
| OPTIONS | api/user | 200 |
||
| HEAD | api/user | 200 |
||
| GET | api/user | Get all the users. | 200 |
|
| POST | api/user | User model | Create a single user. Login(unique, length: [2;20]) and password(length: [5;100]) are required. | 200, 403, 404 |
| PUT | api/user | 2 users tuple | Update the user by changing property values. Item1 represents OldUser(old login and password are required), and Item2 representes NewUser(all changes are here). | 200, 403, 404 |
| DELETE | api/user | User model | Deletes the user(password and login are required). | 200, 403, 404 |
| OPTIONS | api/admin-delete | 200 |
||
| DELETE | api/user/admin-delete | JwtWithUserId model | Deletes the user by Id. Only for admnistrators! | 200, 400, 403, 404 |
| OPTIONS | api/user/subscribe | 200 |
||
| HEAD | api/user/subscribe | "YourJWTValue" |
200, 400, 404 |
|
| GET | api/user/subscribe | "YourJWTValue" |
Get your subscriptions(on whom you subscribed) by JWT value. | 200, 400, 404 |
| POST | api/user/subscribe | UserSubscribe model | Subscribes on the other user by your own JWT value and login of the other user. | 200, 400, 404 |
| DELETE | api/user/subscribe | UserUnsubscribe model | Unsubscribes from the other user by your own JWT value and login of the other user. | 200, 400, 404 |
| OPTIONS | api/user/get-subscribers | 200 |
||
| HEAD | api/user/get-subscribers | "YourJWTValue" |
200, 400, 404 |
|
| GET | api/user/get-subscribers | "YourJWTValue" |
Get your subscribers(who subscribed on you) by JWT value. | 200, 400, 404 |
| Method | URL | Body | Description | Status codes |
|---|---|---|---|---|
| OPTIONS | api/auth | 200 |
||
| HEAD | api/auth | "YourJWTValue" |
200, 400 |
|
| GET | api/auth | "YourJWTValue" |
Authorize the user by JWT value as a string. | 200, 400 |
| POST | api/auth | User model | Authentificate the user by creating JWT(30 min) and RefreshToken(60 days). You can't have more than 5 RefreshTokens (or others will be deleted) | 200, 403, 404 |
| OPTIONS | api/auth/update-tokens | 200 |
||
| POST | api/auth/update-tokens | AccessRefreshToken model | Refresh your JWT[or AccessToken] (for 30 minutes) and your RefreshToken (for 60 days). | 200, 400 |
| Method | URL | Body | Description | Status codes |
|---|---|---|---|---|
| OPTIONS | api/twitter/getByLogin/{login} | |||
| HEAD | api/twitter/getByLogin/{login} | |||
| GET | api/twitter/getByLogin/{login} | Get all tweets of user with "login". | 200, 404 |
|
| OPTIONS | api/twitter/getById/{id} | 200 |
||
| HEAD | api/twitter/getById/{id} | 200, 400, 404 |
||
| GET | api/twitter/getById/{id} | Get tweet by "id". | 200, 400, 404 |
|
| OPTIONS | api/twitter | 200 |
||
| HEAD | api/twitter | "YourJWTValue" |
200, 400, 404 |
|
| GET | api/twitter | "YourJWTValue" |
Get tweets of your subscriptions(users on whom you've subscribed). JWT required. | 200, 400, 404 |
| POST | api/twitter | JwtWithTweet model | Creates a user tweet. JWT and Tweet (Content at least) required. | 200, 400, 404 |
| DELETE | api/twitter | JwtWithTweetId model | Deletes a user tweet. JWT and TweetId required. Admin can delte any tweet. | 200, 400, 404 |
| OPTIONS | api/twitter/comment-tweet | 200 |
||
| POST | api/twitter/comment-tweet | CommentAdding model | Comments selected tweet(by TweetId). JWT required. | 200, 400, 404 |
| DELETE | api/twitter/comment-tweet | JwtWithCommentId model | Delete comment by Id. JWT and TweetId required. Admin can delte any comment. | 200, 400, 404 |
| OPTIONS | api/twitter/rate-tweet | 200 |
||
| PUT | api/twitter/rate-tweet | RatingAdding model | Rates selected tweet(by TweetId). There are 3 possible rates "Dislike","None","Like". JWT required. |
200, 400, 404 |
| OPTIONS | api/twitter/retweet | 200 |
||
| POST | api/twitter/retweet | JwtWithTweetId model | Retweet selected tweet to your user. JWT required. | 200, 400, 404 |
{
"Login": "yourLogin",
"Password": "yourPassword"
}{
"Item1": {
"Login": "oldLogin",
"Password": "oldPassword"
},
"Item2": {
"Login": "newLogin",
"Password": "newPassword"
}
}{
"AccessToken": "yourJWTValue",
"RefreshToken": "yourRefreshTokenValue",
}{
"JWT": "yourJWTValue",
"WithJWTObject": "UserLogin"
}{
"JWT": "yourJWTValue",
"WithJWTObject": {
"Content": "It is my tweet"
}
}{
"JWT": "yourJWTValue",
"WithJWTObject": "yourTweetOrCommentId"
}{
"JWT": "yourJWTValue",
"WithJWTObject": {
"TweetId":"yourTweetId",
"WithTweetObject": "Your comment"
}
}{
"JWT": "yourJWTValue",
"WithJWTObject": {
"TweetId":"yourTweetId",
"WithTweetObject": "Your rateState: Dislike/None/Like"
}
}