Skip to content

Latest commit

 

History

History
162 lines (140 loc) · 7.25 KB

README.md

File metadata and controls

162 lines (140 loc) · 7.25 KB

BelTwit-REST-API

About the API

This is API that gives you a possibility to manipulate with tweets (some blocks of news, that users post). The idea was to create a simulation of popular social network twitter. The API consists of 3 controllers:

  • UserController - create, modify and delete users. Subscribe/unsubscribe + getSubscriptions/Subscribers.
  • AuthController - authentificate users (by JWT) + updating tokens
  • TwitterController - create and delete tweets. Comment, rate(likes/dislikes), retweet. Get tweets by TweetId/UserLogin

Special features of the project

  • 3 controllers, 40 methods, 9 request bodies
  • HEAD and OPTIONS methods realization
  • Models for requests bodies realization with T-type and Tuples
  • Authentication of the user with JWT (created manually without any libraries)
  • 2 tokens authentication (JWT + RefreshTokens in database)
  • Secure storing passwords (with SHA512 hash)
  • Admin user role is available
  • Sophisticated work with the database (many-to-many, one-to-many relationships)
  • Self-referencing many-to-many connection (for subscribing system)
  • Logging of all actions (and writing down them to database)
  • Beautiful and convenient documentation
  • All requests are ready for you to test in Postman - (see Postman_collection.json file)

UserController(16 methods)

Method URL Body Description Status codes
OPTIONS api/user 200
HEAD api/user 200
GET api/user Get all the users. 200
POST api/user User model Create a single user. Login(unique, length: [2;20]) and password(length: [5;100]) are required. 200, 403, 404
PUT api/user 2 users tuple Update the user by changing property values. Item1 represents OldUser(old login and password are required), and Item2 representes NewUser(all changes are here). 200, 403, 404
DELETE api/user User model Deletes the user(password and login are required). 200, 403, 404
OPTIONS api/admin-delete 200
DELETE api/user/admin-delete JwtWithUserId model Deletes the user by Id. Only for admnistrators! 200, 400, 403, 404
OPTIONS api/user/subscribe 200
HEAD api/user/subscribe "YourJWTValue" 200, 400, 404
GET api/user/subscribe "YourJWTValue" Get your subscriptions(on whom you subscribed) by JWT value. 200, 400, 404
POST api/user/subscribe UserSubscribe model Subscribes on the other user by your own JWT value and login of the other user. 200, 400, 404
DELETE api/user/subscribe UserUnsubscribe model Unsubscribes from the other user by your own JWT value and login of the other user. 200, 400, 404
OPTIONS api/user/get-subscribers 200
HEAD api/user/get-subscribers "YourJWTValue" 200, 400, 404
GET api/user/get-subscribers "YourJWTValue" Get your subscribers(who subscribed on you) by JWT value. 200, 400, 404

AuthController(6 methods)

Method URL Body Description Status codes
OPTIONS api/auth 200
HEAD api/auth "YourJWTValue" 200, 400
GET api/auth "YourJWTValue" Authorize the user by JWT value as a string. 200, 400
POST api/auth User model Authentificate the user by creating JWT(30 min) and RefreshToken(60 days). You can't have more than 5 RefreshTokens (or others will be deleted) 200, 403, 404
OPTIONS api/auth/update-tokens 200
POST api/auth/update-tokens AccessRefreshToken model Refresh your JWT[or AccessToken] (for 30 minutes) and your RefreshToken (for 60 days). 200, 400

TwitterController(18 methods)

Method URL Body Description Status codes
OPTIONS api/twitter/getByLogin/{login}
HEAD api/twitter/getByLogin/{login}
GET api/twitter/getByLogin/{login} Get all tweets of user with "login". 200, 404
OPTIONS api/twitter/getById/{id} 200
HEAD api/twitter/getById/{id} 200, 400, 404
GET api/twitter/getById/{id} Get tweet by "id". 200, 400, 404
OPTIONS api/twitter 200
HEAD api/twitter "YourJWTValue" 200, 400, 404
GET api/twitter "YourJWTValue" Get tweets of your subscriptions(users on whom you've subscribed). JWT required. 200, 400, 404
POST api/twitter JwtWithTweet model Creates a user tweet. JWT and Tweet (Content at least) required. 200, 400, 404
DELETE api/twitter JwtWithTweetId model Deletes a user tweet. JWT and TweetId required. Admin can delte any tweet. 200, 400, 404
OPTIONS api/twitter/comment-tweet 200
POST api/twitter/comment-tweet CommentAdding model Comments selected tweet(by TweetId). JWT required. 200, 400, 404
DELETE api/twitter/comment-tweet JwtWithCommentId model Delete comment by Id. JWT and TweetId required. Admin can delte any comment. 200, 400, 404
OPTIONS api/twitter/rate-tweet 200
PUT api/twitter/rate-tweet RatingAdding model Rates selected tweet(by TweetId). There are 3 possible rates "Dislike","None","Like". JWT required. 200, 400, 404
OPTIONS api/twitter/retweet 200
POST api/twitter/retweet JwtWithTweetId model Retweet selected tweet to your user. JWT required. 200, 400, 404

Controllers bodies:

User JSON model:

{
  	"Login": "yourLogin",
  	"Password": "yourPassword"
}

2-users JSON tuple:

{
	"Item1": {
		"Login": "oldLogin",
		"Password": "oldPassword"
	},
	"Item2": {
		"Login": "newLogin",
		"Password": "newPassword"
	}
}

AccessRefreshToken JSON model:

{
  	"AccessToken": "yourJWTValue",
  	"RefreshToken": "yourRefreshTokenValue",
}

UserSubscribe/Unsubscribe JSON model:

{
	"JWT": "yourJWTValue",
	"WithJWTObject": "UserLogin"
}

JwtWithTweet JSON model:

{
  	"JWT": "yourJWTValue",
  	"WithJWTObject": {
	  	"Content": "It is my tweet"
  }
}

JwtWithId JSON model:

{
  	"JWT": "yourJWTValue",
  	"WithJWTObject": "yourTweetOrCommentId"
}

CommentAdding JSON model:

{
	"JWT": "yourJWTValue",
	"WithJWTObject": {
		"TweetId":"yourTweetId",
		"WithTweetObject": "Your comment"
	}
}

RatingAdding JSON model:

{
	"JWT": "yourJWTValue",
	"WithJWTObject": {
		"TweetId":"yourTweetId",
		"WithTweetObject": "Your rateState: Dislike/None/Like"
	}
}