Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Specs for Devcamper Udemy course project

DevCamper Backend API Specifications

Create the backend for a bootcamp directory website. The frontend/UI will be created by another team (future course). The html/css template has been created and can be used as a reference for functionality. All of the functionality below needs to be fully implmented in this project.

Bootcamps

  • List all bootcamps in the database
    • Pagination
    • Select specific fields in result
    • Limit number of results
    • Filter by fields
  • Search bootcamps by radius from zipcode
    • Use a geocoder to get exact location and coords from a single address field
  • Get single bootcamp
  • Create new bootcamp
    • Authenticated users only
    • Must have the role "publisher" or "admin"
    • Only one bootcamp per publisher (admins can create more)
    • Field validation via Mongoose
  • Upload a photo for bootcamp
    • Owner only
    • Photo will be uploaded to local filesystem
  • Update bootcamps
    • Owner only
    • Validation on update
  • Delete Bootcamp
    • Owner only
  • Calculate the average cost of all courses for a bootcamp
  • Calculate the average rating from the reviews for a bootcamp

Courses

  • List all courses for bootcamp
  • List all courses in general
    • Pagination, filtering, etc
  • Get single course
  • Create new course
    • Authenticated users only
    • Must have the role "publisher" or "admin"
    • Only the owner or an admin can create a course for a bootcamp
    • Publishers can create multiple courses
  • Update course
    • Owner only
  • Delete course
    • Owner only

Reviews

  • List all reviews for a bootcamp
  • List all reviews in general
    • Pagination, filtering, etc
  • Get a single review
  • Create a review
    • Authenticated users only
    • Must have the role "user" or "admin" (no publishers)
  • Update review
    • Owner only
  • Delete review
    • Owner only

Users & Authentication

  • Authentication will be ton using JWT/cookies
    • JWT and cookie should expire in 30 days
  • User registration
    • Register as a "user" or "publisher"
    • Once registered, a token will be sent along with a cookie (token = xxx)
    • Passwords must be hashed
  • User login
    • User can login with email and password
    • Plain text password will compare with stored hashed password
    • Once logged in, a token will be sent along with a cookie (token = xxx)
  • User logout
    • Cookie will be sent to set token = none
  • Get user
    • Route to get the currently logged in user (via token)
  • Password reset (lost password)
    • User can request to reset password
    • A hashed token will be emailed to the users registered email address
    • A put request can be made to the generated url to reset password
    • The token will expire after 10 minutes
  • Update user info
    • Authenticated user only
    • Separate route to update password
  • User CRUD
    • Admin only
  • Users can only be made admin by updating the database field manually

Security

  • Encrypt passwords and reset tokens
  • Prevent NoSQL injections
  • Add headers for security (helmet)
  • Prevent cross site scripting - XSS
  • Add a rate limit for requests of 100 requests per 10 minutes
  • Protect against http param polution
  • Use cors to make API public (for now)

Documentation

  • Use Postman to create documentation
  • Use docgen to create HTML files from Postman
  • Add html files as the / route for the api

Deployment (Digital Ocean)

  • Push to Github
  • Create a droplet - https://m.do.co/c/5424d440c63a
  • Clone repo on to server
  • Use PM2 process manager
  • Enable firewall (ufw) and open needed ports
  • Create an NGINX reverse proxy for port 80
  • Connect a domain name
  • Install an SSL using Let's Encrypt

Code Related Suggestions

  • NPM scripts for dev and production env
  • Config file for important constants
  • Use controller methods with documented descriptions/routes
  • Error handling middleware
  • Authentication middleware for protecting routes and setting user roles
  • Validation using Mongoose and no external libraries
  • Use async/await (create middleware to clean up controller methods)
  • Create a database seeder to import and destroy data
@lawaldare

This comment has been minimized.

Copy link

@lawaldare lawaldare commented Oct 2, 2019

Great, boss. We, Angular devs, are waiting too!

@Eventyret

This comment has been minimized.

Copy link

@Eventyret Eventyret commented Oct 2, 2019

Love it! Great. I'm looking forward to digg into this one!

@destinio

This comment has been minimized.

Copy link

@destinio destinio commented Oct 2, 2019

Just wish I did not have to wait

@faouzi-ait

This comment has been minimized.

Copy link

@faouzi-ait faouzi-ait commented Oct 3, 2019

Hello, I just found this project outline and it looks really good,
I just have a couple of questions:
1- Is this part of a bootcamp program?
2- Would you have other projects outline like this one?

Thank you!!

@MoSanogo

This comment has been minimized.

Copy link

@MoSanogo MoSanogo commented Oct 4, 2019

I do like it :it is a complete project in depth!!!!

@Greenpaulo

This comment has been minimized.

Copy link

@Greenpaulo Greenpaulo commented Oct 9, 2019

Looking forward to this!!!

@Eventyret

This comment has been minimized.

Copy link

@Eventyret Eventyret commented Oct 10, 2019

Minor thought could be fun to deploy this to Digital Ocean by using docker etc ?

@darrenbarklie

This comment has been minimized.

Copy link

@darrenbarklie darrenbarklie commented Nov 25, 2019

Just about to get started, looking forward to this one Brad!

@KgosiTshepo

This comment has been minimized.

Copy link

@KgosiTshepo KgosiTshepo commented Mar 9, 2020

Whoop,whoop hello full stack development👨🏾‍💻

@Zain-ul-abdin0

This comment has been minimized.

Copy link

@Zain-ul-abdin0 Zain-ul-abdin0 commented Jun 20, 2020

where is html and css of the project

@Zain-ul-abdin0

This comment has been minimized.

Copy link

@Zain-ul-abdin0 Zain-ul-abdin0 commented Jun 20, 2020

I need fronend of the devcamper you show in the course

@nimit2801

This comment has been minimized.

Copy link

@nimit2801 nimit2801 commented Jan 1, 2021

Got a course on Orielly. Thank You, so much. @bradtraversy

@afshanafi

This comment has been minimized.

Copy link

@afshanafi afshanafi commented Jan 2, 2021

Thank you so much Brad for giving this wonderful course.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.