The interface will be a JSON API. Please follow http://jsonapi.org/ standard.
There are users, blog posts and comments. A user can own many blog posts, and a blog post can have many comments.
-
Users should be able to sign up, and log in.
-
POST /sign_up
will receive an email and password params and will create a new User. Theemail
param must be a valid email address and the password must be at least 8 chars long. -
POST /sign_in
will receive a user:password tuple and return an authentication token (auth_token fromm now on) that will be used to authenticate further requests. -
All requests (except
sign_up
andsign_in
) will require authentication via theauth_token
obtained through the sign up process. -
A user must be able to create and update Blog posts. Design semantic RESTfull endpoints to allow these actions. A user must be able to edit only the blog posts he owns.
-
A user must be able comment on any blog post.
-
A user must be able to remove a comment only from the blog posts it owns.
-
Use RSpec for testing. Please include at least on request spec for every endpoint. Add unit tests where you consider appropriate.
-
Use Devise for authentication.