DevCamper
所属分类:托管/部署
开发工具:SCSS
文件大小:0KB
下载次数:0
上传日期:2023-09-05 12:54:01
上 传 者:
sh-1993
说明: 创建令人惊叹的编码训练营作为训练营主持人,并作为希望学习编程的学生找到并注册这些训练营,
(Create amazing coding bootcamps as the bootcamp host & find and enroll in them as a student who wishes to learn programming,)
文件列表:
.DS_Store (10244, 2023-10-01)
DevCamper API.postman_collection.json (16135, 2023-10-01)
backend/ (0, 2023-10-01)
backend/_data/ (0, 2023-10-01)
backend/_data/bootcamps.json (2456, 2023-10-01)
backend/_data/courses.json (3660, 2023-10-01)
backend/_data/reviews.json (4888, 2023-10-01)
backend/_data/users.json (2148, 2023-10-01)
backend/config/ (0, 2023-10-01)
backend/config/db.js (322, 2023-10-01)
backend/config/example.config.env (554, 2023-10-01)
backend/controllers/ (0, 2023-10-01)
backend/controllers/auth.js (5739, 2023-10-01)
backend/controllers/bootcamps.js (5314, 2023-10-01)
backend/controllers/courses.js (4594, 2023-10-01)
backend/controllers/reviews.js (3068, 2023-10-01)
backend/controllers/users.js (1490, 2023-10-01)
backend/middleware/ (0, 2023-10-01)
backend/middleware/advancedResults.js (1738, 2023-10-01)
backend/middleware/async.js (138, 2023-10-01)
backend/middleware/auth.js (1387, 2023-10-01)
backend/middleware/error.js (832, 2023-10-01)
backend/middleware/logger.js (192, 2023-10-01)
backend/models/ (0, 2023-10-01)
backend/models/Bootcamp.js (3317, 2023-10-01)
backend/models/Course.js (2036, 2023-10-01)
backend/models/Review.js (1801, 2023-10-01)
backend/models/User.js (2094, 2023-10-01)
backend/package-lock.json (131517, 2023-10-01)
backend/package.json (891, 2023-10-01)
backend/public/ (0, 2023-10-01)
backend/public/uploads/ (0, 2023-10-01)
backend/public/uploads/photo_5d725a1b7b292f5f8ceff788.ico (318, 2023-10-01)
backend/router/ (0, 2023-10-01)
backend/router/api/ (0, 2023-10-01)
backend/router/api/auth.js (610, 2023-10-01)
backend/router/api/bootcamps.js (1267, 2023-10-01)
backend/router/api/courses.js (959, 2023-10-01)
backend/router/api/reviews.js (770, 2023-10-01)
... ...
# DevCamper Backend API Specifications
Create the backend for a bootcamp directory website. The frontend/UI will be created by another team (future course). The html/css template has been created and can be used as a reference for functionality. All of the functionality below needs to be fully implmented in this project.
### Bootcamps
- List all bootcamps in the database
* Pagination
* Select specific fields in result
* Limit number of results
* Filter by fields
- Search bootcamps by radius from zipcode
* Use a geocoder to get exact location and coords from a single address field
- Get single bootcamp
- Create new bootcamp
* Authenticated users only
* Must have the role "publisher" or "admin"
* Only one bootcamp per publisher (admins can create more)
* Field validation via Mongoose
- Upload a photo for bootcamp
* Owner only
* Photo will be uploaded to local filesystem
- Update bootcamps
* Owner only
* Validation on update
- Delete Bootcamp
* Owner only
- Calculate the average cost of all courses for a bootcamp
- Calculate the average rating from the reviews for a bootcamp
### Courses
- List all courses for bootcamp
- List all courses in general
* Pagination, filtering, etc
- Get single course
- Create new course
* Authenticated users only
* Must have the role "publisher" or "admin"
* Only the owner or an admin can create a course for a bootcamp
* Publishers can create multiple courses
- Update course
* Owner only
- Delete course
* Owner only
### Reviews
- List all reviews for a bootcamp
- List all reviews in general
* Pagination, filtering, etc
- Get a single review
- Create a review
* Authenticated users only
* Must have the role "user" or "admin" (no publishers)
- Update review
* Owner only
- Delete review
* Owner only
### Users & Authentication
- Authentication will be ton using JWT/cookies
* JWT and cookie should expire in 30 days
- User registration
* Register as a "user" or "publisher"
* Once registered, a token will be sent along with a cookie (token = xxx)
* Passwords must be hashed
- User login
* User can login with email and password
* Plain text password will compare with stored hashed password
* Once logged in, a token will be sent along with a cookie (token = xxx)
- User logout
* Cookie will be sent to set token = none
- Get user
* Route to get the currently logged in user (via token)
- Password reset (lost password)
* User can request to reset password
* A hashed token will be emailed to the users registered email address
* A put request can be made to the generated url to reset password
* The token will expire after 10 minutes
- Update user info
* Authenticated user only
* Separate route to update password
- User CRUD
* Admin only
- Users can only be made admin by updating the database field manually
## Security
- Encrypt passwords and reset tokens
- Prevent cross site scripting - XSS
- Prevent NoSQL injections
- Add a rate limit for requests of 100 requests per 10 minutes
- Protect against http param polution
- Add headers for security (helmet)
- Use cors to make API public (for now)
## Documentation
- Use Postman to create documentation
- Use docgen to create HTML files from Postman
- Add html files as the / route for the api
## Deployment (Digital Ocean)
- Push to Github
- Create a droplet - https://m.do.co/c/5424d440c63a
- Clone repo on to server
- Use PM2 process manager
- Enable firewall (ufw) and open needed ports
- Create an NGINX reverse proxy for port 80
- Connect a domain name
- Install an SSL using Let's Encrypt
## Code Related Suggestions
- NPM scripts for dev and production env
- Config file for important constants
- Use controller methods with documented descriptions/routes
- Error handling middleware
- Authentication middleware for protecting routes and setting user roles
- Validation using Mongoose and no external libraries
- Use async/await (create middleware to clean up controller methods)
- Create a database seeder to import and destroy data
近期下载者:
相关文件:
收藏者: