Use Node.js, Express and Knex to build an API with authentication and authorization using JSON Web Tokens.
You will complete the following tasks and do any extra wiring and package installation necessary for the app to compile.
Write the following user access functions inside api/users/users-model.js:
-
find -
findBy -
findById
Write the following auth middlewares inside api/auth/auth-middleware.js:
-
restricted -
checkRoleType -
checkUsernameExists -
validateRoleName
Authentication will be implemented using JSON Web Tokens.
Write the following endpoints inside api/auth/auth-router.js:
-
[POST] /api/auth/register -
[POST] /api/auth/login
The endpoints inside api/users/users-router.js are built already but check them out:
-
[GET] /api/users- only users with a valid token AND valid session can access -
[GET] /api/users/:user_id- only users with a valid token/session AND a role of 'admin' can access
Create a .env file and use process.env.PORT with dotenv package to retrieve information from .env (Make sure not to push .env to github, add it to .gitignore)
| field | data type | metadata |
|---|---|---|
| user_id | unsigned integer | primary key, auto-increments, generated by db |
| username | string | required, unique |
| password | string | required |
| role_id | unsigned integer | foreign key, required |
| field | data type | metadata |
|---|---|---|
| role_id | unsigned integer | primary key, auto-increments, generated by db |
| role_name | string | required, unique |
- The project comes with
migrate,rollbackandseedscripts in case you need to reset the database. - You are welcome to create additional files but do not move or rename existing files or folders.
- In your solution, it is essential that you follow best practices and produce clean and professional results.
- Perform basic professional polishing including spell-checking and grammar-checking on your work.
- Build a React application that implements components to register, login and view a list of users. Gotta keep sharpening your React skills.