Simple Todo app where user can login his account and get access only his todo and their also an admin who have all access to edit, delete, get user's data.
-
_idnameemailuniquepasswordrole- [admin, user]accountStatus- [pending, active, rejected]
-
_idtitleuniquedescriptiontodoStatus- [incomplete, inProgress, completed]authorId
-
_idtokenauthorId
-
-
Authorization and JWT Token require
-
/api/v1/admin/u/all- GET - Return all users -
/api/v1/admin/u/:userId- PATCH - Only edit accountStatus and role
-
-
/api/v1/u/register- POST - Register a new user/api/v1/u/login- GET - Login a user and return a JWT token/api/v1/u/logout- GET - Expire the JWT for a logged in user/api/v1/u/update- PATCH - Update only user's name JWT require/api/v1/u/forgetPassword- POST - Get a pincode in user's mail to change password/api/v1/u/changePassword- PATCH - [pinCode, oldPassword, newPassword] - update the user's password
-
-
All routes below only works for the logged in user && Authentication require
-
/api/v1/t/new- POST - Creates a new Todo and authenticate user by JWT token -
/api/v1/t/:todoId- GET - Get a single Todo and authenticate user by JWT token -
/api/v1/t/all- GET - Get all Todos and authenticate user by JWT token -
/api/v1/t/:todoId- PATCH - Update acceptable information of the requested Todo and authenticate user by JWT token -
/api/v1/t/:todoId- DELETE - Delete the requested Todo and authenticate user by JWT token
-
-
- The first user of this system will be an admin
- Admin can get all user's data (except password)
- Admin can edit an user's accountStatus and role
-
- If the user's accountStatus is pending then user couldn't create any todo untill the admin active this account. only can login.
- If the user's accountStatus is rejected then user couldn't login. He must have to contact with the admin through email to activate his account.
-
- Whenever a user/admin login he gets a JWT token and then the token will be saved in the token database. An user/admin can have only one valid token at a time.