-
此專案為利用 express 與 node js 以 RESTful API 實現會員系統的 CRUD 操作。
-
會員資料處存在 mysql 。
-
refresh token 儲存在 redis ,利用 TTL 自動刪除 token。
-
每一支 API 的 Response 都會包固定格式的 JSON 中,當成功
success
會是true
,反之亦然,data
欄位則是 nullable。 -
API Success JSON:
{
"success": true,
"data": {
"accessToken": "new token",
"refreshToken": "new token"
}
}
- 當 API 失敗會回傳一組自定義的 error object 在 response body 之中,包含
code
與message
- API Fail JSON:
{
"success": false,
"data": null,
"error": {
"code": "999",
"message": "/api/v2/user/apiapi not found"
}
}
- Request:
POST /api/v2/user/signIn
Accept: application/json
{
"email":"[email protected]",
"password": "password"
}
- Response:
HTTP/1.1 200 OK
Content-Type: application/json
{
"success": true,
"data": {
"id": 185,
"uid": "20231025100185",
"userName": "u21",
"email": "[email protected]",
"accessToken": "new access token",
"refreshToken": "new refresh token",
"isEmailVerified": false
}
}
- Request:
POST /api/v2/user/signUp
Accept: application/json
{
"userName": "u40",
"email": "[email protected]",
"password": "123"
}
- Response:
HTTP/1.1 200 OK
Content-Type: application/json
{
"success": true,
"data": {
"id": 192,
"uid": "20231116100192",
"userName": "u40",
"email": "[email protected]",
"accessToken": "new token",
"isEmailVerified": false
}
}
- Request:
GET /api/v2/user/profile
Host: example.com
Accept: application/json
Authorization: Bearer your_access_token
- Response:
HTTP/1.1 200 OK
Content-Type: application/json
{
"success": true,
"data": {
"id": 192,
"uid": "20231116100192",
"userName": "u40",
"email": "[email protected]",
"accessToken": "new token",
"isEmailVerified": false
}
}
- Request:
POST /api/v2/user/token
Accept: application/json
Authorization: Bearer your_access_token
{
"refreshToken":"{{refresh_token}}"
}
- Response:
HTTP/1.1 200 OK
Content-Type: application/json
{
"success": true,
"data": {
"accessToken": "new access token",
"refreshToken": "new refresh token"
}
}
由於此專案沒有串接 SMTP 服務,模擬發送信件功能是利用 Ethereal,Resposne 會包含一組 Ethereal 的連結,代表模擬的一封信,信件內文就是驗證 email 的連結。
- Request:
POST /api/v2/user/sendVerifyEmail
Accept: application/json
Authorization: Bearer your_access_token
- Response:
HTTP/1.1 200 OK
Content-Type: application/json
{
"success": true,
"data": {
"etherealLink": "https://ethereal.email/message/newLink"
}
}
- 若是已驗證過的會員,Response 則會失敗
HTTP/1.1 200 OK
Content-Type: application/json
{
"success": true,
"data": null,
"error": {
"code": "ERROR_MAIL_01",
"message": "The email has previously been successfully validated."
}
}
- Request:
GET /api/v2/user/verifyEmailToken?token=token_from_email_link
Accept: application/json
- Response:
HTTP/1.1 200 OK
Content-Type: application/json
{
"success": true,
"data": null
}
- bcrypt
- cookie
- cookie-parser
- cors
- csrf-csrf"
- dotenv
- ejs
- express
- express-jwt
- express-session
- express-validator
- jsonwebtoken
- lodash-es
- mysql2
- nodemailer
- redis
- sequelize
- uuid