Skip to content

API Documentation

Ramon Barros edited this page Apr 16, 2024 · 21 revisions

USER AUTHENTICATION/AUTHORIZATION

All endpoints that require authentication

All endpoints that require a user to be logged in.

  • Request: Endpoints that require authentication

  • Error Response: Require authentication

    • Status Code: 401

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Authentication required"
      }

All endpoints that require proper authorization

All endpoints that require authentication and the user does not have the correct role(s) or permission(s).

  • Request: Endpoints that require proper authorization

  • Error Response: Require proper authorization

    • Status Code: 403

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Forbidden"
      }

Get the Current User

Returns the information about the current user that is logged in.

  • Require Authentication: false

  • Request

    • Method: GET
    • URL: /api/session
    • Body: none
  • Successful Response when there is a logged in user

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "user": {
          "id": 1,
          "firstName": "John",
          "lastName": "Smith",
          "email": "john.smith@gmail.com",
          "username": "JohnSmith"
        }
      }
  • Successful Response when there is no logged in user

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "user": null
      }

Log In a User

Logs in a current user with valid credentials and returns the current user's information.

  • Require Authentication: false

  • Request

    • Method: POST

    • URL: /api/session

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "credential": "john.smith@gmail.com",
        "password": "secret password"
      }
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "user": {
          "id": 1,
          "firstName": "John",
          "lastName": "Smith",
          "email": "john.smith@gmail.com",
          "username": "JohnSmith"
        }
      }
  • Error Response: Invalid credentials

    • Status Code: 401

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Invalid credentials"
      }
  • Error response: Body validation errors

    • Status Code: 400

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Bad Request", // (or "Validation error" if generated by Sequelize),
        "errors": {
          "credential": "Email or username is required",
          "password": "Password is required"
        }
      }

Sign Up a User

Creates a new user, logs them in as the current user, and returns the current user's information.

  • Require Authentication: false

  • Request

    • Method: POST

    • URL: /api/users

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "firstName": "John",
        "lastName": "Smith",
        "email": "john.smith@gmail.com",
        "username": "JohnSmith",
        "password": "secret password"
      }
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "user": {
          "id": 1,
          "firstName": "John",
          "lastName": "Smith",
          "email": "john.smith@gmail.com",
          "username": "JohnSmith"
        }
      }
  • Error response: User already exists with the specified email

    • Status Code: 500

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "User already exists",
        "errors": {
          "email": "User with that email already exists"
        }
      }
  • Error response: User already exists with the specified username

    • Status Code: 500

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "User already exists",
        "errors": {
          "username": "User with that username already exists"
        }
      }
  • Error response: Body validation errors

    • Status Code: 400

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Bad Request", // (or "Validation error" if generated by Sequelize),
        "errors": {
          "email": "Invalid email",
          "username": "Username is required",
          "firstName": "First Name is required",
          "lastName": "Last Name is required"
        }
      }

Log Out the Current User

Logs out the user.

  • Require Authentication: true

  • Request

    • Method: DELETE
    • URL: '/api/session'
    • Headers:
      • Content-Type: application/json
    • Body: none
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Success"
      }

EVENTS

Get all Events

Returns the Events.

  • Require Authentication: true

  • Request

    • Method: GET
    • URL: '/api/events'
    • Body: none
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "Events": [
          {
            "id": 1,
            "userId": 1,
            "eventName": "Secret Santa",
            "eventDate": "12/24/2024",
            "eventDescription": "Join our Secret Santa event! Participants will anonymously exchange gifts, spreading holiday cheer and surprises. Get ready to share the joy of giving without revealing your identity. Let the festive fun begin!",
            "maxGiftCost": 50.00,
            "maxAttendees": null,
            "private": true,
            "previewImage": "image url",
            "createdAt": "2021-11-19 20:39:36",
            "updatedAt": "2021-11-19 20:39:36"
          }
        ]
      }

Get all Events joined or organized by the Current User

Returns all the groups.

  • Require Authentication: true

  • Request

    • Method: GET
    • URL: /api/events/current
    • Body: none
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
      "Events": [
          {
              "id": 1,
              "userId": 1,
              "eventName": "A/a Secret Santa",
              "eventDescription": "A fun Secret Santa event where participants exchange gifts anonymously.",
              "maxGiftCost": 50,
              "maxAttendees": 15,
              "private": true,
              "imgUrl": "https://res.cloudinary.com/drv1e8rjp/image/upload/v1711245334/frame_one_uf6eoa.jpg",
              "eventDate": "2024-12-20",
              "createdAt": "2024-04-16 03:32:10",
              "updatedAt": "2024-04-16 03:32:10"
          },
          {
              "id": 2,
              "userId": 1,
              "eventName": "Secret Buddy",
              "eventDescription": "A fun Secret Santa event where participants exchange gifts anonymously.",
              "maxGiftCost": 10,
              "maxAttendees": 20,
              "private": false,
              "imgUrl": "https://res.cloudinary.com/drv1e8rjp/image/upload/v1711245334/frame_one_uf6eoa.jpg",
              "eventDate": "2024-12-15",
              "createdAt": "2024-04-16 03:32:10",
              "updatedAt": "2024-04-16 03:32:10"
          },
          {
              "id": 3,
              "userId": 2,
              "eventName": "Work Secret Buddy",
              "eventDescription": "A fun Secret Buddy event where participants exchange gifts anonymously.",
              "maxGiftCost": null,
              "maxAttendees": 2,
              "private": true,
              "imgUrl": "https://res.cloudinary.com/drv1e8rjp/image/upload/v1711245334/frame_one_uf6eoa.jpg",
              "eventDate": "2024-12-13",
              "createdAt": "2024-04-16 03:32:10",
              "updatedAt": "2024-04-16 03:32:10"
          }
      ]
      }
  • Error response: Couldn't find a Events for current user

    • Status Code: 404

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "User is not attending any events"
      }

Get details of an Event specified by its id

Returns the details of an event specified by its id.

  • Require Authentication: true

  • Request

    • Method: GET
    • URL: /api/events/:eventId
    • Body: none
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "id": 1,
        "userId": 1,
        "eventName": "Secret Santa",
        "eventDate": "12/24/2024",
        "eventDescription": "Join our Secret Santa event! Participants will anonymously exchange gifts, spreading holiday cheer and surprises. Get ready to share the joy of giving without revealing your identity. Let the festive fun begin!",
        "maxGiftCost": 50.00,
        "maxAttendees": null,
        "createdAt": "2021-11-19 20:39:36",
        "updatedAt": "2021-11-19 20:39:36",
        "Attendees": [
          {
            "id": 1,
            "username": "John",
            "Wishlist": {
              "id": 1
            }
          },
          {
            "id": 2,
            "username": "Alice",
            "Wishlist": {
              "id": 2
            }
          }
        ],
        "Organizer": {
          "id": 1,
          "username": "John"
        }
      }
  • Error response: Couldn't find a Event with the specified id

    • Status Code: 404

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Event couldn't be found"
      }

Create Event for the Current User

Creates and returns the user's Event.

  • Require Authentication: true

  • Request

    • Method: POST

    • URL: '/api/events/current'

    • Body:

      {
        "eventName": "Secret Buddy",
        "eventDescription": "Some description",
        "eventDate": "12/23/2024",
        "private": true,
      }
  • Successful Response

    • Status Code: 201

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "id": 1,
        "userId": 1,
        "eventName": "Secret Buddy",
        "eventDate": "12/23/2024",
        "eventDescription": "Some description",
        "maxGiftCost": null,
        "maxAttendees": null,
        "private": true,
        "createdAt": "2021-11-19 20:39:36",
        "updatedAt": "2021-11-19 20:39:36"
      }
  • Error response: Body validation errors

    • Status Code: 400

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Bad Request",
        "errors": {
          "eventName": "Event Name is required",
          "eventDescription": "Event Descripition is required",
          "eventDate": "Event Date is required",
          "private": "Private must be a boolean",
        }
      }

Edit the Current User's Event

  • Require Authentication: true

  • Request

    • Method: PUT

    • URL: '/api/events/:eventId'

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "eventName": "Updated Name",
        "eventDate": "12/20/2024",
        "eventDescription": "Updated description",
        "maxGiftCost": 50.00,
        "maxAttendees": 20
      }
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "id": 1,
        "userId": 1,
        "eventName": "Updated Name",
        "eventDate": "12/20/2024",
        "eventDescription": "Updated description",
        "maxGiftCost": 50.00,
        "maxAttendees": 20,
        "createdAt": "2021-11-19 20:39:36",
        "updatedAt": "2021-11-19 20:39:36"
      }
  • Error response: User does not currently have an Event

    • Status Code: 404

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Event couldn't be found"
      }

Delete the Current User's Event

Deletes the user's Event.

  • Require Authentication: true

  • Request

    • Method: DELETE
    • URL: '/api/events/:eventId'
    • Body: none
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Successfully deleted"
      }
  • Error response: User does not currently have an Event

    • Status Code: 404

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Event couldn't be found"
      }

ATTENDEES

Get all Attendees of an Event specified by its id

Returns the attendees of an event specified by its id.

  • Require Authentication: false

  • Request

    • Method: GET
    • URL: /api/events/:eventId/attendees
    • Body: none
  • Successful Response: If you ARE the organizer of the private event. Shows all attendees including those with a status pending.

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "Attendees": [
          {
            "id": 2,
            "firstName": "Clark",
            "lastName": "Adams",
            "status": "attending"
          },
          {
            "id": 4,
            "firstName": "Jane",
            "lastName": "Doe",
            "status": "pending"
          },
        ]
      }
  • Successful Response: Shows all members of a public event.

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "Attendees": [
          {
            "id": 2,
            "firstName": "Clark",
            "lastName": "Adams",
            "status": null
          }
        ]
      }
  • Error response: Couldn't find an Event with the specified id

    • Status Code: 404

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Event couldn't be found"
      }

Request to Attend an Event based on the Event's id

Request attendance for an event specified by id.

  • Require Authentication: true

  • Request

    • Method: POST
    • URL: /api/events/:eventId/attendance
    • Headers:
      • Content-Type: application/json
    • Body: none
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "userId": 2,
        "eventId": 2,
        "status": "pending"
      }
  • Error response: Couldn't find an Event with the specified id

    • Status Code: 404

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Event couldn't be found"
      }
  • Error response: Current User already has a pending attendance for the event

    • Status Code: 400

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Attendance has already been requested"
      }
  • Error response: Current User is already an accepted attendee of the event

    • Status Code: 400

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "User is already an attendee of the event"
      }
  • Error response: Event has too many attendees

    • Status Code: 400

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Too many attendees in this event"
      }

Change the status of an attendance for an event specified by id

Change the status of an attendance for an event specified by id.

  • Require Authentication: true

  • Require proper authorization: Current User must already be the organizer or have a attending the event with the status of "co-host"

  • Request

    • Method: PUT

    • URL: /api/events/:eventId/attendance

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "status": "attending"
      }
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "id": 1,
        "eventId": 1,
        "userId": 2,
        "status": "attending"
      }
  • Error response: Couldn't find an Event with the specified id

    • Status Code: 404

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Event couldn't be found"
      }
  • Error response: If changing the attendance status to false.

    • Status Code: 400

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Cannot change an attendance status to pending."
      }
  • Error response: If attendance does not exist

    • Status Code: 404

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Attendance between the user and the event does not exist"
      }

Delete attendance to an event specified by id

Delete an attendance to an event specified by id.

  • Require Authentication: true

  • Require proper authorization: Current User must be the organizer of the event, or the user whose attendance is being deleted

  • Request

    • Method: DELETE
    • URL: /api/events/:eventId/attendance/:userId
    • Headers:
      • Content-Type: application/json
    • Body: none
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Successfully deleted"
      }
  • Error response: Couldn't find an Event with the specified id

    • Status Code: 404

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Event couldn't be found"
      }
  • Error response: Attendance does not exist for this User

    • Status Code: 404

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Attendance does not exist for this User"
      }
  • Error response: Only the User or organizer may delete an Attendance

    • Status Code: 403

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Only the User or organizer may delete an Attendance"
      }

WISHLISTS

Get all Wishlists from current user

Returns all wishlists.

  • Require Authentication: true

  • Request

    • Method: GET
    • URL: /api/wishlists
    • Body: none
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "Wishlists": [
          {
            "id": 1,
            "attendeeId": 1,
            "eventId": 1,
            "createdAt": "2021-11-19 20:39:36",
            "updatedAt": "2021-11-19 20:39:36"
      
          },
          {
            "id": 2,
            "attendeeId": 2,
            "eventId": 1,
            "createdAt": "2021-11-19 20:39:36",
            "updatedAt": "2021-11-19 20:39:36"
      
          }
        ]
      }

Get a Wishlist by ID

Returns the details of a wishlist specified by its ID.

  • Require Authentication: true

  • Request

    • Method: GET
    • URL: /api/wishlists/:wishlistId
    • Body: none
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "id": 1,
        "attendeeId": 1,
        "eventId": 1,
        "createdAt": "2021-11-19 20:39:36",
        "updatedAt": "2021-11-19 20:39:36"
      }
  • Error response: Couldn't find a Wishlist with the specified ID

    • Status Code: 404

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Wishlist couldn't be found"
      }

Create a Wishlist

Creates and returns a new wishlist.

  • Require Authentication: true

  • Request

    • Method: POST
    • URL: /api/wishlists
    • Body:
      {
        "attendeeId": 1,
        "eventId": 1
      }
  • Successful Response

    • Status Code: 201

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "id": 3,
        "attendeeId": 1,
        "eventId": 1,
        "createdAt": "2024-04-04 12:00:00",
        "updatedAt": "2024-04-04 12:00:00"
      }
  • Error response: Body validation errors

    • Status Code: 400

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Bad Request",
        "errors": {
          "attendeeId": "Attendee id is required",
          "eventId": "Event id is required"
        }
      }

Delete a Wishlist

Deletes(reset) a wishlist.

  • Require Authentication: true

  • Request

    • Method: DELETE
    • URL: /api/wishlists/:wishlistId
    • Headers:
      • Content-Type: application/json
    • Body: none
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Successfully deleted"
      }
  • Error response: Couldn't find a Wishlist with the specified ID

    • Status Code: 404

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Wishlist couldn't be found"
      }

PRODUCTS

Get all Products in a Wishlist

Returns all products in a specific wishlist.

  • Require Authentication: true

  • Request

    • Method: GET
    • URL: '/api/wishlists/:wishlistId/products'
    • Body: none
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "Products": [
          {
            "id": 1,
            "wishlistId": 1,
            "productName": "Gift Card",
            "productDescription": "Amazon Gift Card",
            "productImageUrl": "image url",
            "productPrice": 25.00,
            "productLink": "https://www.amazon.com/gift-card",
            "createdAt": "2021-11-19 20:39:36",
            "updatedAt": "2021-11-19 20:39:36"
          },
          {
            "id": 2,
            "wishlistId": 1,
            "productName": "Coffee Mug",
            "productDescription": "Funny Coffee Mug",
            "productImageUrl": "image url",
            "productPrice": 10.00,
            "productLink": "https://www.example.com/coffee-mug",
            "createdAt": "2021-11-19 20:39:36",
            "updatedAt": "2021-11-19 20:39:36"
          }
        ]
      }

Get a Product by ID

Returns the details of a product specified by its ID.

  • Require Authentication: true

  • Request

    • Method: GET
    • URL: '/api/wishlists/:wishlistId/products/:productId'
    • Body: none
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "id": 1,
        "wishlistId": 1,
        "productName": "Gift Card",
        "productDescription": "Amazon Gift Card",
        "productImageUrl": "image url",
        "productPrice": 25.00,
        "productLink": "https://www.amazon.com/gift-card",
        "createdAt": "2021-11-19 20:39:36",
        "updatedAt": "2021-11-19 20:39:36"
      }
  • Error response: Couldn't find a Product with the specified ID

    • Status Code: 404

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Product couldn't be found"
      }

Create a Product in a Wishlist

Creates and returns a new product in a wishlist.

  • Require Authentication: true

  • Request

    • Method: POST

    • URL: '/api/wishlists/:wishlistId/products'

    • Body:

      {
        "productName": "Laptop",
        "productDescription": "MacBook Pro",
        "productImageUrl": "image url",
        "productPrice": 1500.00,
        "productLink": "https://www.apple.com/macbook-pro"
      }
  • Successful Response

    • Status Code: 201

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "id": 3,
        "wishlistId": 1,
        "productName": "Laptop",
        "productDescription": "MacBook Pro",
        "productImageUrl": "image url",
        "productPrice": 1500.00,
        "productLink": "https://www.apple.com/macbook-pro",
        "createdAt": "2024-04-04 12:00:00",
        "updatedAt": "2024-04-04 12:00:00"
      }
  • Error response: Body validation errors

    • Status Code: 400

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Bad Request",
        "errors": {
          "productName": "Product Name is required",
          "productPrice": "Product Price is required"
        }
      }

Update a Product in a Wishlist

Updates the details of a product in a wishlist.

  • Require Authentication: true

  • Request

    • Method: PUT

    • URL: '/api/wishlists/:wishlistId/products/:productId'

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "productName": "Updated Laptop",
        "productDescription": "Updated MacBook Pro",
        "productImageUrl": "updated image url",
        "productPrice": 1600.00,
        "productLink": "https://www.apple.com/updated-macbook-pro"
      }
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "id": 3,
        "wishlistId": 1,
        "productName": "Updated Laptop",
        "productDescription": "Updated MacBook Pro",
        "productImageUrl": "updated image url",
        "productPrice": 1600.00,
        "productLink": "https://www.apple.com/updated-macbook-pro",
        "createdAt": "2024-04-04 12:00:00",
        "updatedAt": "2024-04-04 12:05:00"
      }
  • Error response: Couldn't find a Product with the specified ID

    • Status Code: 404

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Product couldn't be found"
      }

Delete a Product from a Wishlist

Deletes a product from a wishlist.

  • Require Authentication: true

  • Request

    • Method: DELETE
    • URL: '/api/wishlists/:wishlistId/products/:productId'
    • Body: none
  • Successful Response

    • Status Code: 200

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Successfully deleted"
      }
  • Error response: Couldn't find a Product with the specified ID

    • Status Code: 404

    • Headers:

      • Content-Type: application/json
    • Body:

      {
        "message": "Product couldn't be found"
      }