Twitter (Basic)

You can try the Twitter app here: https://backendium-twitter.herokuapp.com/.

You are going to build the API backend for Twitter clone in this exercise. We have already done the front-end for you so you can see the effects of your API endpoints.

The source code can be found on Github: https://github.com/hackpacific/backendium_twitter

Requirements / Specifications

Tables / Model

Users

• Attributes
  • username: format is string; indexed; enforce uniqueness
  • email: format is string; indexed; enforce uniqueness
  • password: format is string
  • timestamps: format is datetime
• Relationships
  • has many sessions
  • has many tweets
• Validations
  • username must be present; minimum 3 characters; maximum 64 characters; must be unique
  • password must be present; minimum 8 characters; maximum 64 characters; must be unique
  • email must be present; minimum 5 characters; maximum 500 characters
  • after validations, hash password using BCrypt (_so we don't store plain-text passwords)

Sessions

• Attributes
  • token: format is string
  • user_id: format is integer being a foreign_key with indexing
  • timestamps: format is datetime
• Relationships
  • belongs to user
• Validations
  • generate session token before validations
  • user_id must be present

Tweets

• Attributes
  • message: format is string
  • user_id: format is integer being a foreign_key with indexing
  • timestamps: format is datetime
• Relationships
  • belongs to user
• Validations
  • user_id must be present
  • message must be present; must not exceed 140 characters (that's the whole point of Twitter)

API Endpoints

POST /users

• Controller: users
• Action: create
• Description: create a new user based on given parameters
• Parameter: accept user object (i.e. { user: { username: "username", email: "[email protected]", password: "password" } })

POST /sessions

• Controller: sessions
• Action: create
• Description: create a new session based on given parameters
• Parameter: accept user object (i.e. { user: { username: "username", password: "password" } })
• Procedures
  • hash password input to compare with hashed password in database (this will validate whether the password is correct)
  • create a new session in database
  • set session token as a permanent cookie on browser

GET /authenticated

• Controller: sessions
• Action: authenticated
• Description: validate user authentication by comparing cookie with session token
• Procedures
  • retrieve cookie, find cookie in sessions table
  • if session found, it means user is authenticated

DELETE /sessions

• Controller: sessions
• Action: destroy
• Description: delete session token from database to log out a user
• Procedures
  • retrieve cookie, find cookie in sessions table
  • if session found, delete session (effectively logging out a user)

POST /tweets

• Controller: tweets
• Action: create
• Description: create a new tweet based on given parameters
• Parameter: accept user object (i.e. { tweet: { message: "message" } })
• Procedures
  • retrieve current user based on session (retrieve session based on cookie)
  • create a new tweet that belongs to the current user

DELETE /tweets/:id

• Controller: tweets
• Action: destroy
• Description: delete tweet based on given id
• Procedures
  • retrieve current user based on session (retrieve session based on cookie)
  • delete tweet if current user is the tweet author

GET /users/:id/tweets

• Controller: tweets
• Action: index_by_user
• Description: get all tweet by one user (take user id as parameter)
• Procedures
  • retrieve user based on user id
  • get all tweets by that user

GET /tweets/search/keyword

• Controller: tweets
• Action: index_by_user
• Description: get all tweet based on given keyword
• Procedures
  • use Textacular for searching in Postgres DB

To wipe your database in a clean state. You can do $ rails db:drop db:migrate or $ rails db:reset. For Heroku, you can run $ heroku pg:reset