2018-07-08 18:17:19 +00:00
# interview-v1
2018-07-12 16:04:20 +00:00
Build status : ![](https://api.travis-ci.org/Sundowndev/interview-v1.svg)
2018-07-10 08:32:19 +00:00
2018-07-08 18:17:19 +00:00
## Description
2018-07-12 16:04:20 +00:00
1/ Develop a mini PHP REST API with json output
2018-07-08 18:17:19 +00:00
2018-07-12 16:04:20 +00:00
This api must manage 2 objects :
- User (id, name, email)
- Task (id, user_id, title, description, creation_date, status)
2018-07-08 18:17:19 +00:00
2018-07-12 16:04:20 +00:00
Create API endpoints to recover a user or task data. (e.g /user/{id})
2018-07-08 18:17:19 +00:00
2018-07-26 10:42:35 +00:00
The API must be able to manage users tasks and create the endpoints to:
2018-07-12 16:04:20 +00:00
- Fetch the latest tasks
- Create a task
- Delete a task
2018-07-08 18:17:19 +00:00
2018-07-26 10:42:35 +00:00
While developing this API, you must keep in mind it can evolve at any moment (new resources, new properties in objects ...).
2018-07-08 18:17:19 +00:00
2018-07-12 16:04:20 +00:00
2/ Create a frontend client to call the API
2018-07-08 18:17:19 +00:00
2018-07-12 16:04:20 +00:00
- The client must call the api using ajax
- We must be able to create/delete an user
- Manage user's tasks (read / add / delete)
2018-07-08 18:17:19 +00:00
2018-07-12 16:04:20 +00:00
(no framework)
2018-07-08 18:17:19 +00:00
## Installation and usage
```bash
$ git clone git@github.com:Sundowndev/interview-v1.git
$ cd interview-v1/
$ docker-compose up -d
```
You can now browse the front app at `localhost:3000` and the API at `localhost:8000` .
## Architecture
2018-07-10 10:31:57 +00:00
The architecture is made of a simple client -> server communication using Docker containers.
< p align = "center" >
< img src = "https://i.imgur.com/9EG2rso.png" alt = "" >
< / p >
2018-07-08 18:17:19 +00:00
## Database
## Security
2018-07-23 21:46:05 +00:00
To handle authentication feature, we use JWT authentication.
2018-07-12 16:04:20 +00:00
2018-07-23 21:46:05 +00:00
JSON Web Token (JWT) is an open standard ([RFC 7519](https://tools.ietf.org/html/rfc7519)) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA. [Source ](https://jwt.io/introduction/ )
2018-07-12 16:04:20 +00:00
2018-07-23 21:46:05 +00:00
As soon as the user provide valid credentials, we return a JWT token that will be needed for each request the client will send to the API.
2018-07-12 16:04:20 +00:00
2018-07-23 21:46:05 +00:00
For each request, the user send the JWT token as parameter.
![JWT explained ](https://cdn-images-1.medium.com/max/1400/1*SSXUQJ1dWjiUrDoKaaiGLA.png )
2018-07-12 16:04:20 +00:00
2018-07-10 08:32:19 +00:00
## API endpoints
2018-07-10 10:31:57 +00:00
| Method / Route | Resource | Description |
| --------------------- | ------------------ | ------------ |
2018-07-12 16:04:20 +00:00
| `POST` /auth | Authentication | Connect and get an api key |
2018-07-10 10:31:57 +00:00
| `GET` /tasks | Task | Get latest taks |
| `GET` /tasks/{id} | Task | Get a task by given id |
| `POST` /tasks | Task | Create a task |
| `PUT` /tasks/{id} | Task | Update a task by given id |
| `DELETE` /tasks/{id} | Task | Delete a task by given id |
| `GET` /me | Users | Get your own account data |
| `GET` /users/{id}/tasks | Users,Tasks | Get tasks from a given user id |