In this challenge you are developing set of APIs for Brilliant Careers app.

Challenge Requirements

You will build the following endpoints in this challenge :

- Register

- Route : /register

- The endpoint will create new user using the provided parameters, and auto login user.

- Input :

- First name

- Last name

- Username

- Email

- Password

- Photo (URL)

- School

- Grade

- Response

- Return the created user information (exclude password) including the auth token.

- Login

- Route : /login

- User should be able to login using username or password.

- Response

- The created auth token.

- Logout

- Route : /logout

- This endpoint should destroy the passed in auth token.

- Login with facebook/google/twitter

- Create endpoints to support register and auto login user using the three social networks : google, facebook, and twitter.

- User fields should be pulled from the social accounts  if possible.

- Endpoints should register user if not exist, if exists, it should auto login by creating auth token and return it.

- Forgot Password

- Route : /forgotpassword

- Send a forgot password email.

- The user can submit to this endpoint using either an email or username.

- The logic should use password code and configurable expiration date.

- Reset Password

- Route: /resetPassword

- This will reset the user password.

- Input : email, reset code, and password.

- Get User Profile

- Route: /{username}

- This endpoint returns user profile information.

- If username is ‘me’ then return the logged in user token.

- This endpoint should be protected.

- Get Schools

- Route: /schools

- This is a lookup endpoint to return list of schools.

- Get Grades

- Route: /grades

- This is a lookup endpoint to return list of grades.

- Get connected social networks

- Route: /social/connections

- This endpoint should return list of connected social networks of the calling user.

- It should include the user profile id, social network username.

- Disconnect social network connection

- Route : /social/{type}/disconnect

- This endpoint should disconnect the specified social network {type} of the calling user.

Notes

- Prefix for api routes : /api/

- All api endpoints input parameters should be properly validated.

- Create simple authentication logic that generate and store auth tokens in separate table, including information : time, and login IP.

- Error messages should be in json format, with fields : message, error code, and error flag (true).

- Attached in forums a nodejs api starter kit, you must use it as base code for your work.

- We don’t have specific DB table definitions, we are open to your creativity here.

- Use Mailgun to send emails.

- Postman file should be updated with proper endpoints and test cases.

- Proper logging should be added for all endpoints.

- All code must be linted using eslint.com

- All code must be properly documented.

Technology Stack

- NodeJS 4.x

- Postgres 9.4

- Heroku

 

Final Submission Guidelines

Deliverables

- Git patch file that include all changes.

- Deployment guide should be the README filed updated with all required steps to deploy and test your app locally and on heroku.

- Verification document.