dsckgec / cleanurge-backend Goto Github PK

Preface

If you look at the reports model, we are currently storing just the address of the report as string. Recording the coordinates along with the address would add extra precision as well as minimize the chances of fake reporting.

Changes needed

• Edit the report schema and add a property to store the coordinates in GeoJSON format.
• Update all the create, read and update operations of reports (wherever needed) to implement the storing and retrieval of coordinates.

Preface

You must have received emails asking you to verify your account after creating a new account over some platform. These emails are generally not just textual emails but have their own UI, which is actually coded using simple HTML and CSS. Example:

This is what this issue is about.

Changes needed

• In the utils directory, create a new file named email.js. The contents of the file are given below:

  const email_ui = (email, name, link) => {
      const ui = `<HTML CODE GOES HERE>`
      return ui;
  }
  
  module.exports = email_ui;

• A UI for the email is to be designed using HTML, CSS and placed inside the email_ui variable. The email will thank the user for creating an account and provide him/her with a link to verify the account. The user's email, name and the link to verify the account are passed in the above function as email, name and link respectively. Do not forget to use these variables in the email's content. How the email should look is totally upto you!

Please create and hand me a device ID to test the routes with the MCU.

-to the Database Administrator

Preface

There is a property named 'status' under the user model, which has a value of unverified by default after a user registers into the application. Only those users are allowed to login, who have the status value as verified. So, all users after registration are to be sent an email right after registration with a link which can be used to verify them.

Changes needed

• Create a route under user.route.js file with the following properties

  • method: GET
  • endpoint: api/user/verify/:token
  • description: takes in the token from the params, queries the User table using token, changes the value of status of the fetched user to "verified", deletes the token from the fetched user document

• Add another property under user schema named token with default value as null. When a user registers into the platform, assign this token a random string value of length 32 or 64. (You can use helper functions added in the utils directory for this) and add this token in the request body in the Register controller function

• In the Register controller function, after receiving a response from the Register service, use nodemailer or any other library to mail the requesting user with the URL. For this step, use utils/email.js to generate the html body of the email by passing the email, name and the link (http://cleanurge.herokuapp.com/api/user/verify/{token})

We need a simple webpage, something like this to provide the users the option to reset password.

Instructions

• This is to be created in EJS(almost the same as HTML) and CSS.
• There are to be three input elements with the following descriptions
  • reset_token: this is to be a hidden element with value=<%= reset_token %> .
  • new_password: The new password user can put in
  • confirmed_password: same password to be repeated in this element.
• The form should send a POST request on submit to the endpoint /api/user/reset-password

Preface

Currently, there are endpoints to register a new account, login as well as fetch user(s). When a user is logged in to the system, there is to be an update feature wherein the authorized user can update his / her name, phone number and address.

Changes needed

• Add the route definition in routes/user.route.js along with the swagger documentation for the same.
• Add the route controller in controllers/user.controller.js
• Add the update user service in services/user.service.js

Make sure you follow the coding conventions used throughout the project!

Preface

Password handling is usually done in three ways

• change password: available only for authorized users i.e. the users who are already logged in. They can use this route to update their password just like they update their profile details.
• forgot password: available only for unauthorized users i.e. when the user isn't logged in. The forgot password route takes in the email of the requesting user and emails them a url to reset their password. This url has some reset_token as parameter (added int he user db) that is used to verify the user in the next step
• reset password:
  • GET method: this is the endpoint of the url that is mailed to the user on hitting the forgot password route. This would render a webpage to reset the user password
  • POST method: takes in the reset_token and the new password to reset the password of the requesting user.

Changes needed

Routes, controllers and services to achieve the above:

• api/user/change-password
  • Type: POST
  • Description: takes in new_password and confirmed_password, checks if both are the same and updates the requesting user's password.
• api/user/forgot-password
  • Type: POST
  • Description: takes in email, generates a random string - reset_token of length 32, adds this token to the user's document (add a new property under the user model to save this token) and emails the user with the link - http://cleanurge.herokuapp.com/api/user/reset-password/{reset_token}
  • Note: Assume that there is a function named password_ui in the utils directory in a file with the same name, which takes in email and link as parameter and returns the HTML to be mailed as email body. YOU DO NOT NEED TO CREATE THIS FUNCTION.
• api/user/reset-password/:reset_token
  • Type: GET
  • Description: renders a webpage to reset the password.
  • Note: Assume that there is a views/reset-password.ejs file - that you need to render. Access the reset_token from the params and pass it to the webpage while rendering as well. YOU DO NOT NEED TO CREATE THIS FILE.
• api/user/reset-password
  • Type: POST
  • Description: takes in reset_token, new_password and confirmed_password, checks if both passwords are the same and updates the user's password which has the same reset_token as provided in the request body.

The password_ui and the webpage to reset passwords will be worked on separately and are put up in different issues. While working on this issue, assume that these two are already present in the project.

See issue #2 for reference.

Changes needed

• We need a similar UI as in the reference issue but for sending a link to reset the user's password. (You are free to choose the design, the function must be similar)
• Name the file and function as password_ui

We would want to update the waste threshold of each device, as the devices keep requesting to the server periodically in the GET method to /api/beacon/{id}.