The SSE new and improved unified API.
The API uses Google OAuth for authentication. You'll need to create a Project using Google Developer Console to make use of the API's authenticated requests.
The following steps walk you through configuring Google OAuth, with the assumption you are using it for development in conjunction with the OneRepoToRuleThemAll project. If you are using another client, you will have to modify Step 6 to conform with that client's configuration.
- Navigate to Google Developer Console, making sure you are logged in to the Google account you would like associated with the OAuth Authentication.
- Select the option to create a new project, naming it whatever you wish. Click 'Create'. You should be redirected to your Project's API Manager page.
- Open the Credentials page by selecting it from the navigation pane on the left-hand side of the page (hamburger menu > APIs & Services > Credentials).
- On the Credentials page, select the option 'Create credentials', and then 'OAuth client ID'.
- You should now see a warning that you must set a product name on the consent screen. Select the option to 'Configure consent screen'. You will now be taken to the 'OAuth consent screen' settings pane. On this page, fill in the 'Application name' field with a name identifiable to your users.
SSE Dev API
is a good choice. When you're ready, click 'Save'. - Next, you'll be guided through the process of creating your OAuth Client Credentials. First, select 'Web application' as the Application type. Next, fill in the following information on the form that appears:
- Name:
SSE Dev API
(or however you'd like to refer to it internally) - Authorized JavaScript origins:
http://localhost:5000
- This is the default origin of the SSE website client development server.
- Authorized redirect URIs:
http://localhost:5000/api/v2/auth
- The URL that your client expects authentication responses to redirect to.
- Name:
- After filling in the above information, press 'Save' and you should now see your newly created credentials in a list view. Download the newly created secret by clicking the 'Download JSON' button in the row of your client (It's the down arrow). A
.json
file should be downloaded to your computer. - Finally, rename the downloaded file to
google.json
and place it in thekeys/
directory of your project.
Your dev environment is now configured for authentication using Google OAuth! Follow the steps for running the app below to get the server up and running.
NOTE: The steps below assume you are using a web-based client. If you are using another type of client, you'll have to retrieve the token in a different manner.
If you want to perform requests directly against the API (and not through the client), you'll need a valid token. Here's how to get one:
- Start up your client application and authenticate with your
g.rit.edu
RIT account. - Open the network/requests pane of your browser's developer console and view the Request headers for any request against the
node-api
.- All of your requests against the API should include this
Authorization
header and data, i.e. "Bearer YOUR_TOKEN_STRING
".
- All of your requests against the API should include this
You can also perform fake auth by setting all security too low then authing with Slack using the default username and password (hint - its hardcoded in the code)
You only need to do this if you are working on mentoring-related endpoints.
- Create a new Google Calendar for the Mentor Schedule
- In the side bar, Click on the arrow next to your new calendar and go to calendar settings.
- On the Calendar Details screen, you will find your calendar ID in the Calendar Address section. You can store this value in
keys/google.json
underweb.calendars.mentor
, or use the ENV variableMENTOR_GOOGLE_CALENDAR
. - Go to the Share Calendar Tab and make the calendar public.
- Head back to Google Developer Console. Go to the same project you created before. Go to Libraries and search for Google Calendar API. Enable that API.
- Next go to Credentials Tab. Click Create Credentials > API Key. You can store this key in
keys/google.json
underweb.api_key
or set the ENV variableGOOGLE_API_KEY
.
Only need to do this if you are working on scoreboard-related endpoints.
- Create a Mailgun account or sign in to your existing account
- Mailgun creates a sandbox address for testing with each account (eg.
sandbox<random_string>.mailgun.org
) - In order to send email from this sandbox, you have to add an authorized recipient. Click on the sandbox domain and click on the button 'Add Recipients'. Then invite a new recipient by typing in your email address.
- You'll receive an email from Mailgun asking you to confirm that you want to receive test emails from this Mailgun account. Accept this request.
- Set the ENV variable
MAILGUN_DOMAIN
with the sandbox domain, and set the ENV variableMAILGUN_SECRET
with the API key for this sandbox. - When testing scoreboard-related endpoints (i.e. approving memberships), make sure the test user you're using has your email associated with it, so that you'll receive the test emails.
npm install
mkdir keys
npm run keygen
npm run bootstrap -- --admin:firstName [YOUR NAME] --admin:lastName [YOUR LAST NAME] --admin:dce [YOUR DCE (ex: abc1234)] --keygen --seed
- Creates and migrates the database. If you specify the admin args, a membership will be created for that user with all permissions. If you specify keygen, all keys will be regenerated. If you specify seed it will seed the database.npm start
PORT="2222" npm start
- Run the server on a different port.
Testing requires a PostgreSQL database named node_api_test
to exist. This means you'll have to install and run PostgreSQL on your development computer.
If you're using macOS, Postgres.app and Postico are friendly, easy-to-use tools for running PostgreSQL.