api-regulation-a-plus-crowdsale

The API that interfaces between C4Coin's Regulation A+ Crowdsale website and smart contracts

• develop —
• master —

Functional Requirements

The API Server supports the C4Coin Regulation A+ Crowdsale website.

• Investor Registration

• Password Reset

• Two Factor Auth support (RSA token or similar)

• Investor login

  • Investor KYC data upload/update (how to verify the person's details? send a postcard?)
  • Investor Ethereum Address Registration
  • Investor Ethereum Address Update
  • Buy Tokens
  • Logout

• Admin login

  • Verify Potential Investor's Ethereum Address / KYC data
  • Unverify Investor Address
  • set USDConversionRate
  • finaliseCrowdsale

• Get Public Crowdsale Data

  • startDate (UTC)
  • endDate (UTC)
  • tokens sold (integer)
  • isGoalReached (boolean)
  • isCapReached (boolean)
  • investor count
  • amountRaised (USD)

Security

• The login feature will return a time-limited JOSE token containing encrypted user credentials.
• all subsequent activities requiring user authentication will extract this token from the authorization header.
• if the token expires a new one can be generated to replace it.

API Routes incomplete

GET /ping

Returns a heartbeat response.

200 Okay

{
  "response": "okay",
  "uptime": secondsSinceServerLaunch
}

GET /

Returns a list of API versions.

200 Okay

[
  {
    version: 1,
    path: '/api/v1'
  }
]

POST /api/v1/login (not implemented)

Logs a user in via simple credentials (can be enhanced later to support 2fa)

Body params

{
  username: 'string',
  password: 'string'
}

Returns

200 Okay

{
  token: 'some-jwt-that-must-go-in-the-header-to-remain-logged-in'
}

Error Response

401 Unauthorised

POST /api/v1/logout (not implemented)

Logs a user out

Returns

200 Okay

Development

Prerequisites

• NodeJS, version 9+ (I use nvm to manage Node versions — brew install nvm.)
• Docker (Use Docker for Mac, not the homebrew version)
• Access to the C4Coin Jira

Initialisation

npm install

To Start the API server while working on API clients.

docker-compose up -d

Runs the database and server within docker, exposing the API on port 3001.

To Start the server to work on the server itself

npm install

Run docker-compose up -d db to only start Postgres,

Then run npm start to start the api server on port 3000

Seed some data

With the database running, run

I_KNOW_WHAT_I_AM_DOING=true npm run seed

Test it

run docker-compose up db -d to only start Postgres, then:

• npm test — runs the unit tests (quick)
• npm run test:db — runs the database tests (not so quick)
• npm run test:server — runs the API endpoint tests (not so quick)
• npm run test:all — runs all the tests (slowest of all)

Lint it

npm run lint

Deployment

The site will be deployed automatically to heroku once CircleCI has cleared a merge to either develop (staging server) or master (production).

Contributing

Please see the contributing notes.