lets create a swagger API

cbleek commented 5 years ago

Let's start with an API. Swagger seems useful to me.

The API should be able to do the following:

register

A user should be able to register. A validated email is sufficient to send jobs.

delete

A user should be able to delete his data

edit

A user should be able to change his or her data

We should take Google as a model for the design of the API.

In the first step it should be possible to create a feed with many jobs or post a single job. Also it should be possible to get current jobs via API

cbleek commented 5 years ago

@SJhumili showed us how to connect Swagger and Gitlab. And now we have a simple CRUD API. Thanks!

https://archive.yawik.org

The API is defined by a YAML, which can be edited in Swagger.

What should the API be able to do?

A user should be able to authenticate himself or herself.
~~An authenticated user should be able to submit an RSS feed with~~
An authenticated user should be able to submit a single job advertisement.
An authenticated user should be able to retrieve a list of active job ads.
An authenticated user should be able to retrieve a list of his own posted job ads.
An authenticated user should be able to retrieve a list of job ads that he posted himself.

lets start with the registration.

cbleek commented 5 years ago

in #3 the idea comes up to only have one action for submitting a Link. Maybe we don't have to distinguish between "posting RSS feeds" and "posting job ads".

tpikachu commented 5 years ago

An authenticated user should be able to retrieve a list of job ads that he posted himself. An authenticated user should be able to retrieve a list of his own posted job ads I think these 2 statements are the same. What is difference between these?

tpikachu commented 5 years ago

As you can see in the swagger code I've added POST /job. But I couldn't define Job advertisement data format. I'd know about the data format that you want. I've also visited Google Job Posting and Your JobClassification repository. But I can't choose correct job advertisement data format there. Please tell me more about.

cbleek commented 5 years ago

A user will only provide a Link. The API will take the Links and returns an OK, if the link could be saved.

A background process (has nothing to do with the API) will take stored links and try to fetch the content. If the content contains a json-ld like this example the job gets archived. If not, the job is discarded.

An anonymous user can registers. An email with a validation link is sent to the email address. The API then needs a

GET user/validateEmail with a token as parameter.

I would like to try out early how the server is implemented for the API. I want to see how this works with the code generator, and then decide which language to implement in. Where the code is stored, etc.

tpikachu commented 5 years ago

Ok, I should create POST/addlink api to store job link. So you mean, you are going to make job dataset from this link in backend process? Like this? Job{ Organization{ ... } JobPosting{ ... } PropertyValue{ ... } }

my understanding: So with Post /addlink user should be able to submit job or rss link and the backend will save this link. And also backend will make process with this link and make job dataset and archive. If there is no json-Id in link content, this link will be discarded. And when user call Get/ joblists ,user should be able to receive job lists in above format.

Please confirm my understanding.

cbleek commented 5 years ago

So with Post /addlink user should be able to submit job or rss link and the backend will save this link. And also backend will make process with this link and make job dataset and archive. If there is no json-Id in link content, this link will be discarded.

OK

And when user call Get/ joblists ,user should be able to receive job lists in above format.

no. lets call it

GET /listlinks which lists the links posted by the user.

tpikachu commented 5 years ago

A user should be able to authenticate himself or herself. GET /login: Log in with user’s name and password. And server will reply access-token to user and frontend should save this access-token in session. GET /logout: Log out. (access-token will be in header and Server will identify user with access-token) POST /signup: Sign Up with user’s information. And in user information, there will be (username, password, email, phone...)
An authenticated user should be able to submit a single job advertisement. POST /addjoblink: an authenticated user will post a link
An authenticated user should be able to retrieve a list of active job ads.
An authenticated user should be able to retrieve a list of job ads that he posted himself.(An authenticated user should be able to retrieve a list of his own posted job ads.) GET /joblinks: an authenticated user will retrieve job lists depends on parameters. There will be ‘type’ in header. When ‘type’ is all, user will be retrieve all job links and ‘type’ is not all, user will be retrieve his own job links. So I mean when user call GET /joblinks?type=‘all’ user will retrieve all job links. And GET /joblinks?type=‘mine’ user will retrieve his own posted job links.

All apis should include user’s access-token, So that server realize that user is authenticated or unauthenticated I’ll fix some apis and create new api. I think this will take 10~15hours. Which authorization do you prefer use? I recommend bearer auth using jwt token

Please provide any advice to improve my plan.

cbleek commented 5 years ago

please use POST /login
a user does not neet the attribute "phone"
add a GET /validateEmail?token=. Token will be sent to the user by email after signup.

just go for it.

tpikachu commented 5 years ago

Please check my submits and provide any advice to what should I do anymore.

cbleek commented 5 years ago

Travis fails. Is it because of a missing dependency?

Lint error:
/security
spec/openapi.yaml:
  1) #/security Could not dereference securityScheme bearerAuth
npm ERR! Test failed.  See above for more details.
The command "npm test" exited with 1.

tpikachu commented 5 years ago

Please check it again.

cbleek commented 5 years ago

But Travis fill fails. I've googled and found.

https://github.com/swagger-api/swagger-ui/issues/3860

It looks like you're mixing OpenAPI 2.0 and 3.0: securityDefinitions is from 2.0, but type: http, scheme: bearer, and bearerFormat: JWT are from 3.0.

All API definitions need to declare their version with either a swagger: "2.0 or openapi: "3.0.0" at the top level of the definition, and follow only the syntax for that version.

tpikachu commented 5 years ago

Check it. I've just fixed.

cbleek commented 5 years ago

looks goog. So it was only a typo.

What language we should use to implement a server for this API?

tpikachu commented 5 years ago

Yeah. :)

tpikachu commented 5 years ago

I recommend nodejs

cbleek commented 5 years ago

I've no experiences with this, but it sounds good.

What would you recommend as storage?

tpikachu commented 5 years ago

We can use Firebase or AWS S3.

cbleek commented 5 years ago

this sounds good too, because I don't have to setup a database. So let's start a server who implements the API usind nodes storing data in a firebase.

Lets do it in a new Project https://github.com/cbleek/JobArchiveNodesJsServer

I've created https://github.com/cbleek/JobArchiveNodesJsServer/issues/1

cbleek / JobArchive