{
"status_code": 422,
"message": "Validation failed",
"errors": {
"firstName": "First name is a string",
"lastName": "Last name is a string",
"location": "Location is a string"
}
}
Authentication and Authorization
Authentication
The endpoint should be protected and only authenticated users should be able to access it.
The endpoint should return a 401 status code if the user is not authenticated.
{
"status_code": 401,
"message": "Unauthorized"
}
Authorization
Users should not be able to update another user profile.
The endpoint should return a 403 status code if the user is not authorized to update the profile.
{
"status_code": 403,
"message": "Forbidden"
}
Error Handling
Error Response
The endpoint should return a 404 status code if the user is not found.
{
"status_code": 404,
"message": "User not found"
}
The endpoint should return a 500 status code if the server cannot process the request.
{
"status_code": 500,
"message": "Internal server error"
}
Security
Implement rate limiting to prevent abuse of the API.
Implement proper error handling to prevent information disclosure.
Implement proper logging to monitor the API.
Implement proper validation to prevent injection attacks.
Documentation
The endpoint should be properly documented.
The documentation should include the request and response examples.
The documentation should include the data validation rules.
The documentation should include the authentication and authorization rules.
The documentation should include the error handling rules.
Testing
Write tests for the endpoint.
Test the endpoint with valid and invalid data.
Test the endpoint with authenticated and unauthenticated users.
Test the endpoint with authorized and unauthorized users.
Test the endpoint with valid and invalid access tokens.
Test the endpoint with valid and invalid user IDs.
Test the endpoint with valid and invalid request payloads.
Test the endpoint with valid and invalid data validation rules.
Description
Implement an endpoint that allows registered and authenticated users to update their profile.
Endpoint Features
Acceptance Criteria
PUT /api/v1/users/:user_id
.HTTP PUT
request.200
status code if the update is successful.401
status code if the user is not authenticated.Authorization: Bearer: <token>
API Endpoint
Request Example
Response Example
Data Validation
Input Validation
firstName
field must be a string.lastName
field must be a string.location
field must be a string.Authentication and Authorization
Authentication
401
status code if the user is not authenticated.Authorization
403
status code if the user is not authorized to update the profile.Error Handling
Error Response
404
status code if the user is not found.500
status code if the server cannot process the request.Security
Documentation
Testing