Loan Tracker API is a backend service built with Golang, Gin, JWT-Go, and bcrypt. It features user registration, login, password management, and admin controls for managing users. The API follows Clean Architecture principles for scalability and maintainability. Explore the API via the provided Postman collection.
Loan Tracker API - Assessment Overview
This assessment is designed to evaluate the students' understanding and ability to implement a comprehensive backend API using Golang with the Gin framework and clean architecture principles. The task involves developing a Loan Tracker API with both user and admin functionalities, covering a range of features including user management, loan management, authentication, and system settings.
Assessment Objectives
Develop a RESTful API with the Golang Gin framework.
Implement user and admin functionalities.
Apply clean architecture principles.
Ensure secure and efficient handling of data.
Document the API using Postman.
Project Requirements
Introduction
Develop a backend API for a Loan Tracker system where users can apply for loans, and admins can manage user accounts and loans. The system should handle user authentication and authorization, provide various endpoints for loan management, and include administrative functionalities.
Functional Requirements
2.1 User Management
User Registration
Endpoint: POST /users/register
Description: Register a new user with email, password, and profile details.
Response: Success or error message.
Email Verification
Endpoint: GET /users/verify-email
Description: Verify the user's email address using a token sent to their email.
Parameters:
token: Verification token sent via email
email: User's email address
Flow of Events:
User registers on the platform.
System sends a verification email with a unique token.
User clicks on the verification link.
User is directed to the email verification endpoint.
The system verifies the token and activates the user's account.
Response: Success or error message.
User Login
Endpoint: POST /users/login
Description: Authenticate user and provide access and refresh tokens.
Flow of Events:
User Submits Credentials: The user submits their username (or email) and password to the system.
System Validates Credentials: The system checks the submitted credentials against stored user data.
Account Status Check: If the credentials are valid, the system checks whether the user's account is active or deactivated.
Handling Deactivated Accounts:
If the user is deactivated, the system may return a more specific notification and optionally, the system sends an email notification to the user informing them that their account is deactivated and provides steps for reactivation.
Successful Authentication: If the account is active and the credentials are correct, the system generates access and refresh tokens and returns them to the user
Token Refresh
Endpoint: POST /users/token/refresh
Description: Refresh access token using refresh token.
Response: New access token or error message.
User Profile
Endpoint: GET /users/profile
Description: Retrieve authenticated user profile.
Response: User profile data.
Password Reset Request
Endpoint: POST /users/password-reset
Description: Send password reset link to user's email.
Response: Success or error message.
Password Update After Reset
Endpoint: POST /users/password-reset
Description: Update the user's password using the token received in the password reset email.
Flow of Events:
User receives the password reset link via email.
User clicks the link and is directed to a password reset page.
User submits the new password along with the token.
The system verifies the token and updates the password.
System sends a confirmation response to the user.
Response: Success or error message.
2.2 Admin Functionalities
View All Users
Endpoint: GET /admin/users
Description: Retrieve a list of all users.
Response: List of users.
Delete User Account
Endpoint: DELETE /admin/users/{id}
Description: Delete a specific user account.
Response: Success or error message.
Loan Tracker API - Assessment Overview This assessment is designed to evaluate the students' understanding and ability to implement a comprehensive backend API using Golang with the Gin framework and clean architecture principles. The task involves developing a Loan Tracker API with both user and admin functionalities, covering a range of features including user management, loan management, authentication, and system settings. Assessment Objectives Develop a RESTful API with the Golang Gin framework. Implement user and admin functionalities. Apply clean architecture principles. Ensure secure and efficient handling of data. Document the API using Postman. Project Requirements
2.2 Admin Functionalities View All Users Endpoint: GET /admin/users Description: Retrieve a list of all users. Response: List of users. Delete User Account Endpoint: DELETE /admin/users/{id} Description: Delete a specific user account. Response: Success or error message.