This project implements a user authentication and organisation management system using Go. The API supports user registration, login, and organisation management functionalities.
- User Registration and Login
- JWT Authentication
- Organisation Creation and Management
- User Organisation Association
- Field Validation and Error Handling
- Backend Language/Framework: Go
- Database: PostgreSQL
- ORM: TBD (optional)
- Authentication: JWT (JSON Web Tokens)
- Install PostgreSQL and create a database.
- Configure your application to connect to the PostgreSQL database.
- Optionally, set up an ORM of your choice.
{
"userId": "string", // must be unique
"firstName": "string", // must not be null
"lastName": "string", // must not be null
"email": "string", // must be unique and must not be null
"password": "string", // must not be null
"phone": "string"
}
{
"orgId": "string", // Unique
"name": "string", // Required and cannot be null
"description": "string"
}
Endpoint: POST /auth/register
Request Body:
{
"firstName": "string",
"lastName": "string",
"email": "string",
"password": "string",
"phone": "string"
}
Successful Response:
{
"status": "success",
"message": "Registration successful",
"data": {
"accessToken": "eyJh...",
"user": {
"userId": "string",
"firstName": "string",
"lastName": "string",
"email": "string",
"phone": "string"
}
}
}
Unsuccessful Response:
{
"status": "Bad request",
"message": "Registration unsuccessful",
"statusCode": 400
}
Endpoint: POST /auth/login
Request Body:
{
"email": "string",
"password": "string"
}
Successful Response:
{
"status": "success",
"message": "Login successful",
"data": {
"accessToken": "eyJh...",
"user": {
"userId": "string",
"firstName": "string",
"lastName": "string",
"email": "string",
"phone": "string"
}
}
}
Unsuccessful Response:
{
"status": "Bad request",
"message": "Authentication failed",
"statusCode": 401
}
Endpoint: GET /api/users/:id
Successful Response:
{
"status": "success",
"message": "<message>",
"data": {
"userId": "string",
"firstName": "string",
"lastName": "string",
"email": "string",
"phone": "string"
}
}
Endpoint: GET /api/organisations
Successful Response:
{
"status": "success",
"message": "<message>",
"data": {
"organisations": [
{
"orgId": "string",
"name": "string",
"description": "string"
}
]
}
}
Endpoint: GET /api/organisations/:orgId
Successful Response:
{
"status": "success",
"message": "<message>",
"data": {
"orgId": "string",
"name": "string",
"description": "string"
}
}
Endpoint: POST /api/organisations
Request Body:
{
"name": "string",
"description": "string"
}
Successful Response:
{
"status": "success",
"message": "Organisation created successfully",
"data": {
"orgId": "string",
"name": "string",
"description": "string"
}
}
Unsuccessful Response:
{
"status": "Bad Request",
"message": "Client error",
"statusCode": 400
}
Endpoint: POST /api/organisations/:orgId/users
Request Body:
{
"userId": "string"
}
Successful Response:
{
"status": "success",
"message": "User added to organisation successfully"
}
-
Unit Testing
-
Token generation: Ensure token expires at the correct time and correct user details are found in token.
-
Organisation: Ensure users can’t see data from organisations they don’t have access to.
-
End-to-End Test Requirements for the Register Endpoint
-
Directory Structure: Create a tests folder with the test file named
auth.spec.ext
.
- Register user successfully with default organisation.
- Log the user in successfully.
- Fail if required fields are missing.
- Fail if there’s a duplicate email or userID.