HTTP Mux Starter

Simple MUX template project

Provides starting point for a REST API

• context
• JWT Auth + middleware
• bcrypt helper
• webhooks integration
• godotenv (env sample file provided)
• static file serving
• fs storage (JSON format)

Auth endpoints

POST /api/login

Content-Type: application/json

{
  "email": "[email protected]",
  "password": "hunter200"
}

Returns 200 OR 401

{
  "id": 1,
  "email": "[email protected]",
  "is_chirpy_red": false,
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
  "refresh_token": "56aa826d22baab4b5ec2cea41a59ecbba03e542aedbb31d9b80326ac8ffcfa2a"
}

POST /api/refresh

Returns a JWT with a refresh token passed in headers

Authorization: Bearer b056cec97994e74e6695eba938cee97513eaeb720829559812066272f5529c17

Returns 200 OR 401

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
}

POST /api/revoke

Revokes a refresh token

Authorization: Bearer b056cec97994e74e6695eba938cee97513eaeb720829559812066272f5529c17

Returns 204 OR 401

User endpoints

POST /api/users

Creates a user

Content-Type: application/json

{
  "password": "hunter200",
  "email": "[email protected]"
}

Returns 201

{
  "email": "[email protected]",
  "id": 6,
  "is_chirpy_red": false
}

PUT /api/users/{id}

Updates a user

Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJjaGlycHkiLCJzdWIiOiIxIiwiZXhwIjoxNzIwMjE1NTIxLCJpYXQiOjE3MjAyMTE5MjF9.dpLB975ewERQ5tXrYF7oLYicQyzXl27Rt3HadrgkJzg

{
  "email": "[email protected]"
}

Returns 200 OR 401

{
  "email": "[email protected]",
  "id": 6,
  "is_chirpy_red": false
}

Chirps

GET /api/chirps

Gets all chirps

Optional query parameters

GET /api/chirps?sort=asc

GET /api/chirps?sort=desc

GET /api/chirps?author_id=3

Returns 200 OR 400 (if query params are invalid)

[
  {
    "body": "Darn that fly, I just wanna cook",
    "id": 4,
    "author_id": 1
  },
  {
    "body": "Cmon Pinkman",
    "id": 3,
    "author_id": 2
  },
  {
    "body": "Gale!",
    "id": 2,
    "author_id": 1
  },
  {
    "body": "I'm the one who knocks!",
    "id": 1,
    "author_id": 4
  }
]

POST /api/chirps

Creates a chirp

Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJjaGlycHkiLCJzdWIiOiIxIiwiZXhwIjoxNzIwMjE1NTIxLCJpYXQiOjE3MjAyMTE5MjF9.dpLB975ewERQ5tXrYF7oLYicQyzXl27Rt3HadrgkJzg

{
  "body": "Last time i went to Rustbucks ! #til"
}

Returns 200 OR 400(if length is > 140)

{
  "id": 22,
  "body": "Last time i went to Rustbucks ! #til",
  "author_id": 2
}

GET /api/chirps/{id}

Gets a chirp by id

Returns 200 OR 404

{
  "id": 4,
  "body": "Darn that fly, I just wanna cook",
  "author_id": 1
}

DELETE /api/chirps/{id}

Delete a chirp by id - Only the author can perform this and will result in a 403 otherwise

Returns 204, 403 OR 404

Payment event webhook

Uses api key auth

POST /api/polka/webhooks

Authorization: ApiKey <string>

{
  "event": "user.upgraded",
  "data": {
    "user_id": 3
  }
}

Returns 204 OR 404