-
-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #6 from micheltlutz/readme/challenge3
new challenge 3
- Loading branch information
Showing
3 changed files
with
115 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
# Back-end Developer Technical Challenge 3 | ||
|
||
## Objective: | ||
|
||
Its main objective is to design and implement the back-end logic to support the front-end interface form for user login. Continuing the previous challenge where a user was registered. This includes configuring the required API routes, handling data, and ensuring that the authentication process works as expected. | ||
|
||
## Specifications: | ||
|
||
### Validate User Credentials: | ||
|
||
- The route should expect a POST request with a JSON body formatted as: | ||
|
||
```json | ||
{ | ||
"userid": "john.doe@email.com", | ||
"password": "string" | ||
} | ||
``` | ||
|
||
### Create JWT Token: | ||
|
||
Your route must expect a user id (e-mail) and a password, a **jwt** encode with **secret** must be performed, use the **HS256** algorithm for the token and expire in **30 min** | ||
|
||
### Response: | ||
|
||
- After successfully processing the input data and storing the user information, the endpoint should return a status code of 200 OK. With JSON token: | ||
|
||
```json | ||
{ | ||
"access_token": "string", | ||
"token_type": "string" | ||
} | ||
``` | ||
|
||
- If the user is not found, return a status code of 401 unauthorized, with the following message: | ||
|
||
|
||
```json | ||
{ | ||
"detail": "Incorrect username or password" | ||
} | ||
``` | ||
|
||
### API Documentation | ||
|
||
- As a bonus, provide Swagger documentation for the `auth` route, offering insights into its expected input, output, and behavior. | ||
|
||
### Unit Testing: | ||
|
||
- Integrate unit tests to ensure the reliability of the route under various scenarios. Tests should cover, at a minimum: | ||
- Successful user login. | ||
- Validation failures (incorrect email format, invalid date, etc.). | ||
- Proper password hashing and retrieval. | ||
|
||
|
||
## Final Considerations: | ||
|
||
- Prioritize best practices concerning code structure, error handling, security, and scalability. | ||
- Make sure to handle potential database errors or conflicts, such as duplicate email addresses. | ||
|
||
Embarking on challenges like this offers a unique opportunity to showcase your skills. We wish you the best and eagerly await your innovative solution! | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
# Front-end Developer Technical Challenge 3 | ||
|
||
|
||
## Objective: | ||
|
||
Your primary mission is to design and implement a user-friendly interface form to user login interface that interacts with the `auth` route for user login. You are expected to craft this interface in your preferred language/framework. | ||
|
||
## Specifications: | ||
|
||
### 1. User Login Form: | ||
|
||
- Your interface should provide a login form containing the following fields: | ||
- User ID (to be filled with an email): userid | ||
- Password: password | ||
|
||
The form structure should closely align with this JSON model: | ||
|
||
```json | ||
{ | ||
"userid": "john.doe@email.com", | ||
"password": "string" | ||
} | ||
``` | ||
|
||
### 2. API Communication: | ||
|
||
- To gain a better understanding of the request details and expected API responses, you are encouraged to refer to the comprehensive API documentation available at: [http://localhost/docs#/auth/login_auth__post](http://localhost/docs#/auth/login_auth__post). | ||
- The API will return a JSON object containing the access token and token type. You should store the access token in the browser's local storage for future requests. | ||
- The access token should be sent in the `Authorization` header of all future requests to the API. | ||
- The access token should be prefixed with the token type and a space, like this: `Bearer <access_token>` | ||
|
||
**Response example**: | ||
|
||
```json | ||
{ | ||
"access_token": "access_token", | ||
"token_type": "bearer" | ||
} | ||
``` | ||
|
||
### Bonus: | ||
|
||
- Unit Testing: As an added advantage, we'd be highly impressed if you can integrate unit tests for the designed interface. It will provide us with a clear understanding of your proficiency in ensuring the robustness and reliability of your implementations. | ||
|
||
## Final Considerations: | ||
|
||
- Your user interface should not only be functional but also intuitive and user-friendly. | ||
- The design should take into account both aesthetics and usability. | ||
- Be sure to write a good README guiding how to run your project, dependencies and what you think is necessary to install and run the project. | ||
|
||
Challenges like this offer a unique opportunity to showcase your skills. We wish you the best and eagerly await your innovative solution! |