Repository & Pull Request
https://github.com/knacksteem/knacksteem-api
https://github.com/knacksteem/knacksteem-api/pull/5
What is KnackSteem?
"Do you have any talent? If yes! then KnackSteem is for you."
"Rewards people with talents, it can be any talent, anything you know how to do best is highly welcome on the platform. "
Source: Discord Channel :D
Changes Made
Middleware to check if a user is a moderator
Since some endpoints will be exclusively for moderators, a middleware to check if the current user is a moderator is needed to avoid unauthorized access. Basically, this middleware will check the username saved from the last middleware in the chain and will ask the database if this user is a moderator. If so, it will move to the next middleware. Otherwise, will tell the client that this user is not authorized to perform such action.
Related code:
https://github.com/knacksteem/knacksteem-api/blob/master/src/api/middlewares/is_moderator.js
Middleware to check if a user is a supervisor
Same as the middleware mentioned above but in this case, for supervisors. The process is exactly the same but, of course, for supervisors.
Related code:
https://github.com/knacksteem/knacksteem-api/blob/master/src/api/middlewares/is_supervisor.js
Fetch all posts from Steem API using the permlinks from the database
As discussed with other developers in this project, we had to somehow query only our posts from the blockchain but having all the data updated. Also, we wanted to add custom filters like not-moderated posts, moderated posts, and so on. To achieve this, we've decided to only store author, permlink, and category of the post in the database. First, we grab all the permlinks and authors from the query and we make calls to the Steem API to complete the missing data of the posts. Thanks to libraries like async.js, we were able to make concurrent HTTP calls and join the results at the end.
Related code:
https://github.com/knacksteem/knacksteem-api/blob/master/src/api/controllers/posts.controller.js#L35
Query posts by author
The method above allowed us to re-use this same code to perform a query by author in the database and complete the data using the same process mentioned above.
Related code:
Documentation for endpoints
One of the things I really like about apidocs is that you can generate a documentation based on the comments of the routes in the API. For instance, look at the following:
/**
* @api {post} v1/posts/create Create Post
* @apiDescription Insert a post into the database
* @apiVersion 1.0.0
* @apiName createPost
* @apiGroup Posts
* @apiPermission user
*
* @apiHeader {String} Authorization SC2 User's access token
*
* @apiParam {String} permlink Permlink of the post
* TODO: Add validation to the parameters.
*
* @apiSuccess {Number} status http status response
* @apiSuccess {String} message http return message
*
* @apiError (Unauthorized 401) Unauthorized Only authenticated users can create a post
*/
router.route('/create').post(sc2Middleware, checkUserMiddleware, controller.createPost);
Will generate the following page:
Function to moderate a post
This is a moderation tool. Basically, it allows moderators and supervisors to edit the moderation object of any post. So, they can decide if the post is approved or not.
Related Code:
Commits Overview
- https://github.com/knacksteem/knacksteem-api/pull/5/commits/b8fafa67b7fda38f05b6f9fd64418b85a5d53330
- https://github.com/knacksteem/knacksteem-api/pull/5/commits/2d54636c18dee3d23dc90a5a38c9a5f58d60ed1a
- https://github.com/knacksteem/knacksteem-api/pull/5/commits/45b6daff9e186d22a1ac15a9f481085f83b30f0a
- https://github.com/knacksteem/knacksteem-api/pull/5/commits/8b1d3ab3f6021788ce25bb4b27cea76510feb761
- https://github.com/knacksteem/knacksteem-api/pull/5/commits/92c7f85decdf63dded74674fc545f27251634af9
- https://github.com/knacksteem/knacksteem-api/pull/5/commits/61c9ea373d2267bffe738228019082911bff429e
- https://github.com/knacksteem/knacksteem-api/pull/5/commits/cce2275910c078994ef981b1a2897b0d7585d5a5