A RESTful server to serve data for the DAAM restaurant app.
To start it up:
npm install
npm run load-db
npm start
Make GET requests using Postman or Hoppscotch. But you'll need to authenticate to get to certain orders and other things.
Make a POST request to /login with {"username": ____, "password": "pass" }. (All passwords are pass until you decide to change them.)
- Servers are "server1", "server2", and "server3"
- Admin users are "admin", and "cmac"
- Regular users are "me", and all the other regular users whose usernames and passwords you can look up in the database.
Testing routes is tough when you have to log in before they work. So we've written a bypass. npm run start
and npm run watch
both start the server with all protections turned off. All routes are open without authentication.
Run node apiServer
without the --skipAuth flag.
See database.json for the final structure. Here's a general layout.
column | type | notes |
---|---|---|
id | number | Primary key |
name | string | |
description | string | |
category | string | free-form |
price | number | |
imageUrl | string | |
available | bool | false=doesn't appear on the menu |
TODO: Category should eventually be a collection/enum
column | type | notes |
---|---|---|
id | number | Primary key |
string | Also the username | |
password | string | Should be hashed but isn't |
first | string | |
last | string | |
phone | string | |
imageUrl | string | optional |
creditCard | object | {PAN, expiryMonth, expiryYear} |
adminUser | bool | true=Has administrator privilege |
column | type | notes |
---|---|---|
id | number | |
userId | number | |
orderTime | Date | |
pickupTime | Date | |
location | string | table or "doordash","ubereats", etc. |
tax | number | |
tip | number | |
creditCard | {} | {PAN: string, expiryMonth, expiryYear, cvv: string} |
items | Array[{}] | {cartItemId: number, itemId: number, price: number, notes: string,firstName: string} |
- authorization: only if user.isServer or user.adminUser or user.id === order.userId
- Authorization: Only if admin users only
- Authorization: Single user by that authenticated user only
- POST: body is the entire cart
- Authenticated user only
status | meaning |
---|---|
new | Guest has placed the order |
cooking | Kitchen staff is prepping the order |
readyForGuest | Ready for servers to deliver to the guest |
pickedUp | It looks accurate. I'm taking it to the guest |
delivered | Guest is happy with the order |
problem | The order has one or more issues |
completed | Paid for. The order is closed. |
Built on json-server