Nerdware-LLC / fixit-api

• 🗺️ Project Overview
• 📖 API Schema
  • REST Endpoints Diagram
  • GraphQL Schema
• 🔐 User Authentication
• 🗄️ DynamoDB Database
  • Fixit-API Access Patterns
  • Single Table Design
• 📦 CI/CD Pipeline
  • GitHub Actions
  • Git Workflow
  • Codegen
• 📝 License
• 💬 Contact

The Fixit API provides a robust, scalable, and secure backend for the Fixit SaaS product, which provides users with powerful tools for managing maintenance and repair workflows, including in-app payments powered by Stripe.

This API exposes both REST and GraphQL endpoints:

The below diagram outlines every available REST API endpoint. Endpoint graph nodes have color-coded outlines indicating the level of authentication required for user access:

• Endpoints outlined in yellow require authentication via auth token (for more info, see Fixit-API User Authentication)
• Endpoints outlined in pink require both authentication and an active subscription (for more info, see Fixit SaaS Products)

flowchart LR
  root("/api") --> api("/api \n­\n • GraphQL API entrypoint")
  root --> admin("/api/admin \n­\n • CSP reports and \n healthchecks")
  root --> auth("/api/auth \n­\n • User registration and logins \n (administers auth tokens)")
  root --> connect("/api/connect \n­\n • Stripe Connect \n endpoints")
  root --> subs("/api/subscriptions \n­\n • Endpoints for managing \n Fixit subscriptions")
  root --> webhooks("/api/webhooks \n­\n • Webhook endpoints")
  subgraph gql ["ApolloServer GraphQL Endpoint"]
  api
  end
  subgraph express ["REST Endpoints"]
  admin --> csp("/api/admin/csp-violation \n­\n • CSP #quot;report-to#quot;" target)
  admin --> healthcheck("/api/admin/healthcheck \n­\n • Healthchecks target")
  auth --> register("/api/auth/register \n­\n • User registration")
  auth --> login("/api/auth/login \n­\n • User logins via Local\n or OAuth mechanisms")
  auth --> googleToken("/api/auth/google-token \n­\n • User logins via Google\nOAuth2 OneTap FedCM")
  auth --> token("/api/auth/token \n­\n • Refreshes auth tokens")
  connect --> accountLink("/api/connect/account-link \n­\n • Returns a link to the Stripe-hosted\nConnect onboarding portal")
  connect --> dashboardLink("/api/connect/dashboard-link \n­\n • Returns a link to the Stripe-hosted\naccount management portal")
  subs --> promo("/api/subscriptions/check-promo-code \n­\n • Validates user promo code inputs")
  subs --> pay("/api/subscriptions/submit-payment \n­\n • Handles payments for \n Fixit subscriptions")
  subs --> portal("/api/subscriptions/customer-portal \n­\n • Provides subscription \n management portal for users")
  webhooks --> whStripe("/api/webhooks/stripe \n­\n • Stripe webhooks handler")
  webhooks --> whCustomer("/api/webhooks/* \n­\n • Other webhooks")
  end

  classDef default fill:#1f2020,stroke:#7aa4c9,stroke-width:1px
  classDef authenticationRequired stroke:#f1ff2e
  classDef authAndSubscriptionRequired stroke:#ec4dbf,stroke-width:2px
  classDef subgraphArea fill:#474949,color:#e3e3e3

  class promo,token,pay,portal,accountLink,dashboardLink authenticationRequired
  class api authAndSubscriptionRequired
  class express,gql subgraphArea

Check out the Fixit GraphQL Schema Explorer on Apollo Studio. There you'll find excellent tools for exploring the latest version of the Fixit GraphQL schema:

• Documentation for all available objects, queries, mutations, and subscriptions.
• An explorer for trying out operations with mock responses.
• A comprehensive changelog for the schema SDL.

This API uses self-vended JSON Web Tokens to manage user authentication and authorization.

This API uses a single DynamoDB table with primary keys pk and sk, along with an overloaded data index attribute which supports a range of flexible queries using two GSIs: Overloaded_SK_GSI and Overloaded_Data_GSI.

• USERS
  • Find a User by their email
  • Find a User by their user ID
  • Find a User by their phone
  • Update a User's Subscription by sub ID
  • Find a User's StripeConnectAccount by its ID
  • Find a User's Subscription by its ID
  • Find a User's Profile by its ID
• CONTACTS
  • Find a Contact by contact ID
  • Find a User's Contacts using their user ID
• INVOICES
  • Find an Invoice by ID
  • Find a User's Invoices using their user ID
  • Find a User's Invoices by STATUS
  • Find Invoices wihtin a given date range
• WORK ORDERS
  • Find a WorkOrder by ID
  • Find a User's WorkOrders using their user ID
  • Find WorkOrders within a given date range

This project's CI/CD pipeline uses GitHub Actions to test, release, and deploy code changes.

1. Test - Runs test suites, adds test and coverage info to PRs, and updates CodeCov.
2. Release - Creates a new GitHub release using Semantic Release.
3. Deploy - Builds a Docker image, pushes it to Amazon ECR, and updates the ECS Task Definition and associated ECS Service.

This project uses uses GitHub Flow to deploy two live environments - staging and production - both of which are associated with a Git branch for releases:

Project versioning and the CHANGELOG.md are managed automatically via GitHub Actions and Semantic Release.

For more information on how new code is integrated and deployed, check out the guide to CONTRIBUTING.

TypeScript types are generated using GraphQL Code Generator and the Fixit GraphQL schema. The same generated types are used throughout the entire Fixit stack.

When the Fixit GraphQL schema is updated during development, changes are automatically pushed to Apollo Studio, thereby enabling every component in the stack to use the latest version of the schema (or any particular previous version, if necessary). The schema changes are pulled into other Fixit repos using Rover GitHub Actions, but can also be pulled imperatively using the Rover CLI.

All files, scripts, and source code contained herein are proprietary use only by Nerdware, LLC.

See LICENSE for more information.