The API should have the following functionality for the terraform-hashicups-provider. The terraform-hashicups-provider will be modeled after the terraform-provider-dominos and be used to teach practitioners how to create new Terraform providers and hack existing providers.

JWT Token

Any endpoint that needs auth must have this header: Authorization: Bearer <token>. It will be a JWT token containing the user_id, username, and the token expiration date.

Endpoints

POST /signup

• Request Body: {'username': '', 'password': '' }
• Returns success message
• Description:
  • Creates a new user

POST /signin

• Request Body: {'username': '', 'password': '' }
• Returns a JWT token
• Description:
  • Signs in using username and password

POST /orders - needs auth

• Request Body: { 'order': [ { 'coffee_id': '', 'quantity': ''} ] }
• Returns order object (order_id, quantity and coffee ingredients)
• Description:
  • Creates a new order.
  • Takes in coffee id and quantity - assumes that the order will be fulfilled.

GET /orders - needs auth

• Returns list of current user's orders { 'orders': [ { 'order_id': '', 'datetime': ''} ] }

GET /orders/{id} - needs auth

• Returns a specific order
• Description:
  • User can only view their orders
  • Returns unauthorized if user attempts to view another user's order

PUT /orders/{id} - needs auth

• Request Body: { 'order': [ { 'coffee_id': '', 'quantity': ''} ] }
• Updates/upserts a current user's specific order

DELETE /orders/{id} - needs auth

• Deletes a current user's specific order