A project that was created to earn a certificate from freeCodeCamp and allows users to trade books when they have an account.
Passport is used in order to use OAuth for the following:
- GitHub
For security, this project uses:
- CryptoJS to encrypt and decrypt users' addresses and zip/postal codes with AES
- NOTE: All KEYS are STORED in keys.xml
- bcrypt to hash and verify passwords
- Helmet for extra protection
For privacy, this project protects users' privacy by:
- Giving users control over the profile data that is shared
- NOTE: All PROFILE DATA is PUBLIC by DEFAULT
- Not requiring users to share accounts via OAuth
- Only requiring accounts to have a username and password
Three location APIs are used to display menu options:
Here are all URL paths that are used in this website.
- / - Redirects to /books
- /logout - Allows users to logout
- Redirects to /books
- /books - Shows all books
- Displays the index.html file
- /books/:bookId/update - Form handler for the Edit Book form
- /books/:bookId/delete - Form handler for the Delete Book form
- /books/:bookId/requests - Shows all requests for books
- Displays the bookRequests.html file
- /books/my - Shows the user their books
- Displays the myBooks.html
- Requires the user to be logged in
- Redirects to /books when logged out
- /requests - Show all requests
- Displays the requests.html file
- /requests/new - Allows new requests to be created
- Displays the createRequests.html file
- Requires the user to be logged in
- Redirects to /books when logged out
- /requests/new/books - Form handler for the main form in /books and /books/my
- Redirects to /requests/new
- /requests/new/books/select - Gets books available to be given or taken during trades
- Requires the user to be logged in
- Redirects to /books when logged out
- Requires the user to be logged in
- /requests/:requestId/accept/:id - Accepts requests/trades
- Requires the user to be logged in
- Redirects to /books when logged out
- When successful, redirects to /requests
- Requires the user to be logged in
- /requests/:requestId/cancel - Cancels requests/declines trades
- Requires the user to be logged in
- Redirects to /books when logged out
- When successful, redirects to /requests
- Requires the user to be logged in
- /trades - Shows all trades that have occurred
- Displays the trades.html file
- /users - Shows all users
- Displays the users.html file
- /users/:id - Shows a user's profile
- Displays the profile.html file
- Requires the user to be logged in
- Redirects to /books when logged out
- /users/:id/books - Shows another user's books
- Displays the books.html file
- /users/:id/unlink/:authId" - Allows users to remove linked accounts
- Requires the user to be logged in
- Redirects to /books when logged out
- When successful, redirects to /users/settings
- Requires the user to be logged in
- /users/edit - Allows users to update their accounts
- Displays the editProfile.html file
- Requires the user to be logged in
- Redirects to /books when logged out
- /users/settings - Allows the user to change their settings
- Displays the settings.html file
- Requires the user to be logged in
- Redirects to /books when logged out
- /users/notifications - Allows the user to view notifications
- Displays the notifications.html file
- Requires the user to be logged in
- Redirects to /books when logged out
- /login - Allows users to login
- Redirects to /books when the user is logged in
- /signup - Allows users to create accounts
- Redirects to /books when the user is logged in or has signed up
- /password/reset - Allows users to reset their password
- When successful, redirects to /login or /users/settings
- /password/update - Allows users to update their password
- /auth/github - Where GitHub OAuth to take place
- /auth/github/callback - Callback URL path during OAuth
- Redirects to /books when successful
- Redirects to /login or /signup when unsuccessful
- /auth/facebook - Where Facebook OAuth to take place
- /auth/facebook/callback - Callback URL path during OAuth
- Redirects to /books when successful
- Redirects to /login or /signup when unsuccessful
- /auth/twitter - Where Twitter OAuth to take place
- /auth/twitter/callback - Callback URL path during OAuth
- Redirects to /books when successful
- Redirects to /login or /signup when unsuccessful
- /auth/google - Where Google OAuth to take place
- /auth/google/callback - Callback URL path during OAuth
- Redirects to /books when successful
- Redirects to /login or /signup when unsuccessful
- /api/users - Allows all users to be sent to the client
- /api/users/:id - Allows a specific user to be sent to the client
- /api/users/:id/books - Allows the user's books to be sent to the client
- /api/books - Allows all books to be sent to the client
- /api/books/:bookId/requests - Allows all requests for a book to be sent to the client
- /api/requests - Allows all requests or trades to be sent to the client
- /api/countries - Allows all countries to be sent to the client
- /api/countries/:cntry - Allows a country to be sent to the client
- /api/countries/:cntry/addresses/:text - Allows all addresses in a country to be sent to the client
- /api/countries/:cntry/states - Allows all states in a country to be sent to the client
- /api/countries/:cntry/cities - Allows all cities in a country to be sent to the client
- /api/countries/:cntry/states/:st/cities - Allows all cities in a state to be sent to the client
- /api/countries/:cntry/zipPostalCodes/:zipPostal/states - Allows all states to be sent to the client based on country and zip/postal code
- /api/countries/:cntry/zipPostalCodes/:zipPostal/cities - Allows all cities to be sent to the client based on country and zip/postal code
- /api/countries/:cntry/states/:st/cities/:city/zipPostalCodes - Allows all zip/postal codes to be sent to the client based on country, state, and city
- /api/states - Allows states from around the world to be sent to the client
- /api/addresses/:text - Allows addresses from around the world to be sent to the client
- /session/user - Allows the current user's data to be sent to the client
- /session/books - Allows the book IDs part of requests to be sent to the client
- /session/success - Allows success messages to be sent to the client
- /session/auth/error - Allows OAuth error messages to be sent to the client
- /session/auth/accounts - Allows the current user's linked accounts to be sent to the client
- /session/notifications - Allows notifications to be sent to the client
Favicon Generator
Social Buttons for Bootstrap
React Router Setup
GitHub OAuth
Facebook OAuth
Twitter OAuth
Google OAuth
Country State City API
Zippopotamus API
LocationIQ's Autocomplete API