# Assignment: Review Routing
## Project structure
Your project folder will look like:
```|- bin/
|- controllers/
|- auth.controller.js
|- category.controller.js
|- order.controller.js
|- product.controller.js
|- review.controller.js
|- user.controller.js
|- models/
|- Category.js
|- Order.js
|- Product.js
|- Review.js
|- User.js
|- public/
|- routes/
|- index.js
|- auth.api.js
|- category.api.js
|- order.api.js
|- product.api.js
|- review.api.js
|- user.api.js
|- .env
|- .gitignore
|- app.js
|- package.json
|- README.md
```
`routes/` stores `.api` files that determine routes end point which is a URI and a specific HTTP request method (**GET**, **POST**, and so on). Each route have a handler function which is defined in `.controller` file.
`models/ `stores the schemas that map with the collections in your MongoDB.
## Design the endpoints
In this step, we are designing REST APIs for our application. The main question is how to apply REST principles in design process?
The very first step is identifying the objects which will be presented as resources, which are:
- auth: for authentication process
- category: category of product (create, read, update, delete)
- order: CRUD of orders of users
- product: everything about product
- review: CRUD of reviews of products
- user: CRUD of user accounts
Next, it's time to decide the resource URIs which are endpoints of our RESTful services. Think about the relationship between resources and its sub-resources (e.g. Product vs Category, User vs Order).
```
/*
* @route GET api/products?page=1&limit=10 - Get all products
* @route GET api/products/category/:id?page=1&limit=10 - Get all products with specific category
* @route POST api/auth/register - Create a new account
* @route PUT api/users/me - Update user profile
* @route DELETE api/reviews/:id - Remove a review
*/
```
_Notice_: URIs should be nouns only, don't use any verb or operation like:
```// don't do this
-@route POST api/products/create_blog - Create a new product
```
### Assign HTTP Methods:
A user can perform browse, create, update, or delete operations. Typically we assign:
- **GET** for browsing
- **POST** for creating
- **PUT** for updating
- **DELETE** for removing
### Authorization:
If there are different roles of users in your system, you should pre-define who can see/do what. Example: we allow everyone to see the list of products so the endpoint will look like:
```
/**
* @route GET api/products?page=1&limit=10
* @description Get products with pagination
* @access Public
*/
```
But if user want to write a review, they need to login, so the endpoint will be defined:
```
/**
* @route POST api/review
* @description Create a new review for a product
* @access Login required
*/
```
## Assignments:
- Design endpoints for `Product` base on [ecommerce API ](https://coderschool.notion.site/E-commerce-API-Documentation-2c2beec14d1247ce95a62d319d212509)
- Design all the `Admin required` missing endpoint for the [ecommerce API ](https://coderschool.notion.site/E-commerce-API-Documentation-2c2beec14d1247ce95a62d319d212509)
- Design at least 2 missing endpoints that you can think of from the e-commerce API
- Think about schema model for e-comerce project. It's worth to think about it seriously because the database is the core of your application.
Sign in with Wallet
Connect another wallet