| Index | Feature | HTTP Method | Route | Note |
|---|---|---|---|---|
| 1 | 管理者登入 | POST | POST /api/admin/signin | account, password |
| 2 | 管理者可以瀏覽所有使用者清單 | GET | GET /api/admin/users | need authentication |
| 3 | 管理者可以瀏覽全站的 tweets | GET | GET /api/admin/tweets | need authentication |
| 4 | 管理者可以刪除任一則 tweet | DELETE | DELETE /api/admin/tweets/:id | need authentication |
HTTP Method : POST
Request Parameters:No
Request Body :登入表單內的資料
| Request Name | Type | Required | Example | |
|---|---|---|---|---|
| 帳號 | account | STRING | True | 'Captain America' |
| 密碼 | password | STRING | True | 'youneverknow' |
Success Response:
Status Code: 200
{
"status": "success",
"token": "eyJhbGciVCJ9.eyJpZCI6MTIWFpbCTYzfQ.pBXEHFrghYO8"
}
Failure Response:
// 帳號或密碼錯誤 if account or password is not correct
Status Code: 500
{
"status": "error",
"message": "Error: Account or Password error!"
}
// 使用者禁止登入管理者後台,管理者也禁止登入前台
// if user insist to login on admin's login page or admin insist to login on user's login page
Status Code: 403
{
"status": "error",
"message": "Error: permission denied"
}
HTTP Method : GET
Request Parameters:No
Request Body :No
Success Response:
Status Code: 200
[
{
"id": 13,
"account": "user1",
"name": "user1",
"avatar": "<https://loremflickr.com/320/240/paris,girl/all>",
"banner": "<https://loremflickr.com/320/240/beach>",
"tweetCounts": 10,
"likeCounts": 3,
"followingCounts": 2,
"followerCounts": 6
},
{
"id": 14,
"account": "user2",
"name": "user2",
"avatar": "<https://loremflickr.com/320/240/paris,girl/all>",
"banner": "<https://loremflickr.com/320/240/beach>",
"tweetCounts": 10,
"likeCounts": 3,
"followingCounts": 8,
"followerCounts": 6
},
....
]
Failure Response:
// 未通過登入驗證
Status Code: 401
{
"status": "error",
"message": "unauthorized"
}
// current user's role 不是 admin
Satus Code: 403
{
"status": "error",
"message": "account not exist"
}
// 沒有任何一筆 user 資料
// 理論上來說,這個情況應該不可能發生,至少還是會有 root 這個人
// 未知實際情況會如何,還是放進來
Satus Code: 500
{
"status": "error",
"message": "Target users not exist."
}