Back End technical description - sean-hale-dev/resume-org GitHub Wiki
This page documents the API endpoints within /src/server/server.js. Endpoints are managed by Express, and contain fairly standard Express logic including request bodies, response bodies, and data stored within both req and res. The endpoints documented are in the same order as they occur within the server file.
Key item: The primary action item that needs replacing is within the .env file in the same directory, which contains three API points.
MONGO_SERVER_URI: A link to the mongo server hosted in AWS EC2
MONGO_SEARCH_URI: Another link to the mongo server, using a user designated for search
PROMPT_API_KEY: This is for the parser API, which is accessed on line 19 of /src/server/server.js. For security sake, this information will be emailed to Stephen to avoid publishing API keys on github.
/api/resume-upload POST endpoint
Input: Post request containing a resume file a user ID for the requesting user.
Output: JSON object from "parseResume" function, and database updates
Info: This endpoint receives a resume when it is uploaded by an employee. It searches the database for the user, and parses their resume. If they had an old resume uploaded, that is deleted from the db. Finally, it updates the database entry for that user and returns JSON.
/api/resume-search POST endpoint
Input: Post request containing a search string and a user ID for the requesting user.
Output: JSON object from "resumeSearch" function
Info: This endpoint receives a search request from the manager's search page and validates authorization. Next, it searches the database based on the query input. Finally, it returns a JSON object of all of the employees found that match the query.
/api/resume-report: POST endpoint
Input: Post request containing a search string and a user ID for the requesting user.
Output: JSON object from "generateReport" function
Info: This endpoint receives a request (same format as Search requests) from the reports page, and validates authorization. Next, it searches the database based on the query input. Finally, it returns a JSON object of statistics on the overall database, such as total number of employees that match the query.
/api/resume-download: GET request
Input: Get request containing a resume ID and a user ID for the requesting user.
Output: File download of resume file
This endpoint receives a request from the "download resume" button. The database is queried, and the resume is returned to the front-end, and a download is offered to the user.
/api/login: POST request
Input: User credentials
Output: JSON object representing the employee that logged in
Info: This endpoint handles logging in. Calls the handleLogin function
/api/getProfile: GET request
Input: User ID, cookies from the user's browser
Output: JSON object containing the employee's profile data
Info: This endpoint uses cookies to check if the user is authorized: if so, their profile data is returned.
/api/updateProfile: POST request
Input: User ID, strings in body.details for profile fields to update.
Output: JSON object representing the employee who updated their profile
Info: This endpoint uses cookies to check if the user is authorized: if so, their profile details are updated using the body.details object, which is a JSON of fields to update, and their updated values.
/api/getResumeSkills: GET request
Input: User ID
Output: JSON of skills contained for that user
Info: This endpoint calls the getResumeSkillsByUserID function to handle database querying and creation of the json object.
/api/updateResumeSkills: POST request
Input: Array of skills
Output: Database updates, JSON object confirming success
Info: This endpoint calls the updateResumeSkillsByUserID function to handle database querying and creation of the json object.
/api/skill-display-names: POST request
Input: Nested arrays, representing skills in the database and their display names for the front-end.
Output: JSON object, database updates so that each skill has a "display name" string
Info: This endpoint is for aesthetic changes to the way that skills display on the front end. Skill strings are stored in the database in all lowercase, so this endpoint adds in a string in proper grammar, with capitalizations
/api/getAllSearchableSkills: GET request
Input: User ID
Output: JSON object of all searchable skills stored in the database
Info: This endpoint calls the getAllSearchableSkills function, which handles database querying and the creation of the JSON object
/api/getClientPermissions: GET request
Input: UserID
Output: JSON object of permissions of that user
Info: The three tiers of permissions are admin, manager, or employee, as documented in the Permissions Documentation page.
/api/adminGetProfiles: GET request
Input: UserID of an admin
Output: JSON of all profiles in the auth system
Info: This is an admin-only endpoint that displays every profile that exists in our auth system. This will likely not be useful once the tool is integrated into Active Directory
/api/adminUpdateProfile: POST request
Input: Admin userID, targetUserID of profile to update
Output: JSON confirming the fields that were updated
Info: This is an admin-only endpoint that force-updates a specific user's profile info. This will likely not be useful once it is integrated into Active Directory
/api/adminDeleteProfile: POST request
Input: Admin userID, targetUserID of profile to delete
Output: JSON confirming the profile was deleted
Info: This is an admin-only endpoint that force-deletes a specific user's profile, such as if they were fired. This will likely not be useful once it is integrated into Active Directory