Skip to content
This repository has been archived by the owner on Nov 22, 2018. It is now read-only.

The API that interfaces between C4Coin's Regulation A+ Crowdsale website and smart contracts

Notifications You must be signed in to change notification settings

C4Coin/api-regulation-a-plus-crowdsale

Folders and files

NameName
Last commit message
Last commit date
Apr 27, 2018
Mar 7, 2018
Feb 27, 2018
Mar 8, 2018
Feb 27, 2018
Mar 8, 2018
Feb 27, 2018
Feb 27, 2018
Feb 15, 2018
Feb 27, 2018
Mar 2, 2018
Mar 1, 2018
Feb 27, 2018
Apr 27, 2018
Mar 6, 2018
Feb 27, 2018
Apr 27, 2018
Apr 27, 2018
Feb 27, 2018

Repository files navigation

api-regulation-a-plus-crowdsale

Greenkeeper badge

The API that interfaces between C4Coin's Regulation A+ Crowdsale website and smart contracts

  • developCircleCI codecov
  • masterCircleCI codecov

Functional Requirements

The API Server supports the C4Coin Regulation A+ Crowdsale website.

  • Investor Registration

  • Password Reset

  • Two Factor Auth support (RSA token or similar)

  • Investor login

    • Investor KYC data upload/update (how to verify the person's details? send a postcard?)
    • Investor Ethereum Address Registration
    • Investor Ethereum Address Update
    • Buy Tokens
    • Logout
  • Admin login

    • Verify Potential Investor's Ethereum Address / KYC data
    • Unverify Investor Address
    • set USDConversionRate
    • finaliseCrowdsale
  • Get Public Crowdsale Data

    • startDate (UTC)
    • endDate (UTC)
    • tokens sold (integer)
    • isGoalReached (boolean)
    • isCapReached (boolean)
    • investor count
    • amountRaised (USD)

Security

  • The login feature will return a time-limited JOSE token containing encrypted user credentials.
  • all subsequent activities requiring user authentication will extract this token from the authorization header.
  • if the token expires a new one can be generated to replace it.

API Routes incomplete

GET /ping

Returns a heartbeat response.

200 Okay

{
  "response": "okay",
  "uptime": secondsSinceServerLaunch
}

GET /

Returns a list of API versions.

200 Okay

[
  {
    version: 1,
    path: '/api/v1'
  }
]

POST /api/v1/login (not implemented)

Logs a user in via simple credentials (can be enhanced later to support 2fa)

Body params

{
  username: 'string',
  password: 'string'
}

Returns

200 Okay

{
  token: 'some-jwt-that-must-go-in-the-header-to-remain-logged-in'
}

Error Response

401 Unauthorised

POST /api/v1/logout (not implemented)

Logs a user out

Returns

200 Okay

Development

Prerequisites

Initialisation

npm install

To Start the API server while working on API clients.

docker-compose up -d

Runs the database and server within docker, exposing the API on port 3001.

To Start the server to work on the server itself

npm install

Run docker-compose up -d db to only start Postgres,

Then run npm start to start the api server on port 3000

Seed some data

With the database running, run

I_KNOW_WHAT_I_AM_DOING=true npm run seed

Test it

run docker-compose up db -d to only start Postgres, then:

  • npm test — runs the unit tests (quick)
  • npm run test:db — runs the database tests (not so quick)
  • npm run test:server — runs the API endpoint tests (not so quick)
  • npm run test:all — runs all the tests (slowest of all)

Lint it

npm run lint

Deployment

The site will be deployed automatically to heroku once CircleCI has cleared a merge to either develop (staging server) or master (production).

Contributing

Please see the contributing notes.