CattoAPI is a robust and versatile API solution designed to facilitate the management of posts, comments, likes, and email services in your applications. Built with .NET 8.0, it offers comprehensive features for user authentication, administrative actions, and seamless integration with various services. Whether you're building a social media platform, a blogging site, or any application requiring user interactions, CattoAPI provides the necessary endpoints and tools to get started quickly and efficiently.
- Overview
- Features
- Technologies Used
- Installation
- API Endpoints
- Security
- CustomResponse Class
- Blacklisting Tokens in Cache
- Dependencies
- Contact
CattoAPI is built using ASP.NET Core and utilizes various libraries and frameworks to provide robust functionality for managing users, posts, comments, likes, and email services. It includes features for token management, password reset via email, and role-based access control.
- Multi-language Support: Available in various languages including English, Spanish, French, and more.
- Comprehensive API Endpoints: Manage posts, comments, likes, and email services.
- Blacklist Token Management: Secure your API with token blacklisting.
- Email Services: Send and manage email notifications.
- Advanced Interaction Handling: Features for managing user interactions and post engagements.
- .NET 8.0: Framework for building and running the API.
- C#: Programming language used for development.
- SQL Server: Database management for data persistence.
- GitHub Actions: CI/CD workflows for automated testing and deployment.
To use CattoAPI, follow these steps:
-
Clone the repository:
git clone https://github.com/your-username/cattoapi.git cd cattoapi -
Configure the application:
- Set up your database connection in
appsettings.json. - Configure any environment-specific settings in
appsettings.{Environment}.json.
- Set up your database connection in
-
Build and run the application:
dotnet build dotnet run
The API will be accessible at
https://localhost:5001(orhttp://localhost:5000). -
Explore the API endpoints described below.
To use the API, make requests to the endpoints provided below. Here are some example requests:
-
Get All Accounts:
GET /api/Accounts
-
Get Account by ID:
GET /api/Accounts/id/{strId}
-
Get Account by Email:
GET /api/Accounts/email/{email}
-
Search Accounts:
GET /api/Accounts/search
-
Change Password:
PUT /api/Admin/Changepassword
-
Change Email:
PUT /api/Admin/changeEmail
-
Change Username:
PUT /api/Admin/ChangeUserName
-
Change Role:
PUT /api/Admin/ChangeRole
-
Verify Account:
PUT /api/Admin/VerifyAccount
-
Remove Profile Picture:
DELETE /api/Admin/RemovePFP
-
Delete Account:
DELETE /api/Admin/DeleteAccount
-
Get User Comments:
GET /api/User/Comments
-
Post a Comment:
POST /api/User/Comments
-
Edit a Comment:
PUT /api/User/Comments
-
Delete a Comment:
DELETE /api/User/Comments
-
Get Post Comments:
GET /api/Posts/Comments
-
Send Verification Email:
POST /api/EmailServices/SendVerficationEmail
-
Verify Email:
PUT /api/EmailServices/VerifyEmail
-
Send Change Password Email:
POST /api/EmailServices/SendChangePasswordEmail
-
Change Password:
PUT /api/EmailServices/ChangePassword
-
Get Post Likes:
GET /api/Likes/post
-
Get User Likes:
GET /api/Likes/user
-
Post a Like:
POST /api/Likes
-
Delete a Like:
DELETE /api/Likes
-
User Login:
POST /api/login
-
Get User Posts:
GET /api/User/Posts/GetPosts
-
Post a New Post:
POST /api/User/Posts/PostaPost
-
Edit a Post:
POST /api/User/Posts/EditaPost
-
Delete a Post:
DELETE /api/User/Posts/DeletePost
-
User Signup:
POST /api/Siqnup
-
Get User Data:
GET /api/User/GetData
-
Change Password:
PUT /api/User/ChangePassword
-
Change Profile Picture:
PUT /api/User/ChangePFP
-
Get User by ID or Username:
GET /api/User/{strIdOrUsername}
-
Get User Posts by ID or Username:
GET /api/User/{strIdOrUsername}/posts
{
"accountId": "integer($int64)",
"email": "string",
"userName": "string",
"pfp": "string($byte)",
"role": "string",
"verified": "boolean"
}{
"email": "string",
"probertyChange": "string"
}{
"oldPassword": "string",
"newPassword": "string"
}{
"commentId": "integer($int32)",
"commentText": "string"
}{
"postId": "integer($int32)",
"data": "PostaPostModel"
}{
"postId": "integer($int32)",
"commentText": "string"
}{
"postText": "string",
"postPictrue": "string"
}{
"emailOrUserName": "string",
"password": "string"
}{
"email": "string",
"userName": "string",
"password": "string",
"repeatPassword": "string"
}CattoAPI implements various security measures:
- Authorization: Endpoints are protected using JWT (JSON Web Token) authentication.
- Token Blacklisting: Tokens are blacklisted in memory cache to prevent reuse after a certain time.
- Password Management: Secure password storage and change processes are enforced.
The CustomResponse<T> class standardizes the shape of API responses across the application. It includes fields for response code, message, and optional data.
namespace cattoapi.CustomResponse
{
public class CustomResponse<T>
{
public CustomResponse()
{
responseCode = 0;
responseMessage = string.Empty;
}
public CustomResponse(int responseCode, string responseMessage)
{
this.responseCode = responseCode;
this.responseMessage = responseMessage;
}
public CustomResponse(int responseCode, string responseMessage, T data)
{
this.responseCode = responseCode;
this.responseMessage = responseMessage;
this.data = data;
}
public int responseCode { get; set; }
public string responseMessage { get; set; }
public T? data { get; set; }
}
}Tokens are blacklisted in a cache after a certain time to prevent their reuse, ensuring that tokens issued before a password change are promptly invalidated.
Implementation Details
The BlackListTokensRepo class manages token blacklisting using an in-memory cache (IMemoryCache). It provides methods to blacklist tokens based on the account ID, timestamp, and token type (e.g., login token or email verification token).
using cattoapi.Interfaces.BlackListTokens;
using Microsoft.Extensions.Caching.Memory;
using static cattoapi.utlities.Utlities; // Assuming this includes TokenType enum
namespace cattoapi.Repos.BlackListTokens
{
public class BlackListTokensRepo : IBlackListTokensRepo
{
private readonly IMemoryCache _memoryCache;
public BlackListTokensRepo(IMemoryCache memoryCache) {
_memoryCache = memoryCache;
}
public Task BlacklistTokensAsync(int accountId, DateTime timestamp, TokenType tokenType)
{
int timeCached = 60; // default value
switch (tokenType)
{
case TokenType.Login:
timeCached = 3 * 60; // 3 hours
break;
case TokenType.EmailToken:
timeCached = 10; // 10 minutes
break;
}
_memoryCache.Set(accountId, timestamp, new MemoryCacheEntryOptions
{
AbsoluteExpirationRelativeToNow = TimeSpan.FromMinutes(timeCached)
});
return Task.CompletedTask;
}
public Task<bool> IsTokenBlacklisted(int accountId, DateTime issuedAt)
{
if (_memoryCache.TryGetValue(accountId, out DateTime blacklistTime))
{
return Task.FromResult(issuedAt <= blacklistTime);
}
return Task.FromResult(false);
}
}
}CattoAPI relies on several key dependencies:
- ASP.NET Core: Web framework
- Entity Framework Core: ORM for database operations
- Microsoft.Extensions.Caching.Memory: Memory caching for token management
- Newtonsoft.Json: JSON serialization
- Microsoft.Identity.Client: Authentication library for JWT
For questions or inquiries, please contact us at [email protected].
Note
Please note that the code in this repository will not work out-of-the-box because appsettings.json is in .gitignore. This file typically contains sensitive information such as passwords, JWT keys, connection strings, and other configuration details specific to your environment. Before running the application, ensure you have set up your appsettings.json file correctly with appropriate values for your environment.