Server API HTTPS and JSON

Server API is based on HTTPS and JSON. Clients send messages to the server following the API, and handleresponses from the server.For overview and further details on the requirements of the system, see the course project workrequirements elsewhere. This document only documents the API that must be supported by server andclient implementations.Please note that automatic tests will be conducted to verify the functionality. Therefore, both the serverand the client MUST follow this API. Failing to do so fails the tests.Ifspecific input/output is given in therequirements, it must be the same in your coursework.

ignment specificationsMinimum requirementsThis section provides the minimum requirements for the coursework, ALL requirements must be completedREQ1 All text in HTTP body MUST be UTF-8.

REQ2 All content in the HTTP requests and responses MUST be JSON except for the error messages from server which may be text. REQ3 All dates and times in JSON content MUST follow the ISO 8601 date format in UTC time zone with

milliseconds, e.g. 2020-12-21T07:57:47.131Z.REQ4 All times must follow the following pattern: “2020-12-21T07:57:47.123Z” REQ5 HTTP Headers MUST contain the content size in bytes and content type using standard HTTP headers. REQ6 HTTP header Content-Type MUST be “application/json”. REQ7 Database MUST be used to store all user sent data 1.1. Feature 1: User can sendinform others about a sightseeing locationURL: https://server.url/infoRequest type: POSTResponse code for successfully operation: 200

Response code failed operation: 400-499Header information that must be included in minimum:Where:locationName is the name of the location and can be chosen by the user-locationDecription where user can provide a short freely written description about thelocationlocationCity is the name of the city where the sightseeing location isocationStreetAddress is the local address for the sightseeing locationusername)originalPostingTime time when the user sent the location information, represented in UTCNOTE: The server doesn’t care whether same location has been sent multiple times so you must make sureevery location information is unique even it has the same information1.2. Feature 2: Get sightseeing locations posted by users]NOTE: Server MAY also response with 204 and empty response body if there are no coordinates to deliverto the client.1.3. Feature 3: Register and authenticateURL:https://server.url/registrationRequest type: POSTResponse code for successfully operation: 200Response code failed operation: 400-499Header information that must be included in minimum: -Content-Length: size of the content

-Content-Type: application/jsonAuthorization: N/A (user can register an account without previous credentials)Data format for registering user: {“userName” :“username”,“password” : “password”,“email” : “user.email@for-contacting.com”,“userNickname” :“Pekka”}Description: Server MUST NOT accept other than registrationrequests from unauthorized clients. Client MUST sendpasswords using HTTPS. Passwords MUST not be sentover insecure HTTP connections. Server MUST not

store the plain password, but only store a hash of it. A good hash function MUST be used to make surehashed passwords are secured and as unique as possible to avoid ollisions.For other than registration requests, users MUST be authenticated using Basic HTTP authentication (seeReferences). Authentication MUST be done over HTTPS using the Authorization header, whereusername:password string MUST be UTF-8.1.4. Feature 4: User can attach coordinate information to the sightseeingdata: https://server.url/infoRequest type: POSTResponse code for successfully operation: 200Response code failed operation: 400-499Header information that must be included in minimum: -Content-Length: size of the content-

Content-Type: application/jsonAuthorization: only registered users can perform this operation

Data format for posting a sightseeing location: ere:latitude and longitude represent a geolocation based on java html geolocation api (such as used ingoogle maps for example).NOTE: Coordiates are not mandatory, if no代写Server API  HTTPS and JSON  coordinates exist for a sightseeing location, no coordinateinformation is provided in a message whenrequested from the server.Advanced APIAny of the following features successfully implemented (passes unit tests and matches requirements)ncreases the assignment grade by 1. For example,if two additional features are implemented successfully,the grade of the assignment 3. If all exercises are also successfully completed, the final course grade is 4.Feature 5: Attach weather when sightseeing information is requestedURL: https://server.url/infoRequest type: POSTResponse code for successfully operation: 200Response code failed operation: 400-499:-weather is a integer, double or “1C” representation of weather given from the weather serviceOther information:-User can opt to attach weather information-Weather information is based coordinate location-Weather information is obtained from custom build service that provides basic weatherbased on coordinate-Themessages with weather information must contain temperature information from the locatiospecified in the request-The weather service will be provided separately, the server must send the coordinates to theweather service that will provide the weather information to be added to the coordinatesFeature 6: User can create sightseeing paths with custom tour messageURL: https://server.url/paths

Request type: POSResponse code for successfully operation: 200Response code failed operation: 400-499Header information that must be included in minimum:

Content-Type: application/json: only registered users can perform this operatioData format for posting a visit to a site:{“locationName” : “Oulun Tuomiokirkko”,locationDescription”: “ai_auto_fill”,“locationCity”: “Oulu”,“locationCountry” : “Finland”,“locationStreetAddress“Kirkkokatu 3 A”,“originalPoster” : ”Pekka”,moodleAdditional Quality ImprovementsIf the software quality is high enough, the final grade of the assignment can be increased by 1. Note thatthese are evaluated by the teacher and there are no guidelines what is required in minimum. Here arexamples of the quality aspects we look for:

• Properly commented code/interfaces
• Usage of unit tests
• Old messages are archieved after certain amount of time (for example after 2 months the messagesare removed from the actual database to for example a text file or other database to prevent theatabase becoming too large affecting the speed of it)

• System backup
• System recovery
• Clean cod