Giter VIP home page Giter VIP logo

naas-api's Introduction

naas-api

API for notifications service (notfications-as-a-service or NAAS) prototype

Development

Requirements:

  • Ruby 2.0+
  • Bundler
  • Ngrok or localtunnel if you wish to send live messages.
    • Note: these tools are likely not approved for use on any government network.

Running the app locally

  1. Configure application secrets in /config/secrets.yml
  • If you'd like to send live messagse, you will need to register for API credentials and a phone number with Twilio.
  1. Bundle application dependencies with bundle,
  • Install the latest version of bundler with gem install bundler
  1. Setup the database with rake db:setup db:migrate
  2. Start the server with bin/rails s and your application will be running at http://localhost:3000

Running the specs

  1. To run the suite of specs, simply run rake.

Deploying to cloud.gov

  1. Install the CloudFoundry client and authenticate with cloud.gov.
  1. The name of the application can be defined with the environment variable APP_NAME, otherwise, it will be deployed as naas-api upon executing bin/cf_push.

API Interaction

Authenticate

Retrieve API credentials from server:

curl -H "Content-Type: application/json" -X POST -d '{"email":"[email protected]","password":"123123123"}' http://localhost:3000/authenticate

This will return the api key to use in future requests:

{"auth_token":"eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjo0LCJleHAiOjE1MTU3OTUxNzZ9.JN7aLcS1l7PS6GPE0B5KA7iozZ4AIClNa3wtb7yuviI"}

Create Users and Notifications

First let's create a user

curl -H "Content-Type: application/json" -H "Authorization:eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjo0LCJleHAiOjE1MTU3OTUxNzZ9.JN7aLcS1l7PS6GPE0B5KA7iozZ4AIClNa3wtb7yuviI" -X POST -d '{"last_name": "Marsh", "email": "[email protected]", "password":"evenfakerer","password_confirmation":"evenfakerer", "phone": "1234567"}' http://localhost:3000/users

The endpoint will return json of the newly created resource if the operation was successful

{"id":5,"email":"[email protected]","first_name":null,"middle_name":null,"last_name":"Marsh","phone":"1234567","created_at":"2018-01-11T22:25:53.282Z","updated_at":"2018-01-11T22:25:53.282Z","password_digest":"$2a$10$OIxhT7T6GzVmVJ/b761zM.GwxD0gcD/y8P.Um8cwI.kTfiIo4yD0e","name":null,"confirmed":null}

Now let's create a sample notification. Agencies can have multiple notifications that multiple users can subscribe to.

curl -H "Content-Type: application/json" -H "Authorization:eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjo0LCJleHAiOjE1MTU3OTUxNzZ9.JN7aLcS1l7PS6GPE0B5KA7iozZ4AIClNa3wtb7yuviI" -X POST -d '{ "name": "General Alert", "created_by":"1" }' http://localhost:3001/notifications

The created_by column is the id of the Agency user creating the notification

User Subscribe to Notifications

With users and notifications added to the application we now demonstrate a user subscribing to a notification.

curl -H "Content-Type: application/json" -H "Authorization:eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjo0LCJleHAiOjE1MTU3OTUxNzZ9.JN7aLcS1l7PS6GPE0B5KA7iozZ4AIClNa3wtb7yuviI" -X POST -d '{ "name": "General Alert", "user_id":"1" }' http://localhost:3001/notifications/3/user_subscriptions

This request, in plain language, can be read as the user with id of 1 subscribed to notification 3 (the notification) we just created), this notification is maintained by its related agency.

User confirms mobile number

Before a user can receive SMS alerts they must first confirm their mobile phone number, by submitting their number as follows.

curl -H "Content-Type: application/json" -H "Authorization:eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjo0LCJleHAiOjE1MTU3OTUxNzZ9.JN7aLcS1l7PS6GPE0B5KA7iozZ4AIClNa3wtb7yuviI" -X POST -d '{"phone": "8082246036",
                             "body":"A Sample Subscribe Message", "source_app": "my_app_name"}' http://localhost:3001/subscribe

The user will then receive a message that they must respond to for confirmation, the language of this message can be customized at the agencies request. Once the user responds their profile is marked as confirmed to receive SMS messages.

Agency admin sends message

For now an Agency can send a group or targeted message by activing a notification by sending an HTTP POST as follows, the agency can provide the message body in the request, if a message is not provided the notification will be sent with a body that was saved with the notification when it was created.

curl -H "Content-Type: application/json" -H "Authorization:eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjo0LCJleHAiOjE1MTU3OTUxNzZ9.JN7aLcS1l7PS6GPE0B5KA7iozZ4AIClNa3wtb7yuviI" -X POST -d '{ "body": "Hello from NAAS"}' http://localhost:3001/notifications/3/send_group_notification

Public domain

This project is in the worldwide public domain. As stated in CONTRIBUTING:

This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the CC0 1.0 Universal public domain dedication.

All contributions to this project will be released under the CC0 dedication. By submitting a pull request, you are agreeing to comply with this waiver of copyright interest.

naas-api's People

Contributors

jontours avatar amoose avatar

Stargazers

Lauren Ancona avatar

Watchers

James Cloos avatar avatar Lauren Ancona avatar avatar

Forkers

isabella232

naas-api's Issues

Task: create 'unread' status for notifications

As a user of NaaS
and a user of login.gov
I want to see all of my past notifications
and see which ones I have not dismissed on login.gov

Acceptance stories

Related: #13

Scenario 1: I want to subscribe to a type of notification and view unread notifications in login.gov
Given I have subscribed to a notification type on an agency website
And I have a login.gov account
When I am logged in to login.gov
Then I see all of my unread notifications
And I can dismiss them

Scenario 2: I want to dismiss unread notifications in my login.gov profile
Given I have a login.gov account
And I have subscribed to a notifications on an agency website
When I log in to login.gov
Then I see my unread notifications
And I can dismiss them to remove the unread status.

task: document shortcode requirement/considerations

Twilio shortcodes are a big impediment to 1-click functionality. A shortcode is required for broadcast notifications and removes rate limiting.

considerations
document alternatives to twilio
other existing approaches ie. packages vs. individual channels

Task: demonstrate integration with Tock

Our first user story should work as the foundation for a simple integration with Tock to be notified if you haven't filled out your timecard before Monday morning. Allow users to opt-in to the notification and provide documentation to the Tock team to generate notifications.,

Task: demonstrate integration with login.gov

As a registered login.gov user
I want to see all of my notifications in one place
and update my notification methods
so that I always receive my notifications
and I always know what notifications I am subscribed to

Acceptance stories

Scenario 1: I want to view my subscriptions and notifications in one place.
Given I have subscribed to at least one notification type
And I have a login.gov account
When I am viewing login.gov
Then I see my notifications and subscriptions

Scenario 2: I am an existing user of login.gov
Given
When
Then

Task: allow agency to programmatically generate notifications to users

As a registered agency user of NaaS
I want to send notifications to my users
So that they can be notified when a process has completed.

Acceptance stories

Scenario 1: I want to notify my users when a process has completed.
Given a specific process has completed and I want to notify the user
And the user has successfully subscribed to the corresponding type
When I send a RESTful API request
Then my users are notified with my message

๐Ÿ’ This task assumes that the agency user has already allowed users to subscribe to a notification type and the agency user has obtained a valid API key from NaaS.

task: create a wiki

The history and world of notifications in the government.

  • how it started
  • how it's done today
  • how we see NaaS playing a part

NaaS API is one part of a whole thing that includes:

  • devops
  • scriptable providers (API versions, subscriber to NaaS API approaches, etc.)
  • documentation
    • approaches, examples

here's what we know:

GSA use case

  • secureauth
  • tsp
  • aloha
  • tock
  • emp express
  • fedvip
  • benefeds
  • CHRIS

everything is built with it's own notification "system" . it all adds up to additional cost and expense for ATOs and time managing individual systems. why is the UI diferent each time, etc. login.gov is the actual answer to your concerns. openid allows for native and excellent web UI/UX and complete notification channel and management.

task: update readme

  • add basic local dev instructions
  • update LICENSE
  • update CONTRIBUTING
  • add cloud.gov deploy instructions
  • elaborate on API usage

Task: enable user to subscribe to notification

As a user of an agency website
I want to subscribe to a specific type of notification
So that I can learn when a process has completed.

Acceptance stories

Scenario 1: I want Agency X to notify me when a process has completed.
Given I am on a government website
And I want to receive a notification
When I enter my mobile number in to a form
Then I receive a text message to my phone to confirm
And I must reply to confirm
Then I can receive these types of notifications in the future

Considerations

CORS - cross-origin resource sharing. We will need to enable CORS so that AJAX requests from other websites can POST to our domain.

Task: allow agency partner to self serve

User story

As an agency partner of NaaS
I want to register with NaaS
So that I can create notification types
And generate notifications

Acceptance stories

Scenario 1: I am an agency partner who wants to create custom notification types
Given a valid .gov email address
When I log in to the NaaS dashboard
Then I can create custom notification types
And can generate notifications to my custom notification types
And only my key(s) can generate notifications to my custom notification types

Scenario 2: I am an agency partner who wants to send notifications
Given a valid .gov email address
And can make authenticated API calls
When I log in to the NaaS dashboard
Then I can retrieve an API key
And can generate notifications to my notification types using my key
And only my key(s) can generate notifications to my custom notification types

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.