Skip to main content
Version: 🚧 Canary

🛣️ User Route Blocks

User route blocks provide pre-configured HTTP endpoints for user management operations in Nodeblocks applications. These routes combine handlers, validators, and middleware to create complete API endpoints with proper authentication, authorization, and error handling.

🎯 Overview

User route blocks are designed to:

  • Provide complete API endpoints for user management operations
  • Combine handlers with validators for secure operations
  • Include authentication and authorization checks
  • Support functional composition patterns
  • Handle logging and error management automatically

📋 Route Structure

Each user route follows a consistent pattern:

  • HTTP Method: Defines the operation type (GET, POST, PATCH, DELETE)
  • Path: Specifies the endpoint URL with parameters
  • Handler: Composed function chain for business logic
  • Validators: Authentication and authorization checks

🔧 Available User Routes

createUserRoute

Creates a new user and returns the created resource.

Purpose: Handles user registration

Route Details:

  • Method: POST
  • Path: /users
  • Authentication: Required (Bearer token)

Handlers: createUser, getUserById, normalizeAvatarOfOwner, normalizeUser, orThrow

Validators: isAuthenticated, some(checkIdentityType(['admin']), isSelf(['params', 'requestBody', 'identityId']))

Usage:

import { routes } from '@nodeblocks/backend-sdk';

// Register route with Express app
app.use('/api', routes.createUserRoute);

getUserRoute

Retrieves a specific user by ID.

Purpose: Fetches user profile data with access control

Route Details:

  • Method: GET
  • Path: /users/:profileId
  • Authentication: Required (Bearer token)

Handlers: getUserById, normalizeAvatarOfOwner, normalizeUser, orThrow

Validators: isAuthenticated, some(checkIdentityType(['admin']), ownsProfile(['params', 'requestParams', 'profileId']))

Usage:

import { routes } from '@nodeblocks/backend-sdk';

// Register route with Express app
app.use('/api', routes.getUserRoute);

findUsersRoute

Retrieves all users with normalized list format.

Purpose: Lists users with pagination and admin-only access

Route Details:

  • Method: GET
  • Path: /users
  • Authentication: Required (Bearer token)

Handlers: findUsers, normalizeAvatarsOfOwners, normalizeUsers, orThrow

Validators: isAuthenticated, checkIdentityType(['admin'])

Usage:

import { routes } from '@nodeblocks/backend-sdk';

// Register route with Express app
app.use('/api', routes.findUsersRoute);

updateUserRoute

Updates an existing user and returns the updated resource.

Purpose: Modifies user data with access control

Route Details:

  • Method: PATCH
  • Path: /users/:profileId
  • Authentication: Required (Bearer token)

Handlers: getUserById, updateUser, getUserById, deleteAvatarIfReplaced, normalizeAvatarOfOwner, normalizeUser, orThrow

Validators: isAuthenticated, some(checkIdentityType(['admin']), ownsProfile(['params', 'requestParams', 'profileId']))

Usage:

import { routes } from '@nodeblocks/backend-sdk';

// Register route with Express app
app.use('/api', routes.updateUserRoute);

deleteUserRoute

Deletes a user by ID.

Purpose: Removes user account with access control

Route Details:

  • Method: DELETE
  • Path: /users/:profileId
  • Authentication: Required (Bearer token)

Handlers: deleteUser, deleteUserTerminator

Validators: isAuthenticated, some(checkIdentityType(['admin']), ownsProfile(['params', 'requestParams', 'profileId']))

Usage:

import { routes } from '@nodeblocks/backend-sdk';

// Register route with Express app
app.use('/api', routes.deleteUserRoute);

lockUserRoute

Locks a user account to prevent access.

Purpose: Disables user account access (admin only)

Route Details:

  • Method: POST
  • Path: /identities/:identityId/lock
  • Authentication: Required (Bearer token)

Handlers: lockUser, lockUserTerminator

Validators: isAuthenticated, checkIdentityType(['admin'])

Usage:

import { routes } from '@nodeblocks/backend-sdk';

// Register route with Express app
app.use('/api', routes.lockUserRoute);

unlockUserRoute

Unlocks a user account to restore access.

Purpose: Enables user account access (admin only)

Route Details:

  • Method: POST
  • Path: /identities/:identityId/unlock
  • Authentication: Required (Bearer token)

Handlers: unlockUser, unlockUserTerminator

Validators: isAuthenticated, checkIdentityType(['admin'])

Usage:

import { routes } from '@nodeblocks/backend-sdk';

// Register route with Express app
app.use('/api', routes.unlockUserRoute);

getAvatarUploadUrlRoute

Returns a signed URL for uploading avatar images via GET /user-profiles/:profileId/avatar-upload-url.

Purpose: Generates pre-signed URLs for secure avatar file uploads with automatic UUID filename generation

Route Details:

  • Method: GET
  • Path: /user-profiles/:profileId/avatar-upload-url
  • Authentication: Required (Bearer token)

Blocks: generateSignedAvatarUploadUrl, orThrow

Validators: isAuthenticated, some(checkIdentityType(['admin']), ownsProfile(['params', 'requestParams', 'profileId']))

Usage:

import { routes } from '@nodeblocks/backend-sdk';

// Use in feature composition:
export const getAvatarUploadUrlFeature = compose(getAvatarUploadUrlSchema, getAvatarUploadUrlRoute);