Create a simple sticky note CRUD application using basic HTML, CSS, and HTTP. Use any language you'd like.
A working agreement is essentially a promise to you or to your team on habits and processes you agree to follow while working on a project.
Tip: Try to incorporate as many of these habits as possible, as is they aim to reflect a real-world workflow vs just hacking away at something. They are designed to keep you organized and ensure you deliver a quality product.
Detailed descriptions of the routes, pages, and validation requirements can be found here.
As a developer, I agree to handle errors gracefully and provide feedback to the user.
As a developer, I agree to ensure each story is properly tested. (A lot of times it can be a pain to test a CLI's tool main function, you'll understand when you get there, try your best, 100% code coverage is not required)
As a developer, I agree to create a new git branch for each story I work on.
Set up the basic structure and configuration for the server, including initializing the server, defining the home route, and creating the homepage.
As a user, I want the server to be up and running, so that I can access the application through my web browser.
As a user, I want to access the application by navigating to the homepage, so that I can learn about the app and find my way around.
As a user, I want to see a homepage that introduces the application, so that I can understand what the app does and navigate to other pages.
As a user, I want the server to handle errors gracefully, so that I receive helpful feedback if something goes wrong.
Implement the functionality to create a new sticky note. Define the route for creating notes and create a page with a form to input the note's title and content.
As a user, I want to access a form to create a new sticky note, so that I can easily add my notes to the application.
As a user, I want to see a simple form for entering a note's title and content, so that I can create a new sticky note.
As a user, I want the server to save my new note when I submit the form, so that my note is stored and can be accessed later.
As a user, I want to see a confirmation when my note is created or an error if something goes wrong, so that I know the outcome of my action.
Implement the functionality to list all existing sticky notes. Define the route to display all notes and create a page that lists the titles of all stored notes.
As a user, I want to access a page that lists all my sticky notes, so that I can easily see and access the notes I have created.
As a user, I want to see a list of all my sticky notes, so that I can quickly find and view a specific note.
As a user, I want to see a message if there are no sticky notes, so that I know I need to create one.
As a user, I want to easily navigate back to the home page or create a new sticky note from the list page, so that I can manage my notes efficiently.
Implement the functionality to display a specific sticky note. Define the route to view an individual note and create a page that shows the note's title and content.
As a user, I want to click on a note title from the list and view the full content of that sticky note, so that I can read or review the details of my note.
As a user, I want to see the full content of my sticky note along with its title, so that I can review the information I saved.
As a user, I want to see options to edit or delete the note while viewing it, so that I can make changes or remove it if needed.
As a user, I want to see a helpful message if the note I’m trying to view doesn’t exist, so that I understand what happened and what I can do next.
Implement the functionality to update an existing sticky note. Define the route for updating notes and create a page with a form pre-populated with the current note's data for editing.
As a user, I want to access a form to edit my sticky note, so that I can make changes to the title or content.
As a user, I want the form to be pre-filled with my note's current title and content, so that I can easily make and save my changes.
As a user, I want the server to save my changes when I submit the form, so that my updated note is stored and accessible.
As a user, I want the option to cancel editing and return to the previous page, so that I can leave the note unchanged if I change my mind.
Implement the functionality to delete a sticky note. Define the route for deleting notes and ensure users can remove a note from the system.
As a user, I want to delete a sticky note, so that I can remove it permanently if it's no longer needed.
As a user, I want to confirm before deleting a sticky note, so that I don't accidentally remove important information.
As a user, I want the server to permanently delete my sticky note when I confirm the action, so that it is removed from the system.
As a user, I want to receive feedback after deleting a note, so that I know the action was successful.
Phase 2 introduces a board management features and the introduction of a SQL DB
Transition from using filesystem-based storage to a SQL database for storing sticky notes and boards. Implement the defined database schema to support the storage and management of notes and boards.
As a developer, I want to establish a connection to the SQL database, so that I can store and retrieve data for notes and boards.
As a developer, I want to implement the database schema, so that the application can properly store notes and boards.
As a developer, I want to refactor the existing filesystem-based logic to use SQL equivalents, so that notes and boards are managed through the SQL database.
Create functionality to allow users to create, update, and delete boards, including managing the notes associated with each board.
As a user, I want to create a new board, so that I can organize my notes within specific categories.
As a user, I want to update the name of an existing board, so that I can correct mistakes or better organize my notes.
As a user, I want to delete a board, so that I can remove unwanted or unused categories, provided no notes are associated with it.
As a user, I want to view a list of all boards, so that I can see the available categories and the number of notes in each.
As a user, I want to view the details of a specific board, so that I can see all the notes associated with it.
Update the note creation and editing processes to include board selection. Ensure all relevant pages and routes display and manage board information appropriately throughout the application.
As a user, I want to select a board when creating a new note, so that I can organize my notes within specific categories.
As a user, I want to change the board of an existing note, so that I can reorganize my notes as needed.
As a user, I want to see the associated board when viewing a note, so that I know which category it belongs to.
Add search functionality to allow users to find notes based on keywords in titles, content, or associated boards. Ensure the search is intuitive and returns relevant results.
As a user, I want to access a search page where I can enter keywords, so that I can find specific notes quickly.
As a user, I want the application to process my search query and find matching notes, so that I can easily locate the information I need.
As a user, I want to see a list of notes that match my search query, so that I can quickly access the relevant information.
As a user, I want the search functionality to be integrated throughout the application, so that I can easily search from anywhere.
Develop a JSON API to allow programmatic access to notes and boards, enabling operations such as creating, updating, retrieving, and deleting notes and boards via RESTful API endpoints.
As a developer, I want to implement an API endpoint to retrieve all notes in JSON format, so that I can access the notes programmatically.
As a developer, I want to implement an API endpoint to retrieve a specific note by its ID, so that I can access detailed information about a single note.
As a developer, I want to implement an API endpoint to create a new note via a JSON payload, so that I can add notes programmatically.
As a developer, I want to implement an API endpoint to update an existing note via a JSON payload, so that I can modify notes programmatically.
As a developer, I want to implement an API endpoint to delete a specific note by its ID, so that I can remove notes programmatically.
As a developer, I want to implement an API endpoint to retrieve all boards in JSON format, so that I can access the boards programmatically.
As a developer, I want to implement an API endpoint to retrieve a specific board by its ID, so that I can access detailed information about a single board.
As a developer, I want to implement an API endpoint to create a new board via a JSON payload, so that I can add boards programmatically.
As a developer, I want to implement an API endpoint to update an existing board via a JSON payload, so that I can modify boards programmatically.
As a developer, I want to implement an API endpoint to delete a specific board by its ID, so that I can remove boards programmatically.
As a developer, I want to implement an API endpoint to retrieve all notes associated with a specific board, so that I can filter notes by their board programmatically.
Phase 5 introduces a user registration and login capability and the ability for users to set the privacy settings of the notes they create.
Implement the core authentication functionality for the HTML routes, allowing users to register, log in, change passwords, and log out securely.
As a user, I want to register with a username and password, so that I can create an account and access the application.
As a user, I want to log in with my username and password, so that I can securely access my account.
As a user, I want to change my password, so that I can maintain the security of my account.
As a user, I want to log out, so that I can end my session and protect my account.
Implement authorization controls to ensure that only authenticated users can create, update, or delete boards and notes, and to enforce ownership and privacy rules for notes.
As an authenticated user, I want to create boards, so that I can organize my notes.
As an authenticated user, I want to update boards that I own, so that I can manage my content.
As an authenticated user, I want to delete boards that I own, so that I can manage my content.
As an authenticated user, I want to create notes and associate them with boards, so that I can manage my content.
As an authenticated user, I want to update notes that I own, so that I can manage my content.
As an authenticated user, I want to delete notes that I own, so that I can manage my content.
As a user, I want to control the visibility of my notes, so that I can keep some notes private and others public.
Implement the core authentication functionality for the API routes, allowing users to log in, receive a JWT, and log out securely.
As a user, I want to log in through the API with my username and password, so that I can receive a JWT for authenticated access to other API routes.
As a user, I want to log out through the API, so that my JWT is invalidated and my session is securely terminated.
As a user, I want my API requests to be validated using the JWT, so that only authenticated requests are processed.
As a user, I want to refresh my JWT before it expires, so that I can maintain access to the API without re-authenticating.
Implement authorization controls for the API to ensure that only authenticated users can perform actions like creating, updating, or deleting boards and notes, and to enforce ownership and privacy rules for notes.
As an authenticated user, I want to create boards via the API, so that I can organize my notes programmatically.
As an authenticated user, I want to update boards I own via the API, so that I can manage my content programmatically.
As an authenticated user, I want to delete boards I own via the API, so that I can manage my content programmatically.
As an authenticated user, I want to create notes via the API and associate them with boards, so that I can manage my content programmatically.
As an authenticated user, I want to update notes I own via the API, so that I can manage my content programmatically.
As an authenticated user, I want to delete notes I own via the API, so that I can manage my content programmatically.
As a user, I want to control the visibility of my notes via the API, so that I can keep some notes private and others public.
Account for common web security vulnerabilities and mitigate them with security best practices.
Implement practices to identify, manage, and mitigate common web vulnerabilities in the application. Ensure that the application is secure from known attack vectors and follows best practices for security.
As a developer, I want to protect the application from SQL injection attacks, so that the database remains secure from unauthorized access and data manipulation.
As a developer, I want to prevent XSS attacks, so that users' data and sessions are protected from malicious scripts.
As a developer, I want to protect the application from CSRF attacks, so that unauthorized actions cannot be performed on behalf of users.
As a developer, I want to prevent unauthorized access to internal objects like files and records, so that sensitive data is only accessible to authorized users.