# Assignment requirements

- [x] Express API with at least 17 endpoints
- [x] Testing: both integration and unit tests
- [x] Authentication & Authorization: using JWT tokens or a similar technology
- [x] Error handling
- [x] MongoDB CRUD operations and Mongoose modeling (with Joi validation)
- [ ] Complete data and input validation (including ObjectId validation)
- [x] Middleware functions
- [ ] A detailed deployment step-by-step plan: the application must be deployed on a cloud server and publicly accessible
- [x] REST Client API calls provided for all API endpoints
- [x] Comprehensive API documentation

# Feature plan

- [ ] User management (user/monitor)
  - [x] Registration
    - [ ] Validation based on type
  - [x] Login
  - [-] Logout
  - [x] Delete
  - [ ] Password reset
  - [ ] User profile management
  - [ ] Device management
- [ ] Organisation (who's coming? announcement of events, ...)
- [ ] Budgeting with tracking
  - [x] Get current budget
  - [ ] Review spending history
  - [ ] Request additional budget in case of emergency
- [x] Emergency alarm
  - [x] Get alarm list (monitor)
  - [x] Silencing/clearing
  - [ ] Optional: integration with park's emergency services
- [x] Emergency contact & info card
  - [ ] Endpoints
- [ ] Limitations on consumptions
  - [ ] Allergies
  - [ ] Sugar intake limitations
- [x] Location tracking
  - [ ] Endpoints
- [x] Sensor tracking (sugar level, heart rate, temperature, ...)
  - [ ] Endpoints
- [ ] Day planning (meetups, departure, ...)
  - [ ] Location of activities
  - [ ] Deadlines
- [ ] Approval of rental of material (independent of budgeting, ie. bikes, ...)
- [ ] Restrictions on attractions (health issues, age, ...)
- [ ] Integration API for park infrastructure (e.g., user-only WiFi network, payment via park wristband according to budget, ...)
  - [ ] User-only WiFi network
  - [ ] Payment via park wristband according to budget
  - [ ] Integration with park's existing systems for seamless user experience