COMP 20: Web Programming

Assignment 3: The Server for the Private Car Service

Due: Tuesday, April 9th

This assignment is worth 25 points. You must work on this assignment individually.



In Assignment 2, you sent your username, latitude, and longitude to a web application server (i.e.,, and it responded with a gob of data, where others in the class er I mean passengers or vehicles, in JSON format. In this assignment, you will write a web application that is almost exactly like that used for Assignment 2, and deploy it.

Using Heroku, Node.js with the Express web framework, and MongoDB, you are to build a web application server that maintains and serves locations of passengers and vehicles (username, latitude, and longitude) for a long period of time.

Getting Started

  1. For this assignment, you will not be using your private GitHub repository!
  2. Do Lab 7 ASAP. Use the web application you create in the lab for this assignment.
  3. You will need to use the mLab MongoDB plugin add-on for your web application. See Run heroku addons:create mongolab:sandbox inside of your Heroku app folder (the one you used for Lab 7). This will enable MongoDB for your web application on Heroku. There is a 500 MB limit for data storage, more than enough for our needs. If you forget to add a MongoDB plugin for your web application, your web application will return errors.

Data Description

Your web application shall work with two sets of data: vehicles and passengers. In MongoDB, a set of data is known as a collection. If you are familiar with relational databases, a collection is analogous to a "table". The collection contains a number of records, properly known as documents. If you are familiar with relational databases, a document is analogous to a "row".

Each document will have the data field _id (the document's unique field, primary key) created automatically.

The Keys for a Single Document in vehicles and passengers

The data that must be stored in one document (or record) in vehicles and passengers collections are:

Whitelist of all Vehicles

The following is the list of all the vehicles that were used in Assignment 2. Use this list to check if username is a driver / vehicle:

var vehicles = ["JANET","NgfcWZmS", "tNEh59TC", "suFKyeZg", "VMerzMH8", "6tWDkKh6", "ajNnfhJj", "bCxY6mCw", "Cq4NX9eE", "mXfkjrFw", "EMYaM9D8", "nZXB8ZHz", "Tkwu74WC", "TnA763WN", "TaR8XyMe", "5KWpnAJN", "uf5ZrXYw"]


Your web application shall have the following features or APIs (Application Programming Interfaces):

1. A POST /rides API

Returns a JSON string. Submits check-in from any domain. The required fields and exact field names for submission to this API are username, lat, and lng. Successful submission of these three pieces of data shall result in one entry into either the collection vehicles (if username is in the list above) or passengers (otherwise) in MongoDB.

If a submission is missing any one of the required fields, do not insert new record into the database and send the following JSON as the response: {"error":"Whoops, something is wrong with your data!"}.

Upon successful insertion of record into vehicles collection (i.e., username is a driver / vehicle), return a JSON string that is an object with the key passengers and the corresponding value is a list of all passengers who have requested a vehicle within the last three minutes. Example JSON response, same as the one seen in the Assignment 2 specification: {"passengers":[{"_id":"589bd3258451126182dfbc63","username":"dwR3TbOH","lat":20.3,"lng":20.4,"created_at":"2019-03-09T02:25:41.166Z"}]}

Upon successful insertion of record into passengers collection (i.e., username is NOT a driver / vehicle), return a JSON string that is an object with the key vehicles and the corresponding value is a list of all drivers / vehicles who have been seen within the last three minutes. Example JSON response, same as the one seen in the Assignment 2 specification: {"vehicles":[{"_id":"589bd30f8451126182dfbc62","username":"suFKyeZg","lat":10.1,"lng":10.2,"created_at":"2019-03-09T02:25:19.575Z"}]}

IMPORTANT: Cross-origin resource sharing must be enabled for this API, else data cannot be sent from another domain (i.e., your Assignment 2 map will not work).

Multiple check-ins for a username is allowed.

2. A GET /passenger.json API

Returns a list of all records for a given username as a JSON string if record(s) exist in MongoDB collection passengers. The mandatory parameter for this API is username. If the username query parameter is empty, not provided, or no results found, return empty JSON list [].

Example output 1: GET /passenger.json?username=tNEh59TC returns [] (as tNEh59TC is a vehicle)

Example output 2: GET /passenger.json?username=dwR3TbOH returns something like [{"_id":"589bd3258451126182dfbc63","username":"dwR3TbOH","lat":20.3,"lng":20.4,"created_at":"2019-03-09T02:25:41.166Z"}]

Example output 3: GET /passenger.json returns [] as no username was given.

Cross-origin resource sharing must be enabled for this API else another another domain cannot retrieve data.

3. GET / - Home, the root, the index

Returns HTML. You may also use additional JavaScript and CSS, and you are free to design this page however you desire. Accessing this on a web browser (e.g., shall display list of all the vehicles in the database in descending order by timestamp (that is, the last driver/vehicle who was looking for passengers is displayed first). username, and check-in timestamp must be displayed in addition to the location (latitude and longitude). Simply outputting JSON as the page is unacceptable.

Example output: suFKyeZg was looking for passengers at 10.1, 10.2 on 2019-03-09T02:25:19.575Z.


With the exception of the data requirements (in "Data Description" above), please note that I did not mention a thing about security or error handling in the requirements. Authentication to this web application is not required. There is a reason for this, as you will see in Assignment 4.


  1. The Express web framework API reference (official)
  2. The nodemongoapp example I wrote
  3. Node.js + Express + Cross-Domain Scripting (Stack Overflow)
  4. Getting Started with MongoDB Development (official)
  5. Lab 7
  6. The Official MongoDB Node.JS Driver QUICK START
  7. The Official MongoDB Node.JS Driver Documentation

Testing Your Web Application


Modify the file in node-js-getting-started that describes your modifications. This description must:

  1. Identify what aspects of the work have been correctly implemented and what have not.
  2. Identify anyone with whom you have collaborated or discussed the assignment.
  3. Say approximately how many hours you have spent completing the assignment.

Submitting the Assignment

  1. Push and deploy your app to Heroku.
  2. It is expected that you will use the same web app / repo from Lab 7 for this assignment. If you are to create a new web app on Heroku for this assignment, you will need to add me as a collaborator (using my email address mchow[AT]cs[DOT]tufts[DOT]edu) for your web application in Heroku. You can do this by logging on to Heroku, go to the dashboard for your web application, under "Access", click on the "Add collaborator" button, enter my email address, and click "Save changes".