diff --git a/server/auth/middlewares.ts b/server/auth/middlewares.ts index 8746d7f..23f6a33 100644 --- a/server/auth/middlewares.ts +++ b/server/auth/middlewares.ts @@ -1,10 +1,11 @@ import { NextFunction, Request, Response } from "express" +import { StatusCode } from "../util/types"; export function restrictAccess(req: Request, res: Response, next: NextFunction) { if (req.isAuthenticated()) { next(); } else { - res.send({ ok: false, user: undefined }) + res.status(StatusCode.Forbidden).send({ ok: false, user: undefined }) } } diff --git a/server/db/populate.ts b/server/db/populate.ts index 4219f6c..bcbcce3 100644 --- a/server/db/populate.ts +++ b/server/db/populate.ts @@ -12,7 +12,8 @@ export default async function populate() { ('Emily', 'Dobson', 'emjdobson', 'emily@email.com', 'password2', true, false, $1, $1), ('Montanna', 'Dobson', 'delayedlemon', 'montanna@email.com', 'password3', true, false, $1, $1), ('Christine', 'Riley', 'christine', 'christine@email.com', 'password4', true, false, $1, $1), - ('Someone', 'Not active', 'someone', 'someone@email.com', 'notactive', false, false, $1, $1) + ('Someone', 'Not active', 'someone', 'someone@email.com', 'notactive', false, false, $1, $1), + ('Verified', 'User', 'verifiedtestuser', 'verifieduser@test.com','$2a$10$7j1tE9mL3qAIMG8vwLsb2u1Mm3DC/7EdJI/X7KDBbQ9c34KmnLEMq', false, false, $1, $1) ; ` @@ -43,7 +44,8 @@ export default async function populate() { ('Pad Thai', 'noodles', '1 hour', 1, 1, 3, $1, $1), ('Tacos', null, '30 minutes', 1, 3, 3, $1, $1), ('Garlic knots', null, '1 hour', 4, 4, 3, $1, $1), - ('Cacio e pepe', 'stinky pasta', '1 hour', 3, 4, 3, $1, $1) + ('Cacio e pepe', 'stinky pasta', '1 hour', 3, 4, 3, $1, $1), + ('Green beans', 'green beans', '30 minutes', 6, 1, 1, $1, $1) ; ` @@ -52,7 +54,8 @@ export default async function populate() { (name, active, ismaincollection, ownerid, datecreated, datemodified) VALUES ('Mikayla''s collection', true, true, 1, $1, $1), - ('Emily''s collection', true, true, 2, $1, $1) + ('Emily''s collection', true, true, 2, $1, $1), + ('Verified user collection', true, true, 6, $1, $1) ; ` @@ -99,9 +102,9 @@ export default async function populate() { ` const allStatements: Array = [ - populateUsers, populateCuisines, populateCourses, populateRecipes, - populateCollection, populateIngredients, populateGroceryList, - populateFriendships, populateComments + populateUsers, populateCuisines, populateCourses, + populateCollection, populateIngredients, populateRecipes, + populateGroceryList, populateFriendships, populateComments ]; await pool.query(setup); diff --git a/server/index.ts b/server/index.ts index 4a4c74f..902c8c2 100644 --- a/server/index.ts +++ b/server/index.ts @@ -1,23 +1,21 @@ import express from 'express'; -import path from 'path'; import cors from 'cors'; import dotenv from 'dotenv'; -dotenv.config(); - import { loaders } from './loaders'; +dotenv.config(); + const port = 8080; const app = express(); app.use(cors()); -export const appRoot = path.resolve(__dirname); - -export default async function main() { - const app = express(); +async function main() { await loaders(app); app.listen(port, () => { console.log('listening on port ' + port); }) }; +export default app; + main(); \ No newline at end of file diff --git a/server/jest/helpers/loginUser.ts b/server/jest/helpers/loginUser.ts index 996359e..2afe0db 100644 --- a/server/jest/helpers/loginUser.ts +++ b/server/jest/helpers/loginUser.ts @@ -1,19 +1,8 @@ -import request from 'supertest'; - -const agent = request('localhost:8080'); - -export default async function loginUser(auth: { token: any }) { - const onResponse = (err: any, res: any) => { - if (err) throw err; - auth.token = res.body.token; - } - - agent.post('/auth/login') - .send({ - email: "verifieduser@test.com", - password: "verifieduser" - }) - .end(onResponse); - - return auth; +export default function loginUser(server: any) { + server.post('/auth/login') + .send({ email: 'verifieduser@test.com', password: 'coolpassword' }) + .end((err: any, res: Response) => { + if (err) throw err; + expect(res.status).toBe(200); + }) } \ No newline at end of file diff --git a/server/jest/helpers/logoutUser.ts b/server/jest/helpers/logoutUser.ts new file mode 100644 index 0000000..63e1c96 --- /dev/null +++ b/server/jest/helpers/logoutUser.ts @@ -0,0 +1,3 @@ +export default function logoutUser(server: any) { + server.delete('/auth/logout'); +} \ No newline at end of file diff --git a/server/jest/tests/routes/auth.test.ts b/server/jest/tests/routes/auth.test.ts new file mode 100644 index 0000000..593128a --- /dev/null +++ b/server/jest/tests/routes/auth.test.ts @@ -0,0 +1,23 @@ +import dotenv from 'dotenv'; +import supertest from "supertest"; +import loginUser from '../../helpers/loginUser'; +dotenv.config(); +const APISTRING = process.env.APISTRING || 'localhost:8080'; +const server = supertest.agent(APISTRING); + +describe('/auth', () => { + // beforeAll(() => { + // loginUser(server); + // }) + + // it('receives a token', () => { + + // }) + + // test('allows access to protected resources', async () => { + // const data = await supertest(APISTRING).get('/recipe'); + // console.log(data.body); + // expect(data.statusCode).toBe(200); + // // expect(data.body.name).toBe("Green beans"); + // }) +}) \ No newline at end of file diff --git a/server/jest/tests/routes/recipe.test.ts b/server/jest/tests/routes/recipe.test.ts index d221eda..c85e0b9 100644 --- a/server/jest/tests/routes/recipe.test.ts +++ b/server/jest/tests/routes/recipe.test.ts @@ -1,23 +1,27 @@ -import request from 'supertest' +import supertest from 'supertest' +import loginUser from '../../helpers/loginUser'; import { IRecipe } from '../../../schemas' - -const server = request.agent('localhost:8080'); +import dotenv from 'dotenv'; +import app from '../../..'; +dotenv.config(); +const APISTRING = process.env.APISTRING || 'localhost:8080'; +const server = supertest.agent(app); describe('/recipe', () => { - beforeAll(async () => { - // to do: create session user, - // use it to log in on this test, - // use the authenticated session to view recipes - - // await server.post('/auth/login') - // .body() + beforeAll(() => { + server.post('/auth/login') + .send({ email: 'verifieduser@test.com', password: 'coolpassword' }); }) describe('GET /', () => { - test('gets an array of recipes', async () => { - const result = await request('localhost:8080').get('/recipe'); - const data = JSON.parse(result.text); - expect(data.length).toBeGreaterThan(0); - }) - }) -}) \ No newline at end of file + it('gets an array of recipes', () => { + server.get('/recipe').end((err, res) => { + if (err) throw err; + console.log(res.body); + expect(res.statusCode).toBe(200); + expect(res.body.ok).toBeTruthy(); + }); + + }); + }); +}); \ No newline at end of file diff --git a/server/jest/tests/util/loginUser.test.ts b/server/jest/tests/util/loginUser.test.ts index 320d643..75229e8 100644 --- a/server/jest/tests/util/loginUser.test.ts +++ b/server/jest/tests/util/loginUser.test.ts @@ -1,13 +1,19 @@ -import loginUser from "../../helpers/loginUser" +import supertest from "supertest"; +import loginUser from '../../helpers/loginUser'; +import dotenv from 'dotenv'; +dotenv.config(); +const APISTRING = process.env.APISTRING || 'localhost:8080'; +const server = supertest.agent(APISTRING); describe('login user', () => { - let auth = { token: undefined } - beforeAll(async () => { - auth = await loginUser(auth); + beforeAll(() => { + loginUser(server); }) - it('authenticates a hard-coded user', () => { - console.log(auth); - expect(auth.token).toBeDefined(); + it('allows access to protected resources', () => { + server.get('/recipe').end((err, res) => { + if (err) throw err; + expect(res.statusCode).toBe(200); + }) }) }) \ No newline at end of file diff --git a/server/loaders/swagger.ts b/server/loaders/swagger.ts index 0535b73..af0fec1 100644 --- a/server/loaders/swagger.ts +++ b/server/loaders/swagger.ts @@ -3,8 +3,9 @@ import swaggerUI from 'swagger-ui-express'; import yaml from 'js-yaml'; import fs from 'fs'; import path from 'path'; +import { appRoot } from '../appRoot'; -const swaggerDocument = yaml.load(fs.readFileSync(path.resolve(__dirname, '../swagger.yaml'), 'utf-8')); +const swaggerDocument = yaml.load(fs.readFileSync(path.resolve(appRoot, './swagger.yaml'), 'utf-8')); export const swaggerLoader = async (app: Express) => { app.use('/api-docs', swaggerUI.serve, swaggerUI.setup(swaggerDocument!)); diff --git a/server/package.json b/server/package.json index e0820bd..8870e6b 100644 --- a/server/package.json +++ b/server/package.json @@ -4,10 +4,9 @@ "description": "REST API for recipe manager", "main": "dist/index.js", "scripts": { - "build": "rm -rf dist && ./node_modules/.bin/tsc --project ./tsconfig.json", + "build": "bash util/build.sh", "seed": "npm run build && ts-node-dev db/seed.ts", - "populate": "npm run build && node dist/db/examplevals.js", - "dev": "rm -rf dist && ./node_modules/.bin/tsc --project ./tsconfig.json --watch & ts-node-dev index.ts", + "dev": "bash util/dev.sh", "prod": "npm run build && node dist/index.js", "test": "jest --coverage", "test:watch": "jest --watch", diff --git a/server/routes/recipe.ts b/server/routes/recipe.ts index 71bfca8..797b147 100644 --- a/server/routes/recipe.ts +++ b/server/routes/recipe.ts @@ -21,7 +21,7 @@ export const recipeRoute = (app: Express) => { } }) - router.get('/', async (req, res, next) => { + router.get('/', restrictAccess, async (req, res, next) => { const { user }: any = req.user; const { filterby } = req.query; diff --git a/server/tsconfig.json b/server/tsconfig.json index a8e52ba..3b94f8b 100644 --- a/server/tsconfig.json +++ b/server/tsconfig.json @@ -17,7 +17,8 @@ } }, "include": [ - "**/*" + "**/*", + "swagger.yaml" ], "exclude": [ "node_modules", diff --git a/server/util/build.sh b/server/util/build.sh new file mode 100644 index 0000000..4b2d5c0 --- /dev/null +++ b/server/util/build.sh @@ -0,0 +1,3 @@ +#! /bin/bash + +rm -rf dist && mkdir -p dist && cp ./swagger.yaml ./dist && ./node_modules/.bin/tsc --project ./tsconfig.json \ No newline at end of file diff --git a/server/util/dev.sh b/server/util/dev.sh new file mode 100644 index 0000000..a633e84 --- /dev/null +++ b/server/util/dev.sh @@ -0,0 +1,3 @@ +#! /bin/bash + +rm -rf dist && mkdir -p dist && cp ./swagger.yaml ./dist && ./node_modules/.bin/tsc --project ./tsconfig.json --watch & ts-node-dev index.ts