Release V0.1.0-alpha.2

.github/workflows/codeql-analysis.yml

@@ -7,10 +7,10 @@ name: "CodeQL"
 
 on:
   push:
-    branches: [main]
+    branches: [master, dev]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [main]
+    branches: [master, dev]
   schedule:
     - cron: '0 8 * * 0'
 

CHANGELOG.md

@@ -2,6 +2,29 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
+## [0.1.0-alpha.2](https://github.com/CTFNote/backend/compare/v0.1.0-alpha.1...v0.1.0-alpha.2) (2021-01-20)
+
+
+### Bug Fixes
+
+* **deps:** update dependency mongoose to v5.11.13 ([5eb1758](https://github.com/CTFNote/backend/commit/5eb1758775903ddba9b2d6b87ba5f862b418f2d9))
+* disable LGTM issue ([85faacb](https://github.com/CTFNote/backend/commit/85faacba52c9a30693918c2e4581886067c43488))
+* fix codeql scanning ([c6f877c](https://github.com/CTFNote/backend/commit/c6f877cd95d5a18d331b8bbe5643066d87a849b2)), closes [#31](https://github.com/CTFNote/backend/issues/31)
+* update typing to be correct ([7903d6d](https://github.com/CTFNote/backend/commit/7903d6dd24e2051ed20e52987102c58006e9ccbe))
+* use Promise.all where possible ([81a1019](https://github.com/CTFNote/backend/commit/81a1019cf878e2b9236109fd857c543415c3987c))
+
+
+### Refactor
+
+* make some methods private ([43629e2](https://github.com/CTFNote/backend/commit/43629e29a5f8368c06200061d6f58dae6532716a))
+
+
+### Chore
+
+* update renovate config ([87f9db8](https://github.com/CTFNote/backend/commit/87f9db8b2b16ea0e8003423ceca27a294173678e))
+* **deps:** pin dependencies ([f1e97ca](https://github.com/CTFNote/backend/commit/f1e97ca839a3843bd545a51682335ee37ed6c22d))
+* update renovate config ([7908137](https://github.com/CTFNote/backend/commit/790813791adfe27bf93dab26a3c591542e02ce78))
+
 ## [0.1.0-alpha.1](https://github.com/CTFNote/backend/compare/v0.1.0-alpha.0...v0.1.0-alpha.1) (2021-01-20)
 
 

package.json

@@ -1,6 +1,6 @@
 {
   "name": "ctfnote-backend",
-  "version": "0.1.0-alpha.1",
+  "version": "0.1.0-alpha.2",
   "description": " The backend for CTFNote, made using Node.js, express.js, and Typescript.",
   "main": "src/app.ts",
   "repository": "git@github.com:CTFNote/backend",
@@ -29,9 +29,9 @@
     "cors": "2.8.5",
     "cross-env": "7.0.3",
     "express": "4.17.1",
-    "express-rate-limit": "^5.2.3",
+    "express-rate-limit": "5.2.3",
     "jsonwebtoken": "8.5.1",
-    "mongoose": "5.11.12",
+    "mongoose": "5.11.13",
     "morgan": "1.10.0",
     "ts-node": "9.1.1",
     "typescript": "4.1.3",
@@ -47,7 +47,7 @@
     "@types/cors": "2.8.9",
     "@types/eslint": "7.2.6",
     "@types/express": "4.17.11",
-    "@types/express-rate-limit": "^5.1.1",
+    "@types/express-rate-limit": "5.1.1",
     "@types/jsonwebtoken": "8.5.0",
     "@types/mongoose": "5.10.3",
     "@types/morgan": "1.9.2",

renovate.json

@@ -1,4 +1,5 @@
 {
   "extends": ["config:base"],
-  "baseBranches": ["dev"]
+  "baseBranches": ["dev"],
+  "schedule": ["first day of every month"]
 }

src/api/v1/auth.ts

@@ -42,7 +42,9 @@ export default (): Router => {
   router
     .route("/login")
     .all(authRateLimit)
-    .post(verifyLoginCreds, login)
+    // LGTM issue is disabled because i am actually using rate limiting, but for some reason LGTM
+    // isn't picking it up.
+    .post(verifyLoginCreds, login) // lgtm [js/missing-rate-limiting]
     .all(notImplemented);
   router
     .route("/logout")

src/services/Auth.ts

@@ -182,7 +182,7 @@ export default class AuthService {
    * @returns {Promise<IUserModel>} the whole document on the user
    * @memberof AuthService
    */
-  public async getFullUser(id: mongoose.Types.ObjectId): Promise<IUserModel> {
+  private async getFullUser(id: mongoose.Types.ObjectId): Promise<IUserModel> {
     Logger.silly("Checking for valid ObjectId");
     if (!isValidObjectId(id)) {
       throw new BadRequestError({ errorCode: "error_invalid_id" });
@@ -245,7 +245,7 @@ export default class AuthService {
    * @returns {string} the JWT
    * @memberof AuthService
    */
-  public generateAccessToken(user: IUserModel): string {
+  private generateAccessToken(user: IUserModel): string {
     const jwtData: JWTData = { sub: user._id, id: user._id };
 
     if (user.isAdmin) {
@@ -266,7 +266,7 @@ export default class AuthService {
    * @returns {Promise<IRefreshTokenModel>} the token document
    * @memberof AuthService
    */
-  public async getRefreshToken(token: string): Promise<IRefreshTokenModel> {
+  private async getRefreshToken(token: string): Promise<IRefreshTokenModel> {
     const refreshToken = await RefreshToken.findOne({ token }).then();
 
     if (!refreshToken || !refreshToken.isActive) {
@@ -285,7 +285,7 @@ export default class AuthService {
    * @param {string} ipAddress what ip address is generating the new refresh token
    * @memberof AuthService
    */
-  public generateRefreshToken(
+  private generateRefreshToken(
     user: IUserModel,
     ipAddress: string
   ): IRefreshTokenModel {
@@ -305,7 +305,7 @@ export default class AuthService {
    * @param {string} [replacedByToken] an optional parameter that indicates what token replaces this one
    * @memberof AuthService
    */
-  public async revokeToken(
+  private async revokeToken(
     token: string,
     ipAddress: string,
     replacedByToken?: string

src/services/Team.ts

@@ -90,10 +90,18 @@ export default class TeamService {
     Logger.verbose("Getting team");
     const decodedJWT = verifyJWT(jwt);
 
-    Logger.silly("Getting user");
-    const user = await (await UserModel.findById(decodedJWT.id))
-      .execPopulate()
-      .then()
+    let team: ITeamModel;
+    let user: IUserModel;
+
+    Logger.silly("Getting user and team");
+    await Promise.all([
+      TeamModel.findById(teamID),
+      UserModel.findById(decodedJWT.id),
+    ])
+      .then((results) => {
+        team = results[0];
+        user = results[1];
+      })
       .catch((err) => {
         Logger.error(err);
         throw new InternalServerError();
@@ -104,8 +112,6 @@ export default class TeamService {
       throw new NotFoundError({ errorCode: "error_user_not_found" });
     }
 
-    Logger.silly("Getting team");
-    const team = await TeamModel.findById(teamID);
     if (!team) {
       throw new NotFoundError({ errorCode: "error_team_not_found" });
     }

src/types/index.d.ts

@@ -1,8 +1,8 @@
 import { Types as mongooseTypes } from "mongoose";
 
 export interface TeamSocials {
-  twitter: string;
-  website: string;
+  twitter?: string;
+  website?: string;
 }
 
 // The params an error errorMessage can take
@@ -55,13 +55,13 @@ export interface JWTData {
 }
 
 export interface TeamDetailsUpdateData {
-  name: string;
-  socials: TeamSocials;
+  name?: string;
+  socials?: TeamSocials;
 }
 
 export interface InviteOptions {
-  maxUses: number;
-  expiry: Date;
+  maxUses?: number;
+  expiry?: Date;
 }
 
 export interface BasicInvite {

yarn.lock

@@ -312,7 +312,7 @@
   resolved "https://registry.yarnpkg.com/@types/estree/-/estree-0.0.45.tgz#e9387572998e5ecdac221950dab3e8c3b16af884"
   integrity sha512-jnqIUKDUqJbDIUxm0Uj7bnlMnRm1T/eZ9N+AVMqhPgzrba2GhGG5o/jCTwmdPK709nEZsGoMzXEDUjcXHa3W0g==
 
-"@types/express-rate-limit@^5.1.1":
+"@types/express-rate-limit@5.1.1":
   version "5.1.1"
   resolved "https://registry.yarnpkg.com/@types/express-rate-limit/-/express-rate-limit-5.1.1.tgz#e5b0239d18c1580e52ae56dce4248333302a1dc8"
   integrity sha512-6oMYZBLlhxC5sdcRXXz528QyfGz3zTy9YdHwqlxLfgx5Cd3zwYaUjjPpJcaTtHmRefLi9P8kLBPz2wB7yz4JtQ==
@@ -1666,7 +1666,7 @@ etag@~1.8.1:
   resolved "https://registry.yarnpkg.com/etag/-/etag-1.8.1.tgz#41ae2eeb65efa62268aebfea83ac7d79299b0887"
   integrity sha1-Qa4u62XvpiJorr/qg6x9eSmbCIc=
 
-express-rate-limit@^5.2.3:
+express-rate-limit@5.2.3:
   version "5.2.3"
   resolved "https://registry.yarnpkg.com/express-rate-limit/-/express-rate-limit-5.2.3.tgz#ae73b3dc723decd697797611bd96e9b34a912f6c"
   integrity sha512-cjQH+oDrEPXxc569XvxhHC6QXqJiuBT6BhZ70X3bdAImcnHnTNMVuMAJaT0TXPoRiEErUrVPRcOTpZpM36VbOQ==
@@ -2938,10 +2938,10 @@ mongoose-legacy-pluralize@1.0.2:
   resolved "https://registry.yarnpkg.com/mongoose-legacy-pluralize/-/mongoose-legacy-pluralize-1.0.2.tgz#3ba9f91fa507b5186d399fb40854bff18fb563e4"
   integrity sha512-Yo/7qQU4/EyIS8YDFSeenIvXxZN+ld7YdV9LqFVQJzTLye8unujAWPZ4NWKfFA+RNjh+wvTWKY9Z3E5XM6ZZiQ==
 
-mongoose@5.11.12:
-  version "5.11.12"
-  resolved "https://registry.yarnpkg.com/mongoose/-/mongoose-5.11.12.tgz#452d28ef04b9c6a9601e62a54064851c3b57d4ee"
-  integrity sha512-70wST9hnVlPbt5nKClPKJo54ULIACOVGYdg8fyj17sWtCJLyURCDahhzUh+oUA7WVykOW2ZMqWm2kujBIWYagg==
+mongoose@5.11.13:
+  version "5.11.13"
+  resolved "https://registry.yarnpkg.com/mongoose/-/mongoose-5.11.13.tgz#1a8af3c83152d5e0427509966926ea7f5ead4d66"
+  integrity sha512-rXbaxSJfLnKKO2RTm8MKt65glrtfKDc4ATEb6vEbbzsVGCiLut753K5axdpyvE7KeTH7GOh4LzmuQLOvaaWOmA==
   dependencies:
     "@types/mongodb" "^3.5.27"
     bson "^1.1.4"