Merge 91977bf into bd2252c

andela · Feb 17, 2020 · 2dbc909 · 2dbc909
2 parents bd2252c + 91977bf
commit 2dbc909
Show file tree

Hide file tree

Showing 14 changed files with 167 additions and 156 deletions.
diff --git a/package.json b/package.json
@@ -35,8 +35,8 @@
     "dotenv": "^6.2.0",
     "express": "^4.17.1",
     "express-validator": "^6.4.0",
-    "jsonwebtoken": "^8.5.1",
     "i18n": "^0.8.5",
+    "jsonwebtoken": "^8.5.1",
     "path": "^0.12.7",
     "pg": "^7.18.1",
     "pg-hstore": "^2.3.3",

diff --git a/src/controllers/authController.js b/src/controllers/authController.js
@@ -45,11 +45,7 @@ export default class AuthController {
         email,
         password: hashedPassword,
       });
-      const token = provideToken(user.id, user.isVerified);
-      await db.VerificationToken.create({
-        userId: user.id,
-        token
-      });
+      const token = provideToken(user.id, user.isVerified, email);
       sendMsg(email, token, firstName);
       return Response.signupResponse(res, 201, 'User successfully registered', token);
     } catch (error) {

diff --git a/src/controllers/verificationController.js b/src/controllers/verificationController.js
@@ -18,21 +18,15 @@ export default class VerificationController {
      */
   static async verifyAccount(req, res) {
     try {
-      const existingEmail = db.User.findOne({
+      const existingUser = await db.User.findOne({
         where: { email: req.query.email }
       });
-      if (existingEmail.isVerified) {
-        return Response.signupResponse(res, 202, 'User is Verified');
+      const unverifiedId = existingUser.isVerified;
+      if (unverifiedId === false) {
+        existingUser.update({ isVerified: true });
+        return Response.signupResponse(res, 200, `User with ${existingUser.email} has been verified`);
       }
-      const existingToken = await db.VerificationToken.findOne({
-        where: { token: req.query.token }
-      });
-      const unverifiedId = existingToken.userId;
-      const newUser = await db.User.findOne({
-        where: { id: unverifiedId }
-      });
-      newUser.update({ isVerified: true });
-      return Response.signupResponse(res, 200, `User with ${newUser.email} has been verified`);
+      return Response.signupResponse(res, 202, `${existingUser.email} is already verified`);
     } catch (error) {
       return Response.errorResponse(res, 500, `${error.message}`);
     }

diff --git a/src/migrations/20200212152821-create-verification-token.js b/src/migrations/20200212152821-create-verification-token.js
diff --git a/src/models/vericationtoken.js b/src/models/vericationtoken.js
diff --git a/src/routes/api/welcome.js b/src/routes/api/welcome.js
diff --git a/src/routes/authRoutes.js b/src/routes/authRoutes.js
@@ -1,13 +1,15 @@
 import express from 'express';
 import AuthController from '../controllers/authController';
+import verificationController from '../controllers/verificationController';
+import validateParams from '../validation/validateParams';
 import validationResult from '../validation/validationResult';
 import signupInputRules from '../validation/validationRules';
-import verificationController from '../controllers/verificationController';
+
 
 const authRouter = express.Router();
 
 authRouter.post('/register', signupInputRules, validationResult, AuthController.registerUser);
-authRouter.get('/verification', verificationController.verifyAccount);
+authRouter.get('/verification', validateParams.validateToken, verificationController.verifyAccount);
 authRouter.post('/login', AuthController.login);
 
 export default authRouter;
diff --git a/src/seeders/20200212121323-User.js b/src/seeders/20200212121323-User.js
@@ -5,11 +5,12 @@ module.exports = {
     'Users',
     [
       {
-        id: "dgdhdghshgshs",
+        id: "712cc013-275d-4855-b2ac-77c054ad3d28",
         firstName: 'Bienjee',
         lastName: 'Bieio',
         email: 'jean@andela.com',
         password: bcrypt.hashSync('Bien@BAR789', Number(process.env.passwordHashSalt)),
+        isVerified: false,
         createdAt: new Date(),
         updatedAt: new Date(),
       },
@@ -19,6 +20,7 @@ module.exports = {
         lastName: 'devrpo',
         email: 'jdev@andela.com',
         password: bcrypt.hashSync('Bien@BAR789', Number(process.env.passwordHashSalt)),
+        isVerified: false,
         createdAt: new Date(),
         updatedAt: new Date(),
       },

diff --git a/src/swagger/auth.swagger.js b/src/swagger/auth.swagger.js
@@ -1,3 +1,15 @@
+/**
+ * @swagger
+ * /:
+ *   get:
+ *     description: Display welcome message
+ *     produces:
+ *       - application/json
+ *     responses:
+ *       200:
+ *         description: Welcome to devRepublic Barefoot Nomad API
+ */
+
 /**
  * @swagger
  * definitions:
@@ -20,17 +32,7 @@
  *         - email
  *         - password
  */
-/**
- * @swagger
- * /:
- *   get:
- *     description: Display welcome message
- *     produces:
- *       - application/json
- *     responses:
- *       200:
- *         description: Welcome to devRepublic Barefoot Nomad API
- */
+
 /**
  * @swagger
  * /api/v1/auth/register:
@@ -73,6 +75,23 @@
  *             description: User already exist.
  * */
 
+/**
+ * @swagger
+ * definitions:
+ *   login:
+ *     type: object
+ *     properties:
+ *       email:
+ *         type: string
+ *         format: email
+ *       password:
+ *         type: string
+ *         format: password
+ *       required:
+ *         - email
+ *         - password
+ */
+
 /**
  * @swagger
  * /api/v1/auth/login:
@@ -111,17 +130,28 @@
 
 /**
  * @swagger
- * definitions:
- *   login:
- *     type: object
- *     properties:
- *       email:
- *         type: string
- *         format: email
- *       password:
- *         type: string
- *         format: password
- *       required:
- *         - email
- *         - password
- */
+ * /api/v1/auth/verification/token={token}&email={email}:
+ *   get:
+ *     tags:
+ *       - User
+ *     name: verify
+ *     summary: verify the email of the user
+ *     produces:
+ *       - application/json
+ *     consumes:
+ *       - application/json
+ *     parameters:
+ *       - name: token
+ *         in: path
+ *         description: token of the user including their id no and their email
+ *       - name: email
+ *         in: path
+ *         description: email of the user
+ *     responses:
+ *       '200':
+ *             description: User with ${email} has been verified.
+ *       '202':
+ *             description: ${email} is already verifiedt.
+ *       '401':
+ *             description: Sorry, you are not authorized to access this page.
+ * */
diff --git a/src/tests/verifyAccount.test.js b/src/tests/verifyAccount.test.js
@@ -0,0 +1,53 @@
+import chai from 'chai';
+import chaiHttp from 'chai-http';
+import index from '../index';
+import {
+  email,
+  id,
+  isVerified,
+  wrongEmail,
+  wrongId
+} from './verifyAccountMock';
+import provideToken from '../utils/provideToken';
+
+const token = provideToken(id, isVerified, email);
+const wrongToken = provideToken(wrongId, isVerified, wrongEmail);
+
+
+const {
+  expect
+} = chai;
+chai.use(chaiHttp);
+
+describe('Verification tests', () => {
+  it('should return account verified created sucessfully.', (done) => {
+    chai.request(index)
+      .get(`/api/v1/auth/verification?token=${token}&email=${email}`)
+      .end((err, res) => {
+        expect(res.body).to.be.an('object');
+        expect(res.status).to.equal(200);
+        expect(res.body.message).to.equal(`User with ${email} has been verified`);
+        done();
+      });
+  });
+  it('should return account is already verified.', (done) => {
+    chai.request(index)
+      .get(`/api/v1/auth/verification?token=${token}&email=${email}`)
+      .end((err, res) => {
+        expect(res.body).to.be.an('object');
+        expect(res.status).to.equal(202);
+        expect(res.body.message).to.equal(`${email} is already verified`);
+        done();
+      });
+  });
+  it('should return you are not authorized to access this page..', (done) => {
+    chai.request(index)
+      .get(`/api/v1/auth/verification?token=${wrongToken}&email=${email}`)
+      .end((err, res) => {
+        expect(res.body).to.be.an('object');
+        expect(res.status).to.equal(401);
+        expect(res.body.error).to.equal('Sorry, you are not authorized to access this page.');
+        done();
+      });
+  });
+});
diff --git a/src/tests/verifyAccountMock.js b/src/tests/verifyAccountMock.js
@@ -0,0 +1,5 @@
+export const email = 'jean@andela.com';
+export const isVerified = false;
+export const id = '712cc013-275d-4855-b2ac-77c054ad3d28';
+export const wrongEmail = 'jim@andela.com';
+export const wrongId = '712cc013-275d-4855-b2ac-77c054ad3d29';
diff --git a/src/utils/provideToken.js b/src/utils/provideToken.js
@@ -1,9 +1,10 @@
 import jwt from 'jsonwebtoken';
 
-const provideToken = (userId, isVerified) => {
+const provideToken = (userId, isVerified, email) => {
   const token = jwt.sign({
     id: userId,
-    isVerfied: isVerified
+    isVerified,
+    email
   }, process.env.JWTPRIVATEKEY, { expiresIn: '1d' });
   return token;
 };

diff --git a/src/utils/searchInDatabase.js b/src/utils/searchInDatabase.js