andrewjford · andrewjford · Jun 17, 2019 · May 5, 2019 · May 11, 2019 · May 11, 2019
diff --git a/.babelrc b/.babelrc
@@ -1,3 +1,12 @@
 {
-  "presets": ["@babel/preset-env"] 
+  "presets": [
+    [
+      "@babel/preset-env",
+      {
+        "targets": {
+          "node": true
+        }
+      }
+    ]
+  ] 
 }
diff --git a/.gitignore b/.gitignore
@@ -3,7 +3,7 @@
 
 # misc
 .env
-dump
+.dump
 
 npm-debug.log*
 yarn-debug.log*

diff --git a/default_env b/default_env
@@ -0,0 +1,3 @@
+DATABASE_URL
+SECRET_KEY
+EMAIL_VERIFICATION_TOKEN
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -12,25 +12,29 @@
   "author": "Andrew Ford",
   "license": "ISC",
   "dependencies": {
-    "@babel/polyfill": "^7.4.0",
+    "@babel/polyfill": "^7.4.4",
+    "@sendgrid/mail": "^6.4.0",
     "bcryptjs": "^2.4.3",
+    "body-parser": "^1.19.0",
     "cors": "^2.8.5",
-    "dotenv": "^6.2.0",
+    "dotenv": "^8.0.0",
     "email-validator": "^2.0.4",
     "express": "^4.16.4",
     "express-rate-limit": "^3.5.0",
     "jsonwebtoken": "^8.5.0",
-    "moment": "^2.22.2",
-    "pg": "^7.7.1",
+    "moment": "^2.24.0",
+    "pg": "^7.11.0",
+    "pg-hstore": "^2.3.2",
+    "sequelize": "^5.8.6",
     "uuid": "^3.3.2"
   },
   "devDependencies": {
-    "@babel/cli": "^7.2.3",
-    "@babel/core": "^7.4.0",
+    "@babel/cli": "^7.4.4",
+    "@babel/core": "^7.4.4",
     "@babel/node": "^7.2.2",
-    "@babel/preset-env": "^7.4.2",
+    "@babel/preset-env": "^7.4.4",
     "jest": "^24.5.0",
-    "nodemon": "^1.18.10",
+    "nodemon": "^1.19.0",
     "supertest": "^4.0.2"
   }
 }
diff --git a/src/app.js b/src/app.js
@@ -2,10 +2,15 @@ import "@babel/polyfill";
 import express from 'express';
 import routes from './routes/index';
 import cors from 'cors';
+import bodyParser from 'body-parser';
+import { sequelize } from './models/models';
 
 const app = express();
 
+sequelize.sync();
+
 app.use(express.json());
+app.use(bodyParser.urlencoded({ extended: false }));
 app.use(cors());
 app.enable("trust proxy");
 app.use('/', routes);

diff --git a/src/controllers/AccountController.js b/src/controllers/AccountController.js
@@ -1,21 +1,86 @@
 import AccountModel from '../models/AccountModel';
 import AccountValidator from '../validators/AccountValidator';
+import VerificationTokenController from './VerificationTokenController';
+import db from '../services/dbService';
+import models from '../models/models';
+import bcrypt from 'bcryptjs';
+import jwt from 'jsonwebtoken';
+import mailer from '../services/mailer';
+import CategoryModel from '../models/CategoryModel';
 
 const AccountController = {
+  async validateAccount(req, res) {
+    const query = `SELECT v.*, a.*
+      FROM verification_tokens v 
+      LEFT JOIN accounts a ON v.account_id = a.id
+      WHERE v.token = $1`;
+    const { rows } = await db.query(query, [req.query.token]);
+
+    if (rows && rows.length > 0) {
+      try {
+        const updatedAccount = await models.Account.update(
+          {isVerified: true},
+          {where: {id: rows[0].id}}
+        );
+
+        models.VerificationToken.destroy({
+          where: {account_id: rows[0].id}
+        });
+        return res.status(200).send({message: "email successfully verified"});
+      } catch(error) {
+        console.log('error updating account... '+error);
+        return res.status(500).send({message: "internal server error"});
+      }
+    } else {
+      return res.status(400).send({message: "Unable to resolve email verification."});
+    }
+  },
+
   async create(req, res) {
     const errors = AccountValidator.onCreate(req);
     if (errors.length > 0) {
       return res.status(422).send({ message: errors });
     }
 
     try {
-      const modelResponse = await AccountModel.create(req);
-      return res.status(201).send(modelResponse);
+      const password = await bcrypt.hash(req.body.password, 10);
+      const account = await models.Account.create({
+        name: req.body.name,
+        email: req.body.email,
+        password,
+      })
+      .catch(error => {
+        if (error.parent.code === '23505') {
+          return res.status(422).send({message: ["A user already exists for this email."]});
+        } else {
+          throw Error(error);
+        }
+      });
+
+      const verificationTokenModel = await VerificationTokenController.create(req, res, account);
+      mailer.sendVerificationMessage(account.email, verificationTokenModel.token)
+        .catch(error => {
+          console.log(`error sending email: ${error}`);
+          return res.status(500).send({message: "Error sending email."});
+        });
+
+      CategoryModel.create({
+        body: {
+          name: "Groceries",
+        },
+        accountId: account.id
+      });
+
+      const tokenExpiration = 24*60*60;
+      const token = jwt.sign({id: account.id}, process.env.SECRET_KEY, {expiresIn: tokenExpiration});
+
+      return res.status(201).send({
+        user: account, // prob need to strip this down
+        token,
+        tokenExpiration
+      });
     } catch(error) {
-      if (error.code === '23505') {
-        return res.status(422).send({message: ["A user already exists for this email."]});
-      }
-      return res.status(400).send("error creating user");
+      return res.status(400).send({message: ["error creating user"]});
     }
   },
 
@@ -41,7 +106,7 @@ const AccountController = {
     try {
       const result = await AccountModel.delete(req);
       if(result.rowCount === 0) {
-        return res.status(404).send({'message': 'category not found'});
+        return res.status(404).send({'message': 'account not found'});
       }
       return res.status(204).send({ 'message': 'deleted' });
     } catch(error) {

diff --git a/src/controllers/VerificationTokenController.js b/src/controllers/VerificationTokenController.js
@@ -0,0 +1,44 @@
+import models from '../models/models';
+import mailer from '../services/mailer';
+import bcrypt from 'bcryptjs';
+
+const VerificationTokenController = {
+  async resendEmailVerification(req, res) {
+    const account = await models.Account.findOne({
+      where: {email: req.query.email},
+      include: [{
+        model: models.VerificationToken,
+        as: "VerificationToken",
+      }],
+    });
+
+    if (account && account.VerificationToken) {
+      mailer.sendVerificationMessage(account.email, account.VerificationToken.token)
+        .then(() => {
+          return res.status(200).send({message: "Verification email sent."});
+        });
+    } else if (account) {
+      const newVerificationToken = await this.create(req, res, account);
+      mailer.sendVerificationMessage(account.email, newVerificationToken.token)
+        .then(() => {
+          return res.status(200).send({message: "Verification email sent."});
+        });
+    } else {
+      return res.status(404).send({message: "Account not found for given email."});
+    }
+  },
+
+  async create(req, res, account) {
+    const newToken = await bcrypt.hash(account.email, 10);
+    return models.VerificationToken.create({
+        token: newToken,
+        account_id: account.id
+      })
+      .catch(error => {
+        console.log(`error creating verification token: ${error}`);
+        return res.status(500).send({message: "Internal Server error."});
+      });
+  }
+}
+
+export default VerificationTokenController;
diff --git a/src/db/db.sql b/src/db/db.sql
@@ -4,13 +4,13 @@ CREATE TABLE IF NOT EXISTS users (
   email text UNIQUE, 
   password text, 
   created_date timestamptz NOT NULL DEFAULT NOW(), 
-  modified_date timestamptz NOT NULL DEFAULT NOW()
+  updated_at timestamptz NOT NULL DEFAULT NOW()
   );
 
 CREATE OR REPLACE FUNCTION trigger_set_timestamp()
   RETURNS TRIGGER AS $$
   BEGIN
-    NEW.modified_date = NOW();
+    NEW.updated_at = NOW();
     RETURN NEW;
   END;
   $$ LANGUAGE plpgsql;

diff --git a/src/db/user_email_verification.sql b/src/db/user_email_verification.sql
@@ -0,0 +1,15 @@
+ALTER TABLE accounts ADD COLUMN is_verified BOOLEAN;
+
+CREATE TABLE IF NOT EXISTS verification_tokens (
+  id SERIAL PRIMARY KEY,
+  token text NOT NULL, 
+  account_id INTEGER REFERENCES accounts(id) NOT NULL,
+  created_date timestamptz NOT NULL DEFAULT NOW()
+  );
+
+ALTER TABLE accounts ALTER COLUMN is_verified SET DEFAULT FALSE;
+
+
+UPDATE accounts
+SET is_verified = DEFAULT
+WHERE is_verified IS NULL;
diff --git a/src/models/Account.js b/src/models/Account.js
@@ -0,0 +1,23 @@
+import Sequelize from 'sequelize';
+
+const account = (sequelize, DataTypes) => {
+  class Account extends Sequelize.Model {}
+  Account.init({
+    name: DataTypes.TEXT,
+    email: DataTypes.TEXT,
+    password: DataTypes.TEXT,
+    isVerified: {type: DataTypes.BOOLEAN, defaultValue: false},
+  }, {
+    underscored: true,
+    sequelize,
+    modelName: "account",
+  });
+
+  Account.associations = models => {
+    Account.hasOne(models.VerificationToken);
+  }
+
+  return Account;
+}
+
+export default account;
diff --git a/src/models/AccountModel.js b/src/models/AccountModel.js
@@ -1,6 +1,8 @@
 import db from '../services/dbService';
 import bcrypt from 'bcryptjs';
 import jwt from 'jsonwebtoken';
+import models from '../models/models';
+import mailer from '../services/mailer';
 
 const AccountModel = {
   async create(req) {
@@ -17,6 +19,14 @@ const AccountModel = {
     ];
 
     const { rows } = await db.query(sqlString, values);
+    const verificationToken = await bcrypt.hash(rows[0].email, 10);
+    const verificationTokenModel = await models.VerificationToken.create({
+      token: verificationToken,
+      account_id: rows[0].id,
+    });
+
+    mailer.sendVerificationMessage(rows[0].email, verificationTokenModel.token);
+
     const tokenExpiration = 24*60*60;
     const token = jwt.sign({id: rows[0].id}, process.env.SECRET_KEY, {expiresIn: tokenExpiration});
 
@@ -37,6 +47,9 @@ const AccountModel = {
     return db.query(queryText, [email]);
   },
 
+  async update(req) {
+  },
+
   async delete(req) {
     const deleteQuery = 'DELETE FROM accounts WHERE id = $1';
     return db.query(deleteQuery, [req.accountId]);
@@ -63,6 +76,19 @@ const AccountModel = {
       token,
       tokenExpiration
     };
+  },
+
+  async validateAccount(req) {
+    const query = `SELECT v.*, a.*
+      FROM verification_tokens v 
+      LEFT JOIN accounts a ON v.account_id = a.id
+      WHERE v.token = $1`;
+    const { rows } = await db.query(query, [req.query.token]);
+    if (rows && rows.length > 0) {
+      // update account
+      // delete verification token
+      console.log(rows[0]);
+    }
   }
 }
 

diff --git a/src/models/VerificationToken.js b/src/models/VerificationToken.js
@@ -0,0 +1,25 @@
+import Sequelize from 'sequelize';
+
+const verificationToken = (sequelize, DataTypes) => {
+  class VerificationToken extends Sequelize.Model {}
+  VerificationToken.init({
+    token: DataTypes.TEXT,
+  }, {
+    underscored: true,
+    sequelize,
+    modelName: "verification_token",
+  });
+
+  VerificationToken.associate = models => {
+    VerificationToken.belongsTo(models.Account, {
+      foreignKey: {
+        name: 'account_id',
+        allowNull: false,
+      },
+    });
+  }
+
+  return VerificationToken;
+}
+
+export default verificationToken;
diff --git a/src/models/models.js b/src/models/models.js
@@ -0,0 +1,22 @@
+import Sequelize from 'sequelize';
+
+const sequelize = new Sequelize(
+  process.env.DATABASE_URL,
+  {
+    dialect: 'postgres',
+  },
+);
+
+const models = {
+  Account: sequelize.import('./Account'),
+  VerificationToken: sequelize.import('./VerificationToken'),
+};
+
+Object.keys(models).forEach(key => {
+  if ('associate' in models[key]) {
+    models[key].associate(models);
+  }
+});
+
+export { sequelize };
+export default models;