166

ticketing/auth/package.json

@@ -10,11 +10,15 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
+    "@types/cookie-session": "^2.0.39",
     "@types/express": "^4.17.3",
+    "@types/jsonwebtoken": "^8.3.8",
     "@types/mongoose": "^5.7.8",
+    "cookie-session": "^1.4.0",
     "express": "^4.17.1",
     "express-async-errors": "^3.1.1",
     "express-validator": "^6.4.0",
+    "jsonwebtoken": "^8.5.1",
     "mongoose": "^5.9.7",
     "ts-node-dev": "^1.0.0-pre.44",
     "typescript": "^3.8.3"

ticketing/auth/src/index.ts

@@ -2,6 +2,7 @@ import express from 'express';
 import 'express-async-errors';
 import { json } from 'body-parser';
 import mongoose from 'mongoose';
+import cookieSession from 'cookie-session';
 
 import { currentUserRouter } from './routes/current-user';
 import { signinRouter } from './routes/signin';
@@ -11,7 +12,14 @@ import { errorHandler } from './middlewares/error-handler';
 import { NotFoundError } from './errors/not-found-error';
 
 const app = express();
+app.set('trust proxy', true);
 app.use(json());
+app.use(
+  cookieSession({
+    signed: false,
+    secure: true
+  })
+);
 
 app.use(currentUserRouter);
 app.use(signinRouter);
@@ -25,6 +33,10 @@ app.all('*', async (req, res) => {
 app.use(errorHandler);
 
 const start = async () => {
+  if (!process.env.JWT_KEY) {
+    throw new Error('JWT_KEY must be defined');
+  }
+
   try {
     await mongoose.connect('mongodb://auth-mongo-srv:27017/auth', {
       useNewUrlParser: true,

ticketing/auth/src/middlewares/validate-request.ts

@@ -0,0 +1,17 @@
+import { Request, Response, NextFunction } from 'express';
+import { validationResult } from 'express-validator';
+import { RequestValidationError } from '../errors/request-validation-error';
+
+export const validateRequest = (
+  req: Request,
+  res: Response,
+  next: NextFunction
+) => {
+  const errors = validationResult(req);
+
+  if (!errors.isEmpty()) {
+    throw new RequestValidationError(errors.array());
+  }
+
+  next();
+};

ticketing/auth/src/models/user.ts

@@ -21,16 +21,28 @@ interface UserDoc extends mongoose.Document {
   password: string;
 }
 
-const userSchema = new mongoose.Schema({
-  email: {
-    type: String,
-    required: true
+const userSchema = new mongoose.Schema(
+  {
+    email: {
+      type: String,
+      required: true
+    },
+    password: {
+      type: String,
+      required: true
+    }
   },
-  password: {
-    type: String,
-    required: true
+  {
+    toJSON: {
+      transform(doc, ret) {
+        ret.id = ret._id;
+        delete ret._id;
+        delete ret.password;
+        delete ret.__v;
+      }
+    }
   }
-});
+);
 
 userSchema.pre('save', async function(done) {
   if (this.isModified('password')) {

ticketing/auth/src/models/users.ts

@@ -15,15 +15,23 @@ interface UserDoc extends mongoose.Document {
 }
 
 const userSchema = new mongoose.Schema({
-  email: {
-    type: String,
-    required: true
+    email: {
+      type: String,
+      required: true
+    },
+    password: {
+      type: String,
+      required: true
+    },
   },
-  password: {
-    type: String,
-    required: true
-  }
-});
+  {
+    toJSON: {
+      transform(doc, ret) {
+        delete ret.password;
+        delete ret.__v;
+      }
+    }
+  });
 userSchema.statics.build = (attrs: UserAttrs) => {
   return new User(attrs);
 };

ticketing/auth/src/routes/signin.ts

@@ -1,9 +1,23 @@
-import express from 'express';
+import express, { Request, Response } from 'express';
+import { body } from 'express-validator';
+
+import { validateRequest } from '../middlewares/validate-request';
 
 const router = express.Router();
 
-router.post('/api/users/signin', (req, res) => {
-  res.send('Hi there!');
-});
+router.post(
+  '/api/users/signin',
+  [
+    body('email')
+      .isEmail()
+      .withMessage('Email must be valid'),
+    body('password')
+      .trim()
+      .notEmpty()
+      .withMessage('You must supply a password')
+  ],
+  validateRequest,
+  (req: Request, res: Response) => {}
+);
 
 export { router as signinRouter };