feature: add a controller to create a user and make use cases encrypt…

…, decrypt and validate a password
jordimorillo · Mar 17, 2024 · 2ce9067 · 2ce9067
1 parent 97dcdc6
commit 2ce9067
Show file tree

Hide file tree

Showing 11 changed files with 93 additions and 13 deletions.
diff --git a/configuration/routes.php b/configuration/routes.php
@@ -6,7 +6,7 @@
 global $app;
 
 // Add the routes here like in the following example:
-//$app->post('/example', CreateExampleController::class);
+$app->post('/user', \Source\User\Application\Controller\CreateAUserController::class);
 //$app->delete('/example/{ExampleId}', DeleteAnExampleController::class);
 //$app->put('/example/{exampleId}', UpdateAnExampleController::class);
 //$app->get('/example/criteria/the-criteria', FindAnExampleByCriteriaController::class);
diff --git a/src/User/Application/Command/ChangePasswordCommand.php b/src/User/Application/Command/ChangePasswordCommand.php
@@ -24,6 +24,6 @@ public function getEmail(): string
 
     public function getPassword(): string
     {
-        return $this->password;
+        return password_hash($this->password, PASSWORD_DEFAULT);
     }
 }
diff --git a/src/User/Application/Command/CreateUserCommand.php b/src/User/Application/Command/CreateUserCommand.php
@@ -24,6 +24,6 @@ public function getEmail(): string
 
     public function getPassword(): string
     {
-        return $this->password;
+        return password_hash($this->password, PASSWORD_DEFAULT);
     }
 }
diff --git a/src/User/Application/Controller/CreateAUserController.php b/src/User/Application/Controller/CreateAUserController.php
@@ -0,0 +1,33 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Source\User\Application\Controller;
+
+use Exception;
+use Psr\Http\Message\ResponseInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use Source\Shared\Application\Controller;
+use Source\Shared\CQRS\CommandBus\CommandBus;
+use Source\User\Application\Command\CreateUserCommand;
+
+class CreateAUserController implements Controller
+{
+    private CommandBus $commandBus;
+
+    public function __construct(CommandBus $commandBus) {
+        $this->commandBus = $commandBus;
+    }
+
+    public function __invoke(ServerRequestInterface $request, ResponseInterface $response, array $args): ResponseInterface
+    {
+        try {
+            $parameters = json_decode($request->getBody()->getContents(), true);
+            $command = new CreateUserCommand($parameters['email'], $parameters['password']);
+            $this->commandBus->handle($command);
+            return $response->withStatus(200);
+        } catch (Exception $e) {
+            return $response->withStatus($e->getCode(), $e->getMessage());
+        }
+    }
+}
diff --git a/src/User/Application/Query/CheckPasswordQuery.php b/src/User/Application/Query/CheckPasswordQuery.php
@@ -24,6 +24,6 @@ public function getEmail(): string
 
     public function getPassword(): string
     {
-        return $this->password;
+        return password_hash($this->password, PASSWORD_DEFAULT);
     }
 }
diff --git a/src/User/Application/Query/CheckPasswordQueryHandler.php b/src/User/Application/Query/CheckPasswordQueryHandler.php
@@ -19,9 +19,13 @@ public function __construct(UserRepositoryInterface $repository)
 
     public function execute(CheckPasswordQuery $query): bool
     {
-        return $this->repository->exists(
-            new Email($query->getEmail()),
-            new Password($query->getPassword())
-        );
+        try {
+            $user = $this->repository->findByEmail(
+                new Email($query->getEmail())
+            );
+            return password_verify($user->getPassword()->toString(), $query->getPassword());
+        } catch (\Exception $e) {
+            return false;
+        }
     }
 }
diff --git a/tests/Acceptance/AcceptanceTestCase.php b/tests/Acceptance/AcceptanceTestCase.php
@@ -10,10 +10,24 @@
 
 class AcceptanceTestCase extends TestCase
 {
+    protected Client $client;
+
     protected function setUp(): void
     {
         parent::setUp();
-        MysqlClient::resetDatabase($_ENV('MYSQL_DB'));
-        $this->client = new Client();
+        self::setupDatabase();
+        MysqlClient::resetDatabase($_ENV['MYSQL_DB']);
+        $this->client = new Client([
+            'base_uri' => 'http://127.0.0.1'
+        ]);
+    }
+
+    /**
+     * @return void
+     */
+    public static function setupDatabase(): void
+    {
+        MysqlClient::connect($_ENV['MYSQL_HOST'], $_ENV['MYSQL_USER'], $_ENV['MYSQL_PASS'], (int)$_ENV['MYSQL_PORT']);
+        MysqlClient::selectDatabase($_ENV['MYSQL_DB']);
     }
 }
diff --git a/tests/User/Application/Command/ChangePasswordCommandHandlerTest.php b/tests/User/Application/Command/ChangePasswordCommandHandlerTest.php
@@ -38,6 +38,6 @@ public function testCanChangePassword(): void
         $command = new ChangePasswordCommand($this->user->getEmail()->toString(), $password);
         $this->commandHandler->execute($command);
         $actual = $this->userRepository->findById($this->user->getId());
-        self::assertEquals($password, $actual->getPassword()->toString());
+        self::assertTrue(password_verify($password, $actual->getPassword()->toString()));
     }
 }
diff --git a/tests/User/Application/Command/CreateUserCommandHandlerTest.php b/tests/User/Application/Command/CreateUserCommandHandlerTest.php
@@ -30,6 +30,6 @@ public function testCanCreateAUser(): void
         $this->commandHandler->execute($command);
         $actual = $this->userRepository->findByEmail($user->getEmail());
         self::assertEquals($user->getEmail(), $actual->getEmail());
-        self::assertEquals($user->getPassword(), $actual->getPassword());
+        self::assertTrue(password_verify($user->getPassword()->toString(), $actual->getPassword()->toString()));
     }
 }
diff --git a/tests/User/Application/Controller/CreateAUserControllerTest.php b/tests/User/Application/Controller/CreateAUserControllerTest.php
@@ -0,0 +1,26 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Tests\User\Application\Controller;
+
+use Source\Shared\MysqlClient\MysqlClient;
+use Source\User\Domain\ValueObject\Email;
+use Source\User\Infrastructure\Repository\UserRepositoryInMySQL;
+use Tests\Acceptance\AcceptanceTestCase;
+
+class CreateAUserControllerTest extends AcceptanceTestCase
+{
+    public function testCanCreateAUser(): void
+    {
+        $email = 'john@doe.com';
+        $response = $this->client->post('/user', [
+            'form_params' => [
+                'email' => $email,
+                'password' => '1234567',
+            ],
+        ]);
+
+        self::assertEquals(200, $response->getStatusCode());
+    }
+}
diff --git a/tests/User/Application/Query/CheckPasswordQueryHandlerTest.php b/tests/User/Application/Query/CheckPasswordQueryHandlerTest.php
@@ -24,7 +24,10 @@ public function setUp(): void
 
     public function testCanCheckEmailAndPassword(): void
     {
-        $command = new CheckPasswordQuery($this->user->getEmail()->toString(), $this->user->getPassword()->toString());
+        $command = new CheckPasswordQuery(
+            $this->user->getEmail()->toString(),
+            $this->user->getPassword()->toString()
+        );
         $result = $this->commandHandler->execute($command);
         self::assertTrue($result);
     }