learnsoftwaredevelopment · JonathanLeeWH · Nov 10, 2020 · Nov 9, 2020 · Nov 10, 2020 · Nov 10, 2020
diff --git a/.github/ci/docker-compose-test-ci.yml b/.github/ci/docker-compose-test-ci.yml
@@ -0,0 +1,27 @@
+version: '3.8'
+
+services:
+  mongo:
+    image: mongo
+    restart: always
+    environment:
+      MONGO_INITDB_ROOT_USERNAME: root
+      MONGO_INITDB_ROOT_PASSWORD: password
+    volumes:
+      - db-data:/data/db
+
+  app:
+    depends_on:
+      - mongo
+    build:
+      context: '${GITHUB_WORKSPACE}'
+      dockerfile: Dockerfile-ci
+    environment:
+      - TEST_FIREBASE_CLIENT_API_KEY=${TEST_FIREBASE_CLIENT_API_KEY}
+      - GOOGLE_APPLICATION_CREDENTIALS=${GOOGLE_APPLICATION_CREDENTIALS}
+    ports:
+      - 8080:8080
+    command: 'npm run test-ci'
+
+volumes:
+  db-data:
diff --git a/.github/ci/firebase.gpg b/.github/ci/firebase.gpg
diff --git a/.github/scripts/decrypt_firebase_secret.sh b/.github/scripts/decrypt_firebase_secret.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+# Script to decrypt firebase secret
+
+# Create the environment and decrypt the file
+mkdir $HOME/secrets
+gpg --quiet --batch --yes --decrypt --passphrase="$DECRYPTION_PASSPHRASE" --output firebase_secret.json ./.github/ci/firebase.gpg
diff --git a/.github/workflows/app-test-container.yml b/.github/workflows/app-test-container.yml
@@ -22,5 +22,13 @@ jobs:
       - name: docker layer caching
         uses: satackey/action-docker-layer-caching@v0.0.8
         continue-on-error: true
+      - name: descrypt firebase secret
+        run: ./.github/scripts/decrypt_firebase_secret.sh
+        env:
+          DECRYPTION_PASSPHRASE: ${{ secrets.DECRYPTION_PASSPHRASE }}
       - name: Run test in container
-        run: docker-compose --file docker-compose-test-ci.yml up --build --exit-code-from app
+        shell: bash
+        env:
+          TEST_FIREBASE_CLIENT_API_KEY: ${{ secrets.TEST_FIREBASE_CLIENT_API_KEY }}
+          GOOGLE_APPLICATION_CREDENTIALS: ./firebase_secret.json
+        run: docker-compose --file ./.github/ci/docker-compose-test-ci.yml up --build --exit-code-from app
diff --git a/.gitignore b/.gitignore
@@ -102,3 +102,6 @@ dist
 
 # TernJS port file
 .tern-port
+
+# custom
+*firebase-adminsdk*.json
diff --git a/Dockerfile b/Dockerfile
@@ -21,9 +21,9 @@ COPY . .
 # The container environmental variables.
 ENV PORT=8080
 ENV MONGODB_URI=mongodb://root:password@mongo:27017/softwareRepository?authSource=admin
-ENV BCRYPT_SALT_ROUNDS=YOUR_BCRYPT_SALT_ROUNDS
 ENV TEST_MONGODB_URI=mongodb://root:password@mongo:27017/softwareRepositoryTest?authSource=admin
-ENV JWT_SECRET=YOUR_JWT_SECRET
+ENV TEST_FIREBASE_CLIENT_API_KEY=YOUR_TEST_FIREBASE_CLIENT_API_KEY
+ENV GOOGLE_APPLICATION_CREDENTIALS=YOUR_GOOGLE_SERVICE_ACCOUNT_FILE_PATH
 
 # The container listens on port 8080.
 EXPOSE 8080

diff --git a/Dockerfile-ci b/Dockerfile-ci
@@ -0,0 +1,34 @@
+# SoftwareRepository's Dockerfile
+# With comments to aid in my learning of docker.
+
+# To use official nodejs base docker image.
+FROM node:12
+
+# The working directory where any subsequent instructions in the Dockerfile will be executed on.
+WORKDIR /app
+
+# I want to install dependencies first so they can be cache.
+# Hence, I copy the package.json file first to the work directory for installing the dependencies in the subsequent command (npm install).
+COPY package.json .
+
+# Run npm install to install the dependencies specified in package.json
+RUN npm install
+
+# After the dependencies are installed, I copy over the source code of the web application to the current working directory.
+# Note: In this case, I add .dockerignore file (similar to .gitignore) and add node_modules to the .dockerignore file so that my local node_modules directory will not be copied to the container's working directory.
+COPY . .
+
+# The container environmental variables.
+ENV PORT=8080
+ENV MONGODB_URI=mongodb://root:password@mongo:27017/softwareRepository?authSource=admin
+ENV TEST_MONGODB_URI=mongodb://root:password@mongo:27017/softwareRepositoryTest?authSource=admin
+ENV TEST_FIREBASE_CLIENT_API_KEY=YOUR_TEST_FIREBASE_CLIENT_API_KEY
+ENV GOOGLE_APPLICATION_CREDENTIALS=YOUR_GOOGLE_SERVICE_ACCOUNT_FILE_PATH
+
+# The container listens on port 8080.
+EXPOSE 8080
+
+# Should only have one cmd in a Dockerfile. Tells container how to run the application.
+# In this case, the command is npm start.
+# An exec form (Array of strings). It does not start up a shell session unlike run.
+CMD ["npm", "start"]
diff --git a/app.js b/app.js
@@ -10,8 +10,8 @@ const usersRouter = require('./routes/api/users');
 
 const middleware = require('./utils/middleware');
 const logger = require('./utils/logger');
-const loginRouter = require('./routes/api/auth');
-const softwaresRouter = require('./routes/api/softwares');
+const authRouter = require('./routes/api/auth');
+const softwareRouter = require('./routes/api/software');
 
 const app = express();
 
@@ -59,8 +59,8 @@ app.use(
 // Routes
 app.use(rootRouter);
 app.use('/api/users', usersRouter);
-app.use('/api/auth', loginRouter);
-app.use('/api/softwares', softwaresRouter);
+app.use('/api/auth', authRouter);
+app.use('/api/software', softwareRouter);
 
 app.use(middleware.unknownEndPoint);
 app.use(middleware.errorHandler);

diff --git a/controllers/api/authController.js b/controllers/api/authController.js
@@ -15,10 +15,9 @@ const postAuth = async (req, res) => {
     },
   );
 
-  const passwordCorrect =
-    user === null
-      ? false
-      : await bcrypt.compare(body.password, user.passwordHash);
+  const passwordCorrect = user === null
+    ? false
+    : await bcrypt.compare(body.password, user.passwordHash);
 
   if (!(user && passwordCorrect)) {
     return res.status('401').json({

diff --git a/controllers/api/softwaresController.js → controllers/api/softwareController.js b/controllers/api/softwaresController.js → controllers/api/softwareController.js
@@ -3,7 +3,7 @@ const Software = require('../../models/software');
 const User = require('../../models/user');
 const databaseUtils = require('../../utils/databaseUtils');
 
-const getSoftwares = async (req, res) => {
+const getSoftware = async (req, res) => {
   const softwares = await Software.find({})
     .populate('meta.addedByUser', {
       username: 1,
@@ -16,9 +16,9 @@ const getSoftwares = async (req, res) => {
   res.status(200).json(softwares);
 };
 
-const postSoftwares = async (req, res) => {
+const postSoftware = async (req, res) => {
   const { body } = req;
-  const userId = body.decodedToken.id;
+  const userId = body.decodedToken.backendId;
 
   // Refer to software Model for required parameters.
   const softwareObject = {
@@ -60,10 +60,10 @@ const postSoftwares = async (req, res) => {
   return res.status(201).json(saved);
 };
 
-const putSoftware = async (req, res) => {
+const patchSoftwareById = async (req, res) => {
   const { id } = req.params;
   const { body } = req;
-  const userId = body.decodedToken.id;
+  const userId = body.decodedToken.backendId;
 
   // To configure dotObject transformation to not modify how the array is represented.
   dotObject.keepArray = true;
@@ -103,7 +103,7 @@ const putSoftware = async (req, res) => {
   return res.status(200).json(updated);
 };
 
-const getSoftware = async (req, res) => {
+const getSoftwareById = async (req, res) => {
   const { id } = req.params;
 
   const software = await Software.findById(id);
@@ -120,7 +120,7 @@ const getSoftware = async (req, res) => {
   return res.status(200).json(response);
 };
 
-const deleteSoftware = async (req, res) => {
+const deleteSoftwareById = async (req, res) => {
   const { id } = req.params;
 
   const response = await Software.findByIdAndDelete(id);
@@ -136,9 +136,9 @@ const deleteSoftware = async (req, res) => {
 };
 
 module.exports = {
-  getSoftwares,
-  postSoftwares,
-  putSoftware,
   getSoftware,
-  deleteSoftware,
+  postSoftware,
+  patchSoftwareById,
+  getSoftwareById,
+  deleteSoftwareById,
 };
diff --git a/controllers/api/usersController.js b/controllers/api/usersController.js
@@ -1,6 +1,6 @@
-const bcrypt = require('bcrypt');
 const User = require('../../models/user');
-const config = require('../../utils/config');
+const firebaseAdmin = require('../../utils/firebaseConfig');
+const jwtUtils = require('../../utils/jwtUtils');
 
 const getUsers = async (req, res) => {
   const users = await User.find({})
@@ -16,30 +16,27 @@ const getUsers = async (req, res) => {
 const postUsers = async (req, res) => {
   const { body } = req;
 
-  if (!body.password) {
-    return res.status(400).json({
-      error: '`password` is required.',
-    });
-  }
+  const authToken = jwtUtils.getReqAuthToken(req);
+  const decodedToken = await jwtUtils.verifyAuthToken(authToken, false);
 
-  if (body.password.length < 8) {
-    return res.status(400).json({
-      error: 'Password has to be at least 8 characters long.',
-    });
-  }
+  const response = await firebaseAdmin.auth().getUser(decodedToken.uid);
 
-  const saltRounds = config.BCRYPT_SALT_ROUNDS;
-  const passwordHash = await bcrypt.hash(body.password, saltRounds);
+  const userRecord = response.toJSON();
 
   const user = new User({
     username: body.username,
-    name: body.name,
-    email: body.email,
-    passwordHash,
+    name: userRecord.displayName,
+    email: userRecord.email,
+    firebaseUid: userRecord.uid,
   });
 
   const savedUser = await user.save();
 
+  // Set custom claim with backend user id (different from firebase user id)
+  await firebaseAdmin
+    .auth()
+    .setCustomUserClaims(decodedToken.uid, { backendId: savedUser.id });
+
   return res.status(201).json(savedUser);
 };
 

diff --git a/docker-compose-test-ci.yml b/docker-compose-test-ci.yml
diff --git a/jest.config.js b/jest.config.js
@@ -1,3 +1,4 @@
 module.exports = {
   testEnvironment: 'node',
+  testPathIgnorePatterns: ['<rootDir>/tests/api/disabledAPINotTested'],
 };
diff --git a/models/software.js b/models/software.js
@@ -41,14 +41,10 @@ const softwareSchema = new mongoose.Schema(
       ],
       required: [true, 'Software homepage url is required'],
     },
-    platforms: {
-      type: [
-        {
-          type: String,
-          trim: true,
-          lowercase: true,
-        },
-      ],
+    platform: {
+      type: String,
+      trim: true,
+      lowercase: true,
       required: [true, 'Software platform is required'],
     },
     isActiveDevelopment: {

diff --git a/models/user.js b/models/user.js
@@ -32,9 +32,14 @@ const userSchema = new mongoose.Schema(
       validate: [isEmail, 'A valid email address is required'],
       set: (value) => normalizeEmail(value),
     },
-    passwordHash: {
+    password: {
       type: String,
-      required: [true, 'Password hash is required'],
+      default: '',
+    },
+    firebaseUid: {
+      type: String,
+      required: [true, 'firebase user id is required.'],
+      unique: true,
     },
     roles: {
       type: [
@@ -110,7 +115,7 @@ userSchema.set('toJSON', {
     returnedObject.id = returnedObject._id.toString();
     delete returnedObject._id;
     delete returnedObject.__v;
-    delete returnedObject.passwordHash;
+    delete returnedObject.password;
   },
 });