This repository has been archived by the owner on Jul 16, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #25 from newdevtech/feature/166473183/user-authent…
…ication #166473183 Add auth functionality
- Loading branch information
Showing
9 changed files
with
245 additions
and
61 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,3 @@ | ||
exclude_patterns: | ||
- 'src/database' | ||
- '**/*.spec.js' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,158 @@ | ||
import chai, { expect } from 'chai'; | ||
import chaiHttp from 'chai-http'; | ||
import models from '../../../database/models'; | ||
import server from '../../../index'; | ||
|
||
chai.use(chaiHttp); | ||
|
||
const baseUrl = '/api/v1/users'; | ||
|
||
let uniqueUser; | ||
const userRequestObject = { | ||
username: 'buttercup', | ||
email: 'buttercup@puffmail.com', | ||
firstName: 'butter', | ||
password: 'superbuttercup', | ||
}; | ||
|
||
describe('User Test Suite', () => { | ||
before(async () => { | ||
await models.sequelize.sync({ force: true }); | ||
const requestObject = { | ||
...userRequestObject, | ||
...{ | ||
username: 'uniqueUser', | ||
email: 'unique@email.com', | ||
}, | ||
}; | ||
uniqueUser = (await chai | ||
.request(server) | ||
.post(`${baseUrl}/auth/signup`) | ||
.send(requestObject)).body.user; | ||
}); | ||
|
||
describe('Input Validation', () => { | ||
it('should not signup a user with missing required field', async () => { | ||
const requestObject = { | ||
...userRequestObject, | ||
...{ username: undefined }, | ||
}; | ||
const response = await chai | ||
.request(server) | ||
.post(`${baseUrl}/auth/signup`) | ||
.send(requestObject); | ||
const errorMessage = 'username is required'; | ||
expect(response.body.error).to.equal(errorMessage); | ||
expect(response.status).to.equal(400); | ||
}); | ||
|
||
it('should not signup a user with empty param', async () => { | ||
const requestObject = { ...userRequestObject, ...{ username: '' } }; | ||
const response = await chai | ||
.request(server) | ||
.post(`${baseUrl}/auth/signup`) | ||
.send(requestObject); | ||
const errorMessage = 'username must not be empty'; | ||
expect(response.body.error).to.equal(errorMessage); | ||
expect(response.status).to.equal(400); | ||
}); | ||
|
||
it('should not signup a user with invalid email', async () => { | ||
const requestObject = { ...userRequestObject, ...{ email: 'invalid' } }; | ||
const response = await chai | ||
.request(server) | ||
.post(`${baseUrl}/auth/signup`) | ||
.send(requestObject); | ||
const errorMessage = 'Please enter a valid email'; | ||
expect(response.body.error).to.equal(errorMessage); | ||
expect(response.status).to.equal(400); | ||
}); | ||
|
||
it('should not signup a user with invalid input type', async () => { | ||
const requestObject = { ...userRequestObject }; | ||
requestObject.firstName = ['butter', 'cup']; | ||
const response = await chai | ||
.request(server) | ||
.post(`${baseUrl}/auth/signup`) | ||
.send(requestObject); | ||
const errorMessage = '[firstName] must be of type: string'; | ||
expect(response.body.error).to.equal(errorMessage); | ||
expect(response.status).to.equal(400); | ||
}); | ||
|
||
it('should not signup a user if password is less than 8', async () => { | ||
const requestObject = { ...userRequestObject, ...{ password: 'bugs' } }; | ||
const response = await chai | ||
.request(server) | ||
.post(`${baseUrl}/auth/signup`) | ||
.send(requestObject); | ||
const errorMessage = 'Your password must be at least 8 characters'; | ||
expect(response.body.error).to.equal(errorMessage); | ||
expect(response.status).to.equal(400); | ||
}); | ||
|
||
it('should not signup a user if username is not unique', async () => { | ||
const requestObject = { ...userRequestObject }; | ||
requestObject.username = uniqueUser.username; | ||
const response = await chai | ||
.request(server) | ||
.post(`${baseUrl}/auth/signup`) | ||
.send(requestObject); | ||
const errorMessage = 'username already in use'; | ||
expect(response.body.error).to.equal(errorMessage); | ||
expect(response.status).to.equal(409); | ||
}); | ||
|
||
it('should not signup a user if email is not unique', async () => { | ||
const requestObject = { ...userRequestObject }; | ||
requestObject.email = uniqueUser.email; | ||
const response = await chai | ||
.request(server) | ||
.post(`${baseUrl}/auth/signup`) | ||
.send(requestObject); | ||
const errorMessage = 'email already in use'; | ||
expect(response.body.error).to.equal(errorMessage); | ||
expect(response.status).to.equal(409); | ||
}); | ||
|
||
it('should signup a user and return token if valid inputs', async () => { | ||
const response = await chai | ||
.request(server) | ||
.post(`${baseUrl}/auth/signup`) | ||
.send(userRequestObject); | ||
expect(response.body.message).to.equal('Registration Successful!'); | ||
expect(response.body.token.length).to.be.greaterThan(0); | ||
expect(response.status).to.equal(201); | ||
}); | ||
}); | ||
|
||
describe('Login', () => { | ||
it('should not login a user with invalid credentials', async () => { | ||
const requestObject = { | ||
usernameOrEmail: uniqueUser.username, | ||
password: 'invalid-password', | ||
}; | ||
const response = await chai | ||
.request(server) | ||
.post(`${baseUrl}/auth/login`) | ||
.send(requestObject); | ||
const errorMessage = 'Invalid credentials'; | ||
expect(response.body.error).to.equal(errorMessage); | ||
expect(response.status).to.equal(401); | ||
}); | ||
|
||
it('should return token if credentials are valid', async () => { | ||
const requestObject = { | ||
usernameOrEmail: uniqueUser.username, | ||
password: userRequestObject.password, | ||
}; | ||
const response = await chai | ||
.request(server) | ||
.post(`${baseUrl}/auth/login`) | ||
.send(requestObject); | ||
expect(response.body.message).to.equal('Login Successful!'); | ||
expect(response.body.token.length).to.be.greaterThan(0); | ||
expect(response.status).to.equal(201); | ||
}); | ||
}); | ||
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
import jwt from 'jsonwebtoken'; | ||
import models from '../../database/models'; | ||
|
||
const { User } = models; | ||
|
||
const secret = process.env.SECRET_KEY; | ||
|
||
const isTokenValid = (req, res, next) => { | ||
const token = req.headers.authorization; | ||
jwt.verify(token, secret, async (err, decoded) => { | ||
let error; | ||
if (!token) { | ||
error = new Error('No token provided'); | ||
error.status = 401; | ||
return next(error); | ||
} | ||
if (err) { | ||
error = new Error('Invalid token'); | ||
error.status = 401; | ||
return next(error); | ||
} | ||
const user = await User.findByPk(decoded.id); | ||
if (!user) { | ||
error = new Error('Invalid token'); | ||
error.status = 401; | ||
return next(error); | ||
} | ||
req.decoded = decoded; | ||
return next(); | ||
}); | ||
}; | ||
|
||
export default isTokenValid; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,3 @@ | ||
export { default as notFoundRoute } from './notFoundRoute'; | ||
export { default as errorHandler } from './errorHandler'; | ||
export { default as authentication } from './authentication'; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters