Object endpoints (#33)

* Add cross-env for seamless Windows support

* Initial object endpoints

* Add mongodb memory server for easier testing

* Rename Object to Offer

* Add flat package

* bug fixes, flatten body before updating, better error formatting

* surname -> lastName to pass tests

* update roleCheck for easier usage

* Add authorization

* Add @types/jest package for jest suggestions in vscode

* Improve error messages

* Add tests

* fix casing to pass github actions tests

* fix auth

* reenable tests

* cleanup

* apply suggestions

.env.template

@@ -1,5 +1,4 @@
 MONGO_URL =
-MONGO_TEST_URL =
 PORT =
 JWT_SECRET =
 JWT_EXP =

package.json

@@ -9,8 +9,8 @@
   "type": "module",
   "scripts": {
     "start": "node .",
-    "dev": "NODE_ENV=development nodemon .",
-    "test": "NODE_ENV=test jest",
+    "dev": "cross-env NODE_ENV=development nodemon .",
+    "test": "cross-env NODE_ENV=test jest",
     "test:watch": "jest --watch",
     "test:coverage": "jest  --coverage",
     "postinstall": "husky install",
@@ -28,9 +28,11 @@
   "dependencies": {
     "bcrypt": "^5.0.1",
     "cors": "^2.8.5",
+    "cross-env": "^7.0.3",
     "dotenv": "^16.0.0",
     "express": "^4.17.3",
     "express-validator": "^6.14.0",
+    "flat": "^5.0.2",
     "jsonwebtoken": "^8.5.1",
     "mongoose": "^6.2.3",
     "morgan": "^1.10.0",
@@ -41,6 +43,7 @@
     "@babel/core": "^7.17.5",
     "@babel/eslint-parser": "^7.17.0",
     "@babel/preset-env": "^7.16.11",
+    "@types/jest": "^27.4.1",
     "eslint": "^8.9.0",
     "eslint-config-prettier": "^8.4.0",
     "eslint-plugin-jest": "^26.1.1",

src/app.js

@@ -2,6 +2,7 @@ import 'dotenv/config';
 import cors from 'cors';
 import morgan from 'morgan';
 import { StartRouter } from './routes/start.js';
+import { OfferRouter } from './offer/offer.router.js';
 import passport from 'passport';
 import { AuthRouter } from './auth/auth.router.js';
 import { JwtConfig } from './auth/passport.js';
@@ -10,12 +11,13 @@ import { UserRouter } from './user/user.router.js';
 export const app = express();
 
 app.use(passport.initialize());
-JwtConfig(passport);
+JwtConfig();
 app.use(cors());
 app.use(morgan('tiny'));
 app.use(express.json());
 app.use(express.urlencoded({ extended: true }));
 
 app.use('/', StartRouter);
 app.use('/auth', AuthRouter);
+app.use('/offer', OfferRouter);
 app.use('/user', UserRouter);

src/auth/auth.router.js

@@ -2,16 +2,12 @@ import { Router } from 'express';
 import { signin, signup, protectedController } from './auth.controller.js';
 import { verifyFieldsErrors } from '../middlewares/validation.middleware.js';
 import { registerValidator, loginValidator } from '../helpers/validators.js';
-import passport from 'passport';
+import { requireAuth } from './passport.js';
 
 export const AuthRouter = Router();
 
 AuthRouter.post('/register', [registerValidator, verifyFieldsErrors], signup);
 
 AuthRouter.post('/login', [loginValidator, verifyFieldsErrors], signin);
 
-AuthRouter.get(
-  '/protected',
-  passport.authenticate('jwt', { session: false }),
-  protectedController,
-);
+AuthRouter.get('/protected', requireAuth, protectedController);

src/auth/auth.test.js

@@ -1,6 +1,6 @@
 import request from 'supertest';
 import { app } from '../app.js';
-import { connect, disconnect } from '../helpers/testDbConnection.js';
+import dbConnection from '../helpers/dbConnection.js';
 
 const userBody = {
   email: `[email protected]`,
@@ -22,10 +22,10 @@ let token;
 
 describe('auth endpoints', () => {
   beforeAll(async () => {
-    await connect();
+    await dbConnection.connect();
   });
   afterAll(async () => {
-    await disconnect();
+    await dbConnection.disconnect();
   });
 
   it('should allow a POST to /auth/register with correct data', async () => {

src/auth/passport.js

@@ -1,7 +1,8 @@
 import { Strategy, ExtractJwt } from 'passport-jwt';
+import passport from 'passport';
 import { User } from '../user/user.model.js';
 
-export const JwtConfig = (passport) => {
+export const JwtConfig = () => {
   const options = {
     jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
     secretOrKey: process.env.JWT_SECRET,
@@ -10,7 +11,7 @@ export const JwtConfig = (passport) => {
   const JwtStrategy = () =>
     new Strategy(options, async (payload, done) => {
       try {
-        const user = await User.findOne({ id: payload.id });
+        const user = await User.findOne({ _id: payload.id });
         if (user) {
           return done(null, user);
         } else {
@@ -23,3 +24,14 @@ export const JwtConfig = (passport) => {
 
   passport.use(JwtStrategy());
 };
+
+export const requireAuth = (req, res, next) => {
+  passport.authenticate('jwt', { session: false }, function (err, user, info) {
+    if (err || !user?.role) {
+      return res.status(401).json({ message: 'Unauthorized', errors: [info] });
+    } else {
+      req.user = user;
+      return next();
+    }
+  })(req, res, next);
+};

src/helpers/dbConnection.js

@@ -1,21 +1,9 @@
-import mongoose from 'mongoose';
+import * as productionDbConnection from './productionDbConnection.js';
+import * as testDbConnection from './testDbConnection.js';
 
-const dbUri =
-  process.env.NODE_ENV === 'test'
-    ? process.env.MONGO_TEST_URL
-    : process.env.MONGO_URL;
+const dbConnection =
+  process.env.NODE_ENV === 'production'
+    ? productionDbConnection
+    : testDbConnection;
 
-export const dbConnection = async () => {
-  try {
-    await mongoose.connect(dbUri, {
-      useNewUrlParser: true,
-      useUnifiedTopology: true,
-    });
-  } catch (error) {
-    console.log(error.message);
-  }
-};
-
-export const closeConnection = () => {
-  return mongoose.disconnect();
-};
+export default dbConnection;

src/helpers/productionDbConnection.js

@@ -0,0 +1,16 @@
+import mongoose from 'mongoose';
+
+export const connect = async () => {
+  try {
+    await mongoose.connect(process.env.MONGO_URL, {
+      useNewUrlParser: true,
+      useUnifiedTopology: true,
+    });
+  } catch (error) {
+    console.log(error.message);
+  }
+};
+
+export const disconnect = () => {
+  return mongoose.disconnect();
+};