Resume
/
sub-manager-backend
2
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: Resume:master
Branches Tags
Resume:master
Resume:auth
Resume:DO-jwt-tut
Resume:jwt
...
pull from: Resume:DO-jwt-tut
Branches Tags
Resume:auth
Resume:DO-jwt-tut
Resume:jwt
Resume:master

7 Commits
master ... DO-jwt-tut

Author SHA1 Message Date
andrzej cbcdd646c3 rename endpoints 2024-05-27 16:12:44 +02:00
andrzej 5a406be06e translate tutorial to node/sql framework 2024-05-27 16:12:11 +02:00
andrzej c749adff34 protect endpoint 2024-05-27 15:20:24 +02:00
andrzej 68f77317a3 translate form tutorial 2024-05-27 15:05:40 +02:00
andrzej a468f037c6 add users table 2024-05-27 12:50:36 +02:00
andrzej 66aff04910 translate to async/await, knex db calls 2024-05-27 12:50:20 +02:00
andrzej da3da0c7c6 begin implementing jwt strategy 2024-05-23 12:55:11 +02:00
11 changed files with 1920 additions and 467 deletions
Show Stats Expand all files Collapse all files

77
auth/auth.mjs Normal file
View File

@ -0,0 +1,77 @@
import passport from "passport";
import * as passportLocal from "passport-local";
import { db } from "../db.mjs";
import logger from "../logger.mjs";
import bcrypt from "bcrypt";
//This code saves the information provided by the user to the database, and then sends the user information to the next middleware if successful.
passport.use(
"signup",
new localStrategy(
{
usernameField: "email",
passwordField: "password",
},
async (email, password, done) => {
try {
const user = await db("users").insert({ email, password });
return done(null, user);
} catch (error) {
done(error);
}
},
),
);
async function isValidPwd(user, pwd) {
return bcrypt.compare(pwd, user.password);
}
passport.use(
"login",
new localStrategy(
{
usernameField: "email",
passwordField: "password",
},
async (email, password, done) => {
try {
const user = await db("users").select("*").where({ email });
if (user.length === 0) {
return done(null, false, { message: "User not found" });
}
user = user[0];
const validate = await isValidPwd(user, password);
if (!validate) {
return done(null, false, { message: "Wrong Password" });
}
return done(null, user, { message: "Logged in Successfully" });
} catch (error) {
return done(error);
}
},
),
);
// ...
const JWTstrategy = require("passport-jwt").Strategy;
const ExtractJWT = require("passport-jwt").ExtractJwt;
//This code uses passport-jwt to extract the JWT from the query parameter. It then verifies that this token has been signed with the secret or key set during logging in (TOP_SECRET). If the token is valid, the user details are passed to the next middleware.
passport.use(
new JWTstrategy(
{
secretOrKey: "TOP_SECRET",
jwtFromRequest: ExtractJWT.fromUrlQueryParameter("secret_token"),
},
async (token, done) => {
try {
return done(null, token.user);
} catch (error) {
done(error);
}
},
),
);

3
config/jwtConfig.mjs Normal file
View File

@ -0,0 +1,3 @@
export default {
secret: "jwt-secret",
};

166
config/passport.mjs Normal file
View File

@ -0,0 +1,166 @@
import bcrypt from "bcrypt";
import jwtSecret from "./jwtConfig";
const BCRYPT_SALT_ROUNDS = 12;
import { db } from "../db.mjs";
import logger from "../logger.mjs";
const passport = require("passport");
const LocalStrategy = require("passport-local").Strategy;
const JWTstrategy = require("passport-jwt").Strategy;
const ExtractJWT = require("passport-jwt").ExtractJwt;
const User = require("../sequelize");
passport.use(
"register",
new LocalStrategy(
{
usernameField: "username",
passwordField: "password",
passReqToCallback: true,
session: false,
},
async (req, username, password, done) => {
try {
let user = await db("users").where({ username }).select("*");
if (user.length > 0) {
logger.warn("username already taken");
return done(null, false, { message: "username already taken" });
}
user = user[0];
const hashedPwd = await bcrypt.hash(password, BCRYPT_SALT_ROUNDS);
const userCreated = await db("users").insert({
username,
password: hashedPwd,
});
logger.info(`user ${username} created`);
return done(null, userCreated);
// User.findOne({
// where: {
// [Op.or]: [
// {
// username,
// },
// { email: req.body.email },
// ],
// },
// }).then((user) => {
// if (user != null) {
// console.log("username or email already taken");
// return done(null, false, {
// message: "username or email already taken",
// });
// }
// bcrypt.hash(password, BCRYPT_SALT_ROUNDS).then((hashedPassword) => {
// User.create({
// username,
// password: hashedPassword,
// email: req.body.email,
// }).then((user) => {
// console.log("user created");
// return done(null, user);
// });
// });
// });
} catch (err) {
return done(err);
}
},
),
);
passport.use(
"login",
new LocalStrategy(
{
usernameField: "username",
passwordField: "password",
session: false,
},
async (username, password, done) => {
try {
const user = db("users").select("*").where({ username });
if (user.length === 0) {
logger.info(`username ${username} does not exist`);
return done(null, false, { message: "bad username" });
}
user = user[0];
const pwdMatch = await bcrypt.compare(password, user.password);
if (pwdMatch !== true) {
logger.info(`passwords do not match`);
return done(null, false, { message: "passwords do not match" });
}
logger.info(`password found and authenticated`);
return done(null, user);
} catch (err) {
done(err);
}
},
),
);
// User.findOne({
// where: {
// username,
// },
// }).then((user) => {
// if (user === null) {
// return done(null, false, { message: "bad username" });
// }
// bcrypt.compare(password, user.password).then((response) => {
// if (response !== true) {
// console.log("passwords do not match");
// return done(null, false, { message: "passwords do not match" });
// }
// console.log("user found & authenticated");
// return done(null, user);
// });
// });
// } catch (err) {
// done(err);
// }
// },
// ),
// );
const opts = {
jwtFromRequest: ExtractJWT.fromAuthHeaderWithScheme("JWT"),
secretOrKey: jwtSecret.secret,
};
passport.use(
"jwt",
new JWTstrategy(opts, async (jwt_payload, done) => {
try {
let user = await db("users").select("*").where({ id: jwt_payload.id });
if (user.length === 1) {
logger.info("user found");
done(null, user[0]);
} else {
logger.info("user not found");
done(null, false);
}
} catch (err) {
done(err);
}
}),
);
// User.findOne({
// where: {
// id: jwt_payload.id,
// },
// }).then((user) => {
// if (user) {
// console.log("user found in db in passport");
// done(null, user);
// } else {
// console.log("user not found in db");
// done(null, false);
// }
// });
// } catch (err) {
// done(err);
// }
// }),
// );

25
logger.mjs
View File

@ -1,6 +1,6 @@
import pino from 'pino' import pino from "pino";
import path from 'path' import path from "path";
import { fileURLToPath } from 'url'; import { fileURLToPath } from "url";
const __filename = fileURLToPath(import.meta.url); const __filename = fileURLToPath(import.meta.url);
const __dirname = path.dirname(__filename); const __dirname = path.dirname(__filename);
@ -15,14 +15,15 @@ const __dirname = path.dirname(__filename);
// }] // }]
// }) // })
export default pino( export default pino(
{ {
level: 'fatal', level: "info",
formatters: { formatters: {
level: (label) => { level: (label) => {
return { level: label.toUpperCase() }; return { level: label.toUpperCase() };
},
}, },
timestamp: pino.stdTimeFunctions.isoTime,
}, },
//pino.destination(`${__dirname}/app.log`) timestamp: pino.stdTimeFunctions.isoTime,
); },
//pino.destination(`${__dirname}/app.log`)
);

168
objects/Endpoints.mjs
View File

@ -1,85 +1,115 @@
import express from "express"; import express from "express";
import logger from "../logger.mjs"; import logger from "../logger.mjs";
import Story from "./Story.mjs" import Story from "./Story.mjs";
import Publication from "./Publication.mjs" import Publication from "./Publication.mjs";
import Submission from "./Submission.mjs"; import Submission from "./Submission.mjs";
import passport from "passport";
export const getEndpoints = (dbObject) => { export const getEndpoints = (dbObject) => {
const router = express.Router() const router = express.Router();
router.get('/stories', (req,res)=>{ router.get("/stories", (_, res) => {
res.statusCode=200 res.statusCode = 200;
res.send(dbObject.stories) res.send(dbObject.stories);
return return;
}) });
router.get('/publications', (req,res)=>{ router.get("/publications", (_, res) => {
res.statusCode=200 res.statusCode = 200;
res.send(dbObject.publications) res.send(dbObject.publications);
return return;
}) });
router.get('/submissions', (req,res)=>{ router.get("/submissions", (_, res) => {
res.statusCode=200 res.statusCode = 200;
res.send(dbObject.submissions) res.send(dbObject.submissions);
return return;
}) });
router.get('/responses', (req,res)=>{ router.get("/responses", (_, res) => {
res.statusCode=200 res.statusCode = 200;
res.send(dbObject.responses) res.send(dbObject.responses);
return return;
}) });
router.get('/genres', (req,res)=>{ router.get("/genres", (_, res) => {
res.statusCode=200 res.statusCode = 200;
res.send(dbObject.genres) res.send(dbObject.genres);
return return;
}) });
return router return router;
} };
export const postEndpoints = (db,data) => { export const protectedEndpoints = (db, data) => {
const router = express.Router() const router = express.Router();
endpoint(router,Story,'create','insert',db,data) writeEndpoint(router, Story, "create", "insert", db, data);
endpoint(router,Story,'edit','update',db,data) writeEndpoint(router, Story, "edit", "update", db, data);
endpoint(router,Story,'delete','update',db,data) writeEndpoint(router, Story, "delete", "update", db, data);
endpoint(router,Submission,'create','insert',db,data) writeEndpoint(router, Submission, "create", "insert", db, data);
endpoint(router,Submission,'edit','update',db,data) writeEndpoint(router, Submission, "edit", "update", db, data);
endpoint(router,Submission,'delete','update',db,data) writeEndpoint(router, Submission, "delete", "update", db, data);
endpoint(router,Publication,'create','insert',db,data) writeEndpoint(router, Publication, "create", "insert", db, data);
endpoint(router,Publication,'edit','update',db,data) writeEndpoint(router, Publication, "edit", "update", db, data);
endpoint(router,Publication,'delete','del',db,data) writeEndpoint(router, Publication, "delete", "del", db, data);
return router //Auth endpoints
} router.post(
"/signup",
passport.authenticate("signup", { session: false }),
async (req, res) => {
res.json({
message: "Signup successful",
user: req.user,
});
},
);
router.post("/login", async (req, res, next) => {
passport.authenticate("login", async (err, user, info) => {
try {
if (err || !user) {
const error = new Error("An error occurred.");
return next(error);
const endpoint = (router,Entity,path,method,db,data) =>{
router.post(`/${Entity.name.toLowerCase()}/${path}`, async (req,res) => {
try {
logger.trace({data:req.body},"POST request received")
const entity = new Entity(req.body)
await entity[method](db,data)
res.sendStatus(200)
data.init()
return
} catch (error) {
logger.error(error)
if(error instanceof TypeError){
res.sendStatus(400)
return
}
res.sendStatus(500)
return
} }
})
}
req.login(user, { session: false }, async (error) => {
if (error) return next(error);
const body = { _id: user._id, email: user.email };
const token = require("jsonwebtoken").sign(
{ user: body },
"TOP_SECRET",
);
return res.json({ token });
});
} catch (error) {
return next(error);
}
})(req, res, next);
});
return router;
};
const writeEndpoint = (router, Entity, path, method, db, data) => {
router.post(
`/${Entity.name.toLowerCase()}/${path}`,
passport.authenticate("jwt", { session: false }),
async (req, res) => {
try {
logger.trace({ data: req.body }, "POST request received");
const entity = new Entity(req.body);
await entity[method](db, data);
res.sendStatus(200);
data.init();
return;
} catch (error) {
logger.error(error);
if (error instanceof TypeError) {
res.sendStatus(400);
return;
}
res.sendStatus(500);
return;
}
},
);
};

1277
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

12
package.json
View File

@ -9,21 +9,27 @@
"author": "Andrzej Stepien", "author": "Andrzej Stepien",
"license": "GPL-3.0-or-later", "license": "GPL-3.0-or-later",
"dependencies": { "dependencies": {
"bcrypt": "^5.1.1",
"body-parser": "^1.20.2", "body-parser": "^1.20.2",
"chai": "^4.3.8", "chai": "^4.3.8",
"chai-as-promised": "^7.1.1", "chai-as-promised": "^7.1.1",
"chai-http": "^4.4.0", "chai-http": "^4.4.0",
"cors": "^2.8.5", "cors": "^2.8.5",
"eslint": "^8.57.0",
"express": "^4.18.2", "express": "^4.18.2",
"helmet": "^7.1.0",
"jsonwebtoken": "^9.0.2",
"knex": "^2.5.1", "knex": "^2.5.1",
"lodash": "^4.17.21", "lodash": "^4.17.21",
"luxon": "^3.4.3", "luxon": "^3.4.3",
"mocha": "^10.2.0", "mocha": "^10.2.0",
"mongodb": "^6.5.0",
"mongoose": "^8.2.2",
"passport": "^0.7.0",
"passport-jwt": "^4.0.1",
"passport-local": "^1.0.0",
"pino": "^8.15.0", "pino": "^8.15.0",
"pino-http": "^8.5.0", "pino-http": "^8.5.0",
"sqlite3": "^5.1.6" "sqlite3": "^5.1.6"
},
"devDependencies": {
"eslint": "^8.57.0"
} }
} }

41
sampleEndpoint.mjs Normal file
View File

@ -0,0 +1,41 @@
import passport from "passport";
import User from "../sequelize";
module.exports = (app) => {
app.get("/findUser", (req, res, next) => {
passport.authenticate("jwt", { session: false }, (err, user, info) => {
if (err) {
console.log(err);
}
if (info !== undefined) {
console.log(info.message);
res.status(401).send(info.message);
} else if (user.username === req.query.username) {
User.findOne({
where: {
username: req.query.username,
},
}).then((userInfo) => {
if (userInfo != null) {
console.log("user found in db from findUsers");
res.status(200).send({
auth: true,
first_name: userInfo.first_name,
last_name: userInfo.last_name,
email: userInfo.email,
username: userInfo.username,
password: userInfo.password,
message: "user found in db",
});
} else {
console.error("no user exists in db with that username");
res.status(401).send("no user exists in db with that username");
}
});
} else {
console.error("jwt id and username do not match");
res.status(403).send("username and jwt token do not match");
}
})(req, res, next);
});
};

46
server.mjs
View File

@ -1,36 +1,34 @@
import express from "express" import express from "express";
import pinoHTTP from 'pino-http' import pinoHTTP from "pino-http";
import logger from "./logger.mjs"; import logger from "./logger.mjs";
import bodyParser from "body-parser"; import bodyParser from "body-parser";
import { Data } from "./objects/Data.mjs"; import { Data } from "./objects/Data.mjs";
import { db } from "./db.mjs"; import { db } from "./db.mjs";
import { getEndpoints, postEndpoints } from "./objects/Endpoints.mjs"; import { getEndpoints, protectedEndpoints } from "./objects/Endpoints.mjs";
import cors from 'cors' import cors from "cors";
import helmet from "helmet";
import passport from "passport";
const app = express() const app = express();
const port = 4000 const port = 4000;
const corsOptions={
origin: ['http://localhost:5173']
}
app.use(cors())
app.use(pinoHTTP({logger}))
app.use(bodyParser.json())
app.use(cors());
app.use(pinoHTTP({ logger }));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(helmet());
app.use(passport.initialize());
const data = new Data(db);
await data.init();
const data = new Data(db) app.use("/api", getEndpoints(data));
await data.init() app.use("/api", protectedEndpoints(db, data));
app.use('/api',getEndpoints(data))
app.use('/api',postEndpoints(db,data) )
app.listen(port, (err) => { app.listen(port, (err) => {
if (err) logger.error(err); if (err) logger.error(err);
logger.info("Server listening on PORT " + port) logger.info("Server listening on PORT " + port);
}) });
export default app export default app;

BIN
submissions
View File

Binary file not shown.

572
test/endpoints.test.mjs
View File

@ -1,311 +1,277 @@
import {describe} from "mocha"; import { describe } from "mocha";
import chai, { expect } from "chai"; import chai, { expect } from "chai";
import bodyParser from "body-parser"; import bodyParser from "body-parser";
import express from 'express' import express from "express";
import chaiHttp from "chai-http"; import chaiHttp from "chai-http";
import { testDb as db } from "../db.mjs"; import { testDb as db } from "../db.mjs";
import { Data } from "../objects/Data.mjs"; import { Data } from "../objects/Data.mjs";
import { beforeEach, afterEach } from "mocha"; import { beforeEach, afterEach } from "mocha";
import { postEndpoints, getEndpoints } from "../objects/Endpoints.mjs"; import { protectedEndpoints, getEndpoints } from "../objects/Endpoints.mjs";
chai.use(chaiHttp) chai.use(chaiHttp);
const app = express() const app = express();
const data = new Data(db) const data = new Data(db);
await data.init() await data.init();
app.use(bodyParser.json()) app.use(bodyParser.json());
app.use('/api',getEndpoints(data)) app.use("/api", getEndpoints(data));
app.use('/api', postEndpoints(db,data)) app.use("/api", protectedEndpoints(db, data));
describe("testing endpoints...", async function () {
describe("Testing GET endpoints", async function () {
describe("GET stories", async function () {
it("should return a status code of 200 and an array", async function () {
const res = await chai.request(app).get("/api/stories");
expect(res).to.have.status(200);
expect(res.body).to.be.a("array");
});
});
describe("GET submissions", async function () {
it("should return a status code of 200 and an array", async function () {
const res = await chai.request(app).get("/api/submissions");
expect(res).to.have.status(200);
expect(res.body).to.be.a("array");
});
});
describe("GET publications", async function () {
it("should return a status code of 200 and an array", async function () {
const res = await chai.request(app).get("/api/publications");
expect(res).to.have.status(200);
expect(res.body).to.be.a("array");
});
});
});
describe("testing /create endpoints", async function () {
describe("/story/create", async function () {
const goodData = {
title: "#test",
word_count: 111,
deleted: 0,
};
const badData = {
title: 1,
word_count: "not a number",
};
afterEach(async function () {
await db("stories").where("title", goodData.title).del();
});
it("should return 200 if a valid request is made", async function () {
const res = await chai
.request(app)
.post("/api/story/create")
.send(goodData);
expect(res).to.have.status(200);
});
it("should return 400 if an invalid request is made", async function () {
const res = await chai
.request(app)
.post("/api/story/create")
.send(badData);
expect(res).to.have.status(400);
});
it("the new entry should exist in the database", async function () {
await chai.request(app).post("/api/story/create").send(goodData);
const res = await db("stories")
.select("*")
.where("title", goodData.title);
expect(res[0].title).to.eql(goodData.title);
});
});
describe("/publication/create", async function () {
const goodData = {
title: "#test",
link: "www.internet.com",
deleted: 0,
};
const badData = {
title: 1,
link: 1,
};
afterEach(async function () {
await db("pubs").where("title", goodData.title).del();
});
it("should return 200 if a valid request is made", async function () {
const res = await chai
.request(app)
.post("/api/publication/create")
.send(goodData);
expect(res).to.have.status(200);
});
it("should return 400 if an invalid request is made", async function () {
const res = await chai
.request(app)
.post("/api/publication/create")
.send(badData);
expect(res).to.have.status(400);
});
it("the new entry should exist in the database", async function () {
await chai.request(app).post("/api/publication/create").send(goodData);
const res = await db("pubs").select("*").where("title", goodData.title);
expect(res[0].title).to.eql(goodData.title);
});
});
describe("/submission/create", async function () {
const goodData = {
story_id: 1,
pub_id: 1,
response_id: 1,
date_submitted: "1066-01-01",
date_responded: "1066-01-01",
};
const badData = {
story_id: "string",
pub_id: 1,
response_id: 1,
date_submitted: "1066-01-01",
date_responded: "1066-01-01",
};
afterEach(async function () {
await db("subs").where("date_submitted", goodData.date_submitted).del();
});
it("should return 200 if a valid request is made", async function () {
const res = await chai
.request(app)
.post("/api/submission/create")
.send(goodData);
expect(res).to.have.status(200);
});
it("should return 400 if an invalid request is made", async function () {
const res = await chai
.request(app)
.post("/api/submission/create")
.send(badData);
expect(res).to.have.status(400);
});
it("the new entry should exist in the database", async function () {
await chai.request(app).post("/api/submission/create").send(goodData);
const res = await db("subs")
.select("*")
.where("date_submitted", goodData.date_submitted);
expect(res[0].date_responded).to.eql(goodData.date_responded);
});
});
});
describe("testing /edit endpoints", async function () {
describe("/story/edit", async function () {
const goodData = {
id: 1,
title: "#test",
word_count: 111,
deleted: 0,
};
const badData = {
id: "string",
};
let prev = {};
beforeEach(async function () {
prev = await db("stories").select("*").where("id", 1);
prev = prev[0];
});
afterEach(async function () {
await db("stories").where("id", 1).update(prev);
});
it("should return 200 when sent valid data", async function () {
const res = await chai
.request(app)
.post("/api/story/edit")
.send(goodData);
expect(res).to.have.status(200);
});
it("should return 400 when sent invalid data", async function () {
const res = await chai
.request(app)
.post("/api/story/edit")
.send(badData);
expect(res).to.have.status(400);
});
it("the edit should be reflected in the database", async function () {
await chai.request(app).post("/api/story/edit").send(goodData);
const res = await db("stories").select("*").where("id", goodData.id);
expect(res[0]).to.eql(goodData);
});
});
describe("/publication/edit", async function () {
const goodData = {
id: 1,
title: "#test",
link: "link",
query_after_days: 90,
deleted: 0,
};
const badData = {
id: "string",
};
let prev = {};
beforeEach(async function () {
prev = await db("pubs").select("*").where("id", 1);
prev = prev[0];
});
afterEach(async function () {
await db("pubs").where("id", 1).update(prev);
});
it("should return 200 when sent valid data", async function () {
const res = await chai
.request(app)
.post("/api/publication/edit")
.send(goodData);
expect(res).to.have.status(200);
});
it("should return 400 when sent invalid data", async function () {
const res = await chai
.request(app)
.post("/api/publication/edit")
.send(badData);
expect(res).to.have.status(400);
});
it("the edit should be reflected in the database", async function () {
await chai.request(app).post("/api/publication/edit").send(goodData);
const res = await db("pubs").select("*").where("id", goodData.id);
expect(res[0]).to.eql(goodData);
});
});
describe("/submission/edit", async function () {
const goodData = {
id: 1,
story_id: 1,
pub_id: 1,
response_id: 1,
date_submitted: "1066-01-01",
date_responded: "1066-01-01",
};
const badData = {
story_id: "string",
pub_id: 1,
response_id: 1,
date_submitted: "1066-01-01",
date_responded: "1066-01-01",
};
let prev = {};
beforeEach(async function () {
prev = await db("subs").select("*").where("id", 1);
prev = prev[0];
});
afterEach(async function () {
await db("subs").where("id", 1).update(prev);
});
it("should return 200 when sent valid data", async function () {
const res = await chai
.request(app)
.post("/api/submission/edit")
.send(goodData);
expect(res).to.have.status(200);
});
it("should return 400 when sent invalid data", async function () {
const res = await chai
.request(app)
.post("/api/submission/edit")
.send(badData);
expect(res).to.have.status(400);
});
it("the edit should be reflected in the database", async function () {
await chai.request(app).post("/api/submission/edit").send(goodData);
const res = await db("subs").select("*").where("id", goodData.id);
expect(res[0]).to.eql(goodData);
});
});
});
});
describe("testing endpoints...",async function(){
describe("Testing GET endpoints", async function(){
describe("GET stories",async function(){
it("should return a status code of 200 and an array", async function(){
const res = await chai.request(app).get('/api/stories')
expect(res).to.have.status(200)
expect(res.body).to.be.a('array')
})
})
describe("GET submissions",async function(){
it("should return a status code of 200 and an array", async function(){
const res = await chai.request(app).get('/api/submissions')
expect(res).to.have.status(200)
expect(res.body).to.be.a('array')
})
})
describe("GET publications",async function(){
it("should return a status code of 200 and an array", async function(){
const res = await chai.request(app).get('/api/publications')
expect(res).to.have.status(200)
expect(res.body).to.be.a('array')
})
})
})
describe("testing /create endpoints", async function(){
describe("/story/create",async function(){
const goodData = {
title:"#test",
word_count:111,
deleted:0
}
const badData = {
title:1,
word_count:"not a number"
}
afterEach(async function(){
await db('stories')
.where('title',goodData.title)
.del()
})
it("should return 200 if a valid request is made",async function(){
const res = await chai.request(app)
.post('/api/story/create')
.send(goodData)
expect(res).to.have.status(200)
})
it("should return 400 if an invalid request is made",async function(){
const res = await chai.request(app)
.post('/api/story/create')
.send(badData)
expect(res).to.have.status(400)
})
it("the new entry should exist in the database",async function(){
await chai.request(app)
.post('/api/story/create')
.send(goodData)
const res = await db('stories')
.select('*')
.where('title',goodData.title)
expect(res[0].title).to.eql(goodData.title)
})
})
describe("/publication/create",async function(){
const goodData = {
title:"#test",
link:"www.internet.com",
deleted:0
}
const badData = {
title:1,
link:1
}
afterEach(async function(){
await db('pubs')
.where('title',goodData.title)
.del()
})
it("should return 200 if a valid request is made",async function(){
const res = await chai.request(app)
.post('/api/publication/create')
.send(goodData)
expect(res).to.have.status(200)
})
it("should return 400 if an invalid request is made",async function(){
const res = await chai.request(app)
.post('/api/publication/create')
.send(badData)
expect(res).to.have.status(400)
})
it("the new entry should exist in the database",async function(){
await chai.request(app)
.post('/api/publication/create')
.send(goodData)
const res = await db('pubs')
.select('*')
.where('title',goodData.title)
expect(res[0].title).to.eql(goodData.title)
})
})
describe("/submission/create",async function(){
const goodData = {
story_id:1,
pub_id:1,
response_id:1,
date_submitted:"1066-01-01",
date_responded:"1066-01-01"
}
const badData = {
story_id:"string",
pub_id:1,
response_id:1,
date_submitted:"1066-01-01",
date_responded:"1066-01-01"
}
afterEach(async function(){
await db('subs')
.where('date_submitted',goodData.date_submitted)
.del()
})
it("should return 200 if a valid request is made",async function(){
const res = await chai.request(app)
.post('/api/submission/create')
.send(goodData)
expect(res).to.have.status(200)
})
it("should return 400 if an invalid request is made",async function(){
const res = await chai.request(app)
.post('/api/submission/create')
.send(badData)
expect(res).to.have.status(400)
})
it("the new entry should exist in the database",async function(){
await chai.request(app)
.post('/api/submission/create')
.send(goodData)
const res = await db('subs')
.select('*')
.where('date_submitted',goodData.date_submitted)
expect(res[0].date_responded).to.eql(goodData.date_responded)
})
})
})
describe("testing /edit endpoints",async function(){
describe("/story/edit",async function(){
const goodData = {
id:1,
title:"#test",
word_count:111,
deleted:0
}
const badData = {
id:"string"
}
let prev = {}
beforeEach(async function(){
prev = await db('stories')
.select('*')
.where('id',1)
prev = prev[0]
})
afterEach(async function(){
await db('stories')
.where('id',1)
.update(prev)
})
it("should return 200 when sent valid data",async function(){
const res = await chai.request(app)
.post('/api/story/edit')
.send(goodData)
expect(res).to.have.status(200)
})
it("should return 400 when sent invalid data",async function(){
const res = await chai.request(app)
.post('/api/story/edit')
.send(badData)
expect(res).to.have.status(400)
})
it("the edit should be reflected in the database",async function(){
await chai.request(app)
.post('/api/story/edit')
.send(goodData)
const res = await db('stories').
select('*')
.where('id',goodData.id)
expect(res[0]).to.eql(goodData)
})
})
describe("/publication/edit",async function(){
const goodData = {
id:1,
title:"#test",
link:"link",
query_after_days:90,
deleted:0
}
const badData = {
id:"string"
}
let prev = {}
beforeEach(async function(){
prev = await db('pubs')
.select('*')
.where('id',1)
prev = prev[0]
})
afterEach(async function(){
await db('pubs')
.where('id',1)
.update(prev)
})
it("should return 200 when sent valid data",async function(){
const res = await chai.request(app)
.post('/api/publication/edit')
.send(goodData)
expect(res).to.have.status(200)
})
it("should return 400 when sent invalid data",async function(){
const res = await chai.request(app)
.post('/api/publication/edit')
.send(badData)
expect(res).to.have.status(400)
})
it("the edit should be reflected in the database",async function(){
await chai.request(app)
.post('/api/publication/edit')
.send(goodData)
const res = await db('pubs').
select('*')
.where('id',goodData.id)
expect(res[0]).to.eql(goodData)
})
})
describe("/submission/edit",async function(){
const goodData = {
id:1,
story_id:1,
pub_id:1,
response_id:1,
date_submitted:"1066-01-01",
date_responded:"1066-01-01"
}
const badData = {
story_id:"string",
pub_id:1,
response_id:1,
date_submitted:"1066-01-01",
date_responded:"1066-01-01"
}
let prev = {}
beforeEach(async function(){
prev = await db('subs')
.select('*')
.where('id',1)
prev = prev[0]
})
afterEach(async function(){
await db('subs')
.where('id',1)
.update(prev)
})
it("should return 200 when sent valid data",async function(){
const res = await chai.request(app)
.post('/api/submission/edit')
.send(goodData)
expect(res).to.have.status(200)
})
it("should return 400 when sent invalid data",async function(){
const res = await chai.request(app)
.post('/api/submission/edit')
.send(badData)
expect(res).to.have.status(400)
})
it("the edit should be reflected in the database",async function(){
await chai.request(app)
.post('/api/submission/edit')
.send(goodData)
const res = await db('subs').
select('*')
.where('id',goodData.id)
expect(res[0]).to.eql(goodData)
})
})
})
})