@next-k8s/auth 1.0.9

package/src/app.ts

@@ -0,0 +1,36 @@
+import express from 'express'
+import 'express-async-errors'
+import { json } from 'body-parser'
+import cookieSession from 'cookie-session'
+import { errorHandler, NotFoundError } from '@next-k8s/common'
+
+import User from './models/user'
+
+import currentUserRouter from './routes/current-user'
+import signinRouter from './routes/signin'
+import signoutRouter from './routes/signout'
+import signupRouter from './routes/signup'
+
+if (!process.env.JWT_KEY) throw new Error('JWT_KEY secret not set')
+
+const app = express()
+app.disable('x-powered-by')
+app.set('trust proxy', true)
+app.use(json())
+app.use(cookieSession({
+  signed: false,
+  secure: process.env.NODE_ENV !== 'test'
+}))
+
+app.use(currentUserRouter)
+app.use(signinRouter)
+app.use(signoutRouter)
+app.use(signupRouter)
+
+app.use('*', async (req, res) => {
+  throw new NotFoundError()
+})
+
+app.use(errorHandler)
+
+export default app

package/src/index.ts

@@ -0,0 +1,19 @@
+import mongoose from 'mongoose'
+import app from './app'
+
+const start = async () => {
+  try {
+    if (process.env.MONGO_URI) await mongoose.connect(process.env.MONGO_URI)
+    else throw new Error('Auth: MONGO_URI is undefined')
+    console.log('Auth database connected!')
+  } catch (err) {
+    console.error(err)
+  }
+
+  const port = process.env.PORT || 3000
+  app.listen(port, () => {
+    console.log('Auth service running on port:', port)
+  })
+}
+
+start()

package/src/models/user.ts

@@ -0,0 +1,39 @@
+import mongoose from 'mongoose'
+import bcrypt from 'mongoose-bcrypt'
+
+interface UserAttributes {
+  email: string;
+  password: string;
+  createdAt?: Date;
+  updatedAt?: Date;
+}
+
+const userSchema = new mongoose.Schema({
+  email: {
+    type: String,
+    required: true
+  },
+
+  password: {
+    type: String,
+    required: true
+  }
+}, {
+  toJSON: {
+    versionKey: false,
+    transform (doc, ret) {
+      ret.id = ret._id
+      delete ret._id
+      delete ret.password
+    }
+  }
+})
+
+userSchema.plugin(bcrypt)
+
+export const UserModel = mongoose.model('User', userSchema)
+export default class User extends UserModel {
+  constructor(attributes: UserAttributes) {
+    super(attributes)
+  }
+}

package/src/routes/__test__/current-user.test.ts

@@ -0,0 +1,26 @@
+import request from 'supertest'
+import app from '../../app'
+import { getTokenCookie } from '../../test/utils'
+
+describe('Route: /api/users/current', () => {
+  it('responds with the current user', async () => {
+    const cookie = await getTokenCookie()
+
+    const response = await request(app)
+      .get('/api/users/current')
+      .set('Cookie', cookie)
+      .send()
+      .expect(200)
+
+    expect(response.body.user.email).toEqual('test@test.com')
+  })
+
+  it('responds with null if not authenticated', async () => {
+    const response = await request(app)
+      .get('/api/users/current')
+      .send()
+      .expect(401)
+
+    expect(response.body.user).toEqual(null)
+  })
+})

package/src/routes/__test__/signin.test.ts

@@ -0,0 +1,45 @@
+import request from 'supertest'
+import app from '../../app'
+
+beforeEach(() => {
+  return request(app)
+      .post('/api/users/signup')
+      .send({ email: 'test@test.com', password: 'testpass' })
+})
+
+describe('Route: /api/users/signin', () => {
+  it('responds with 200 to successful signin request', async () => {
+    return request(app)
+      .post('/api/users/signin')
+      .send({ email: 'test@test.com', password: 'testpass' })
+      .expect(200)
+  })
+  
+  it('throws error on invalid email address during signin', async () => {
+    return request(app)
+      .post('/api/users/signin')
+      .send({ email: 'test_test com', password: 'testpass' })
+      .expect(400)
+  })
+
+  it('throws error on missing email or password during signin', async () => {
+    await request(app)
+      .post('/api/users/signin')
+      .send({ email: 'test@test.com', password: '' })
+      .expect(400)
+  
+    await request(app)
+      .post('/api/users/signin')
+      .send({ email: '', password: 'testpass' })
+      .expect(400)
+  })
+
+  it('sets a cookie after successful signin', async () => {
+    const response = await request(app)
+      .post('/api/users/signin')
+      .send({ email: 'test@test.com', password: 'testpass' })
+      .expect(200)
+
+    expect(response.get('Set-Cookie')).toBeDefined()
+  })
+})

package/src/routes/__test__/signout.test.ts

@@ -0,0 +1,12 @@
+import request from 'supertest'
+import app from '../../app'
+
+describe('Route: /api/users/signout', () => {
+  it('clears cookie after signout', async () => {
+    const response = await request(app)
+      .get('/api/users/signout')
+      .expect(200)
+      
+    expect(response.get('Set-Cookie')).toBeDefined()
+  })
+})

package/src/routes/__test__/signup.test.ts

@@ -0,0 +1,57 @@
+import request from 'supertest'
+import app from '../../app'
+
+describe('Route: /api/users/signup', () => {
+  it('responds with 201 to successful signup request', async () => {
+    return request(app)
+      .post('/api/users/signup')
+      .send({ email: 'test@test.com', password: 'testpass' })
+      .expect(201)
+  })
+  
+  it('throws error on invalid email address during signup', async () => {
+    return request(app)
+      .post('/api/users/signup')
+      .send({ email: 'test_test com', password: 'testpass' })
+      .expect(400)
+  })
+  
+  it('throws error on invalid password during signup', async () => {
+    return request(app)
+      .post('/api/users/signup')
+      .send({ email: 'test@test.com', password: 'te' })
+      .expect(400)
+  })
+  
+  it('throws error on missing email or password during signup', async () => {
+    await request(app)
+      .post('/api/users/signup')
+      .send({ email: 'test@test.com', password: '' })
+      .expect(400)
+  
+    await request(app)
+      .post('/api/users/signup')
+      .send({ email: '', password: 'testpass' })
+      .expect(400)
+  })
+  
+  it('throws error on existing email during signup', async () => {
+    await request(app)
+      .post('/api/users/signup')
+      .send({ email: 'test@test.com', password: 'testpass' })
+      .expect(201)
+  
+    await request(app)
+      .post('/api/users/signup')
+      .send({ email: 'test@test.com', password: 'testpass' })
+      .expect(400)
+  })
+
+  it('sets a cookie after successful signup', async () => {
+    const response = await request(app)
+      .post('/api/users/signup')
+      .send({ email: 'test@test.com', password: 'testpass' })
+
+    expect(response.get('Set-Cookie')).toBeDefined()
+  })
+})

package/src/routes/current-user.ts

@@ -0,0 +1,10 @@
+import express, { Request, Response } from 'express'
+import { currentUser } from '@next-k8s/common'
+// import { currentUser } from '../../../common/src'
+
+const router = express.Router()
+router.get('/api/users/current', currentUser, async (req: Request, res: Response) => {
+  res.status(!req.currentUser ? 401 : 200).json({ user: req.currentUser || null })
+})
+
+export default router

package/src/routes/signin.ts

@@ -0,0 +1,29 @@
+import express, { Request, Response } from 'express'
+import jwt from 'jsonwebtoken'
+import { body } from 'express-validator'
+import { UnauthorizedError, validateRequest } from '@next-k8s/common'
+
+import User from '../models/user'
+
+const validateInput = [
+  body('email').isEmail().withMessage('Email must be a valid email address'),
+  body('password').trim().notEmpty().withMessage('A password must be provided')
+]
+
+const router = express.Router()
+router.post('/api/users/signin', validateInput, validateRequest, async (req: Request, res: Response) => {
+  const user = await User.findOne({ email: req.body.email }).exec()
+  if (!user) throw new UnauthorizedError('Incorrect username or password', 401, req.body.email)
+  const validPassword = await user.verifyPassword(req.body.password)
+  if (!validPassword) throw new UnauthorizedError('Incorrect username or password', 401, req.body.email)
+
+  const token = jwt.sign({
+    id: user.id,
+    email: user.email
+  }, process.env.JWT_KEY!)
+
+  req.session = { jwt: token }
+  res.json({ user, jwt: token })
+})
+
+export default router

package/src/routes/signout.ts

@@ -0,0 +1,9 @@
+import express from 'express'
+
+const router = express.Router()
+router.get('/api/users/signout', (req, res) => {
+  req.session = null
+  res.json({})
+})
+
+export default router

package/src/routes/signup.ts

@@ -0,0 +1,37 @@
+import express, { NextFunction, Request, Response } from 'express'
+import { body } from 'express-validator'
+import jwt from 'jsonwebtoken'
+import { BadRequestError, DatabaseConnectionError, validateRequest } from '@next-k8s/common'
+
+import User from '../models/user'
+
+const router = express.Router()
+
+const validateInput = [
+  body('email').isEmail().withMessage('Email is not valid'),
+  body('password').trim().isLength({ min: 4, max: 32 }).withMessage('Password must be between 4 and 32 characters')
+]
+
+router.post('/api/users/signup', validateInput, validateRequest, async (req: Request, res: Response) => {
+  const { email, password } = req.body
+  const exists = await User.exists({ email: email.toLowerCase() })
+  if (exists) throw new BadRequestError('User already exists')
+
+  try {
+    const user = new User({ email: email.toLowerCase(), password })
+    await user.save()
+
+    const token = jwt.sign({
+      id: user.id,
+      email: user.email
+    }, process.env.JWT_KEY!)
+
+    req.session = { jwt: token }
+    res.status(201).json({ user, jwt: token })
+  } catch (err) {
+    console.error(err)
+    throw new DatabaseConnectionError('Failed to insert user')
+  }
+})
+
+export default router

package/src/test/setup.ts

@@ -0,0 +1,21 @@
+import { MongoMemoryServer } from 'mongodb-memory-server'
+import mongoose from 'mongoose'
+
+let mongo: any
+process.env.JWT_KEY = '!SuperSecretDevToken!'
+
+beforeAll(async () => {
+  mongo = await MongoMemoryServer.create()
+  const uri = await mongo.getUri()
+  await mongoose.connect(uri)
+})
+
+beforeEach(async () => {
+  const collections = await mongoose.connection.db.collections()
+  for (const collection of collections) await collection.deleteMany({})
+})
+
+afterAll(async () => {
+  await mongoose.connection.close()
+  await mongo.stop()
+})

package/src/test/utils.ts

@@ -0,0 +1,13 @@
+import request from 'supertest'
+import app from '../app'
+
+export const getTokenCookie = async () => {
+  const email = 'test@test.com'
+  const password = 'testpass'
+  const response = await request(app)
+    .post('/api/users/signup')
+    .send({ email, password })
+    .expect(201)
+
+  return response.get('Set-Cookie')
+}

package/src/types/mongoose-bcrypt.d.ts

@@ -0,0 +1 @@
+declare module 'mongoose-bcrypt'

package/tsconfig.json

@@ -0,0 +1,101 @@
+{
+  "compilerOptions": {
+    /* Visit https://aka.ms/tsconfig.json to read more about this file */
+
+    /* Projects */
+    // "incremental": true,                              /* Enable incremental compilation */
+    // "composite": true,                                /* Enable constraints that allow a TypeScript project to be used with project references. */
+    // "tsBuildInfoFile": "./",                          /* Specify the folder for .tsbuildinfo incremental compilation files. */
+    // "disableSourceOfProjectReferenceRedirect": true,  /* Disable preferring source files instead of declaration files when referencing composite projects */
+    // "disableSolutionSearching": true,                 /* Opt a project out of multi-project reference checking when editing. */
+    // "disableReferencedProjectLoad": true,             /* Reduce the number of projects loaded automatically by TypeScript. */
+
+    /* Language and Environment */
+    "target": "es2016",                                  /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */
+    // "lib": [],                                        /* Specify a set of bundled library declaration files that describe the target runtime environment. */
+    // "jsx": "preserve",                                /* Specify what JSX code is generated. */
+    // "experimentalDecorators": true,                   /* Enable experimental support for TC39 stage 2 draft decorators. */
+    // "emitDecoratorMetadata": true,                    /* Emit design-type metadata for decorated declarations in source files. */
+    // "jsxFactory": "",                                 /* Specify the JSX factory function used when targeting React JSX emit, e.g. 'React.createElement' or 'h' */
+    // "jsxFragmentFactory": "",                         /* Specify the JSX Fragment reference used for fragments when targeting React JSX emit e.g. 'React.Fragment' or 'Fragment'. */
+    // "jsxImportSource": "",                            /* Specify module specifier used to import the JSX factory functions when using `jsx: react-jsx*`.` */
+    // "reactNamespace": "",                             /* Specify the object invoked for `createElement`. This only applies when targeting `react` JSX emit. */
+    // "noLib": true,                                    /* Disable including any library files, including the default lib.d.ts. */
+    // "useDefineForClassFields": true,                  /* Emit ECMAScript-standard-compliant class fields. */
+
+    /* Modules */
+    "module": "commonjs",                                /* Specify what module code is generated. */
+    // "rootDir": "./",                                  /* Specify the root folder within your source files. */
+    // "moduleResolution": "node",                       /* Specify how TypeScript looks up a file from a given module specifier. */
+    // "baseUrl": "./",                                  /* Specify the base directory to resolve non-relative module names. */
+    // "paths": {},                                      /* Specify a set of entries that re-map imports to additional lookup locations. */
+    // "rootDirs": [],                                   /* Allow multiple folders to be treated as one when resolving modules. */
+    "typeRoots": ["./src/types", "./node_modules/@types"],                                  /* Specify multiple folders that act like `./node_modules/@types`. */
+    // "types": [],                                      /* Specify type package names to be included without being referenced in a source file. */
+    // "allowUmdGlobalAccess": true,                     /* Allow accessing UMD globals from modules. */
+    // "resolveJsonModule": true,                        /* Enable importing .json files */
+    // "noResolve": true,                                /* Disallow `import`s, `require`s or `<reference>`s from expanding the number of files TypeScript should add to a project. */
+
+    /* JavaScript Support */
+    // "allowJs": true,                                  /* Allow JavaScript files to be a part of your program. Use the `checkJS` option to get errors from these files. */
+    // "checkJs": true,                                  /* Enable error reporting in type-checked JavaScript files. */
+    // "maxNodeModuleJsDepth": 1,                        /* Specify the maximum folder depth used for checking JavaScript files from `node_modules`. Only applicable with `allowJs`. */
+
+    /* Emit */
+    // "declaration": true,                              /* Generate .d.ts files from TypeScript and JavaScript files in your project. */
+    // "declarationMap": true,                           /* Create sourcemaps for d.ts files. */
+    // "emitDeclarationOnly": true,                      /* Only output d.ts files and not JavaScript files. */
+    // "sourceMap": true,                                /* Create source map files for emitted JavaScript files. */
+    // "outFile": "./",                                  /* Specify a file that bundles all outputs into one JavaScript file. If `declaration` is true, also designates a file that bundles all .d.ts output. */
+    "outDir": "./build",                                   /* Specify an output folder for all emitted files. */
+    // "removeComments": true,                           /* Disable emitting comments. */
+    // "noEmit": true,                                   /* Disable emitting files from a compilation. */
+    // "importHelpers": true,                            /* Allow importing helper functions from tslib once per project, instead of including them per-file. */
+    // "importsNotUsedAsValues": "remove",               /* Specify emit/checking behavior for imports that are only used for types */
+    // "downlevelIteration": true,                       /* Emit more compliant, but verbose and less performant JavaScript for iteration. */
+    // "sourceRoot": "",                                 /* Specify the root path for debuggers to find the reference source code. */
+    // "mapRoot": "",                                    /* Specify the location where debugger should locate map files instead of generated locations. */
+    // "inlineSourceMap": true,                          /* Include sourcemap files inside the emitted JavaScript. */
+    // "inlineSources": true,                            /* Include source code in the sourcemaps inside the emitted JavaScript. */
+    // "emitBOM": true,                                  /* Emit a UTF-8 Byte Order Mark (BOM) in the beginning of output files. */
+    // "newLine": "crlf",                                /* Set the newline character for emitting files. */
+    // "stripInternal": true,                            /* Disable emitting declarations that have `@internal` in their JSDoc comments. */
+    // "noEmitHelpers": true,                            /* Disable generating custom helper functions like `__extends` in compiled output. */
+    // "noEmitOnError": true,                            /* Disable emitting files if any type checking errors are reported. */
+    // "preserveConstEnums": true,                       /* Disable erasing `const enum` declarations in generated code. */
+    // "declarationDir": "./",                           /* Specify the output directory for generated declaration files. */
+    // "preserveValueImports": true,                     /* Preserve unused imported values in the JavaScript output that would otherwise be removed. */
+
+    /* Interop Constraints */
+    // "isolatedModules": true,                          /* Ensure that each file can be safely transpiled without relying on other imports. */
+    // "allowSyntheticDefaultImports": true,             /* Allow 'import x from y' when a module doesn't have a default export. */
+    "esModuleInterop": true,                             /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables `allowSyntheticDefaultImports` for type compatibility. */
+    // "preserveSymlinks": true,                         /* Disable resolving symlinks to their realpath. This correlates to the same flag in node. */
+    "forceConsistentCasingInFileNames": true,            /* Ensure that casing is correct in imports. */
+
+    /* Type Checking */
+    "strict": true,                                      /* Enable all strict type-checking options. */
+    // "noImplicitAny": true,                            /* Enable error reporting for expressions and declarations with an implied `any` type.. */
+    // "strictNullChecks": true,                         /* When type checking, take into account `null` and `undefined`. */
+    // "strictFunctionTypes": true,                      /* When assigning functions, check to ensure parameters and the return values are subtype-compatible. */
+    // "strictBindCallApply": true,                      /* Check that the arguments for `bind`, `call`, and `apply` methods match the original function. */
+    // "strictPropertyInitialization": true,             /* Check for class properties that are declared but not set in the constructor. */
+    // "noImplicitThis": true,                           /* Enable error reporting when `this` is given the type `any`. */
+    // "useUnknownInCatchVariables": true,               /* Type catch clause variables as 'unknown' instead of 'any'. */
+    // "alwaysStrict": true,                             /* Ensure 'use strict' is always emitted. */
+    // "noUnusedLocals": true,                           /* Enable error reporting when a local variables aren't read. */
+    // "noUnusedParameters": true,                       /* Raise an error when a function parameter isn't read */
+    // "exactOptionalPropertyTypes": true,               /* Interpret optional property types as written, rather than adding 'undefined'. */
+    // "noImplicitReturns": true,                        /* Enable error reporting for codepaths that do not explicitly return in a function. */
+    // "noFallthroughCasesInSwitch": true,               /* Enable error reporting for fallthrough cases in switch statements. */
+    // "noUncheckedIndexedAccess": true,                 /* Include 'undefined' in index signature results */
+    // "noImplicitOverride": true,                       /* Ensure overriding members in derived classes are marked with an override modifier. */
+    // "noPropertyAccessFromIndexSignature": true,       /* Enforces using indexed accessors for keys declared using an indexed type */
+    // "allowUnusedLabels": true,                        /* Disable error reporting for unused labels. */
+    // "allowUnreachableCode": true,                     /* Disable error reporting for unreachable code. */
+
+    /* Completeness */
+    // "skipDefaultLibCheck": true,                      /* Skip type checking .d.ts files that are included with TypeScript. */
+    "skipLibCheck": true                                 /* Skip type checking all .d.ts files. */
+  }
+}