:white_check_mark: Started testing

backend/lib/routes/user/login.js

@@ -33,9 +33,8 @@ module.exports = {
         auth: false,
         handler: async function (request, h) {
             try {
-                const { userService, profileService } =
-                    request.server.services()
-
+                const { userService } = request.server.services()
+                console.log('testing from here login.js :=>')
                 const res = request.payload
 
                 // Callback to use as transaction
@@ -50,32 +49,20 @@ module.exports = {
                 }
 
                 // Bound context from your plugin server declaration
-                const user = await h.context.transaction(login)
-                const rawUser = await userService.findByUserEmail(
-                    res.user_email,
-                )
+                await h.context.transaction(login)
+
                 // Uses Same Logic Behind Initial Sign Up,
                 // passing expected credentials to be used for logging in
-                const userCredentials = {
-                    email: rawUser.user_email,
-                    name: rawUser.user_name,
-                    seeking: rawUser.is_poster === 1 ? 'poster' : 'seeker',
-                }
-                const token = userService.createToken({
-                    payload: userCredentials,
-                })
+                const { userCredentials, token } =
+                    await userService.makeUserCredentials(res.user_email)
 
                 return {
                     ok: true,
                     handler: pluginConfig.handlerType,
                     data: {
-                        user_email: user.user_email,
+                        user_email: userCredentials.email,
                         jwt: token,
-                        answered: {
-                            email: userCredentials.email,
-                            name: userCredentials.name,
-                            seeking: userCredentials.seeking,
-                        },
+                        answered: userCredentials,
                     },
                 }
             } catch (err) {

backend/lib/routes/user/verifyactivesession.js

@@ -45,6 +45,8 @@ module.exports = {
                 if (!hashToMatch) {
                     throw new Error('no record of email in cache')
                 }
+                // NOTE: When user responds to email,
+                // boolean value is set to true, allowing user back into the survey
                 userService.activeSessions[
                     hashToMatch
                 ].emailWasRespondedTo = true

backend/lib/services/user.js

@@ -212,6 +212,7 @@ module.exports = class UserService extends Schmervice.Service {
 
         /** Uncomment to run password check using SecurePassword */
         const passwordCheck = await this.pwd.verify(bufferPepper, user.token)
+
         if (passwordCheck === SecurePassword.VALID_NEEDS_REHASH) {
             await this.changePassword(user.user_email, password, txn)
         } else if (passwordCheck !== SecurePassword.VALID) {
@@ -233,6 +234,22 @@ module.exports = class UserService extends Schmervice.Service {
         return JWT.sign(obj, key, { expiresIn: expiration })
     }
 
+    async makeUserCredentials(email) {
+        const user = await this.findByUserEmail(email)
+        const userCredentials = {
+            email: user.user_email,
+            name: user.user_name,
+            seeking: user.is_poster === 1 ? 'poster' : 'seeker',
+        }
+        const token = this.createToken({
+            payload: userCredentials,
+        })
+        return {
+            userCredentials,
+            token,
+        }
+    }
+
     /**
      * Validates whether a token has expired or not
      * @param {User} user

backend/package.json

@@ -12,7 +12,7 @@
         "reseed": "knex migrate:rollback --all && knex migrate:latest && knex seed:run",
         "generate": "node ./db/data-generator/index.js",
         "seed": "knex seed:run",
-        "test": "nyc ava --timeout=100000"
+        "test": "nyc ava --timeout=100000 --verbose"
     },
     "author": "TOJ",
     "license": "UNLICENSED",

backend/tests/usercredential.spec.js

@@ -0,0 +1,112 @@
+'use strict'
+
+const test = require('ava')
+const { stub } = require('sinon')
+const Hapi = require('@hapi/hapi')
+const Objection = require('objection')
+const UserService = require('../lib/services/user.js')
+
+const plugin = require('../lib/plugins/user.js')
+
+const Auth = require('../lib/models/authentication.js')
+const User = require('../lib/models/user.js')
+
+/**
+ * Route parameters
+ */
+const payload = {
+    user_email: 'test@testemail.com',
+    password: 'abcd123',
+}
+
+const mockReturn = {
+    user_id: 1234,
+    user_name: 'brian',
+    user_email: 'test@testemail.com',
+    is_poster: 1,
+    is_admin: 0,
+    is_verified: 1,
+}
+
+const pathToTest = {
+    method: 'POST',
+    url: `/login`,
+    payload: JSON.stringify(payload),
+}
+
+// NOTE: how does hapi/ava expect payload from 'POST' request??
+test('path /login should return ok', async t => {
+    /**
+     * Create a new server and register services,
+     * models and routes for testing
+     * -
+     * NOTE: We use a mocked registerModel() and register
+     * models manually. Normally this is handled by
+     * Schwifty at runtime.
+     */
+    const server = Hapi.server()
+    /**
+     * Overload so we don't register any models
+     * using the plugin call (see plugins/profile.js)
+     * and Manually load the model we need for the test
+     */
+    server.registerModel = () => {}
+
+    server.models = () => ({ User, Auth })
+    server.registrations = {
+        'main-app-plugin': {
+            options: {},
+        },
+    }
+    server.registrations['main-app-plugin'].options.jwtKey = {
+        $filter: 'NODE_ENV',
+        $default: {
+            $param: 'APP_SECRET',
+            $default: 'app-secret',
+        },
+        // Use .env file in production
+        production: {
+            $param: 'APP_SECRET',
+        },
+    }
+    stub(Objection, 'transaction').returns({})
+    /**
+     * Register Routes and Services as usual
+     */
+    await plugin.register(server)
+    server.services()['userService'] = new UserService(server)
+    server.services()['userService'].createToken = () =>
+        'a;slkdf;asdfa;sdfkja;lsdfj;askdfj;laskdjf;laskjdf'
+
+    /**
+     * Replace Objection model methods with our own mock functions
+     * !: Janky - might be better to temp knex sqlite instance
+     */
+
+    stub(server.models()['Auth'], 'query').returns({
+        throwIfNotFound: () => ({
+            first: () => ({
+                where: () => ({ ...mockReturn }),
+            }),
+        }),
+    })
+    stub(server.models()['User'], 'createNotFoundError').returns({})
+    stub(server.models()['User'], 'query').returns({
+        throwIfNotFound: () => ({
+            first: () => ({
+                where: () => ({ ...mockReturn }),
+            }),
+        }),
+    })
+
+    /**
+     * Test the server with registered models and services
+     */
+    const { payload } = await server.inject(pathToTest)
+    const res = JSON.parse(payload)
+
+    t.deepEqual(res.ok, true)
+    t.deepEqual(res.data.answered.email, mockReturn.user_email)
+    t.deepEqual(res.data.answered.name, mockReturn.user_name)
+    t.deepEqual(res.data.answered.seeking, 'poster')
+})

frontend/src/utils/index.js

@@ -2,6 +2,7 @@ import Joi from 'joi'
 import { SurveyFactory } from './survey.js'
 import { possible } from './lang.js'
 import { pidMixin, profileMixin } from './mixins.js'
+import { authenticator } from '../services/auth.service.js'
 
 // This will NOT work until ES2022 gets assert in browsers
 // import config from '../../../backend/db/data-generator/config.json' assert { type: 'json' }
@@ -129,6 +130,30 @@ const randomSurveyResponses = count => {
     return surveyResponses
 }
 
+const grabStoredCookie = cookieKey => {
+    const cookies = document.cookie.split('; ').reduce((prev, current) => {
+        const [name, ...value] = current.split('=')
+        prev[name] = value.join('=')
+        return prev
+    }, {})
+    const cookieVal = cookieKey in cookies ? cookies[`${cookieKey}`] : undefined
+    return cookieVal
+}
+
+const verifySession = async () => {
+    const hashedAccessToken = grabStoredCookie('siimee_access')
+    if (!hashedAccessToken)
+        return console.warn('WARNING :=> accessToken is not defined')
+    const validatedToken = await authenticator.validateSession(
+        hashedAccessToken,
+    )
+    if (validatedToken.error) {
+        console.error('ERROR :=>', validatedToken.error)
+    } else {
+        return validatedToken
+    }
+}
+
 export {
     validatorMapping,
     surveyFactory,
@@ -140,4 +165,6 @@ export {
     randomMedia,
     randomName,
     randomEmail,
+    grabStoredCookie,
+    verifySession,
 }