Test river

backend/.env.examle

@@ -3,4 +3,5 @@ PG_PASSWORD=coding_test_password
 PG_HOST=localhost
 PG_PORT=5432
 PG_DATABASE=thm_database
-SECRET=test-dev-secret
+SECRET=test-dev-secret
+JWT_SECRET=ashfjhsauoujfghjkfha

backend/controllers/auth.js

@@ -0,0 +1,21 @@
+const jwt = require('jsonwebtoken');
+const expressJwt = require('express-jwt');
+
+const { authenticateUser } = require('../services/user');
+
+exports.login = async (req, res) => {
+  try {
+    const { email, password } = req.body;
+    const user = await authenticateUser(email, password);
+    const token = jwt.sign({ _id: user.id }, process.env.JWT_SECRET, { expiresIn: '1d' });
+    res.cookie('token', token, { expiresIn: '1d' });
+    user.token = token;
+    return res.status(200).json(user)
+  } catch (err) {
+    res.status(401).json({ message: 'wrong credentials' });
+  }
+}
+
+exports.requireSignin = expressJwt({
+  secret: process.env.JWT_SECRET, algorithms: ['HS256']
+});

backend/controllers/user.js

@@ -0,0 +1,86 @@
+const formidable = require('formidable');
+const fs = require('fs');
+
+const { getUserById, updateUser, getUserProfilePicture } = require('../services/user');
+const { checkEmail } = require('../utils');
+
+exports.update = async (req, res) => {
+  try {
+    const user = await getUserById(req.params.id);
+    if (user) {
+      let form = new formidable.IncomingForm();
+      form.keepExtensions = true;
+      form.parse(req, async (err, fields, files) => {
+        if (err) {
+          return res.status(400).json({
+            message: 'Profile could not upload'
+          });
+        }
+
+        const { email, firstname, lastname, phonenumber, city, country, emailalert, smsalert } = fields;
+
+        if (!email || !checkEmail(email)) {
+          return res.status(401).json({
+            message: 'Invalid Email'
+          });
+        }
+
+        const updateData = {
+          email: email,
+          first_name: firstname ? firstname : null,
+          last_name: lastname ? lastname : null,
+          phone_number: phonenumber ? phonenumber : null,
+          city: city ? city : null,
+          country: country ? country : null,
+          email_alert: emailalert === '1' ? 1 : 0,
+          sms_alert: smsalert === '1' ? 1 : 0,
+          id: user.id
+        };
+
+        if (files.profile) {
+          if (files.profile.size > 10000000) {
+            return res.status(400).json({
+              error: 'Profile should be less then 1mb in size'
+            });
+          }
+          updateData.profile_picture = fs.readFileSync(files.profile.path);
+          updateData.profile_picture_content_type = files.profile.type;
+        }
+
+        const updated = await updateUser(updateData);
+        return res.json({ updated });
+
+      });
+    } else {
+      return res.status(400).json({ message: err });
+    }
+  } catch (err) {
+    console.log(err);
+    return res.status(400).json({ message: err });
+  }
+}
+
+exports.picture = async (req, res) => {
+  try {
+    const user = await getUserProfilePicture(req.params.id);
+    if (user.profilepicture) {
+      res.set('Content-Type',  user.profilepicturecontenttype);
+      return res.send(user.profilepicture);
+    }
+    else {
+      return res.status(404).json({ message: 'Not Found' });
+    }
+  } catch (err) {
+    console.log(err);
+    return res.status(404).json({ message: 'Not Found' });
+  }
+}
+
+exports.show = async (req, res) => {
+  try {
+    const user = await getUserById(req.params.id);
+    return res.send(user);
+  } catch (err) {
+    return res.status(400).json({ message: 'Not Found' });
+  }
+}

backend/index.js

@@ -8,6 +8,7 @@ const port = 3002;
 
 const app = express();
 
+
 app.use((req, res, next) => {
   res.setHeader('Access-Control-Allow-Origin', '*');
   res.setHeader('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content, Accept, Content-Type, Authorization');
@@ -23,6 +24,7 @@ app.use(
 );
 app.use(morganMiddleware);
 app.get('/health', (req, res) => res.send({ message: 'ok' }));
+app.use('/api', require('./routes/api'));
 
 const server = app.listen(port, () => {
   console.log(`THM App running on port ${port}.`);

backend/package.json

@@ -21,14 +21,18 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "nodemon": "^2.0.4",
     "body-parser": "^1.19.0",
     "chai": "^4.2.0",
     "chalk": "^4.1.0",
     "dotenv": "^8.2.0",
     "express": "^4.17.1",
+    "express-jwt": "^6.0.0",
+    "express-validator": "^6.12.0",
+    "formidable": "^1.2.2",
+    "jsonwebtoken": "^8.5.1",
     "mocha": "^8.1.3",
     "morgan": "^1.10.0",
+    "nodemon": "^2.0.4",
     "pg": "^7.18.2",
     "sha.js": "^2.4.11",
     "sinon": "^9.0.3"

backend/routes/api/auth.js

@@ -0,0 +1,13 @@
+const express = require('express');
+const router = express.Router();
+
+const { runValidation } = require('../../validator');
+
+const { userSignInValidation } = require('../../validator/user');
+
+const { login } = require('../../controllers/auth');
+
+router.post('/login', userSignInValidation, runValidation, login);
+
+
+module.exports = router;

backend/routes/api/index.js

@@ -0,0 +1,7 @@
+const express = require('express');
+const router = express.Router();
+
+router.use('/user', require('./user'));
+router.use('/auth', require('./auth'));
+
+module.exports = router;