fix auth server

JaimeSalas · JaimeSalas · commit df58ebf525a6 · 2019-07-31T21:21:24.000+02:00
diff --git a/11 Axios/03_callbacks/README.md b/11 Axios/03_callbacks/README.md
@@ -27,7 +27,7 @@ export const getBooks = (err, success) => {
 };
 
 - export const postBook = (book) => {
-export const postBook = (book) => (err, success) => {
++export const postBook = (book) => (err, success) => {
     axios.post('http://localhost:8000/api/books', book)
 -       .then(() => getBooks())
 -       .catch(errorHandler);
diff --git a/11 Axios/07b_interceptors/README.MD b/11 Axios/07b_interceptors/README.MD
@@ -1,6 +1,20 @@
-## We're going to create a new page that will contain a login form, if we're authenticated, the response will return a JWT, that we will use to call an API. If everythoi
+## We're going to create a new page that will contain a login form, if we're authenticated, the response will return a JWT, that we will use to call an API. If everything goes fine we well allow to access to server resources.
 
-* Lets start by creating a _index.html_
+* For this demo we will create a new project.
+
+```
+npm init -y
+```
+
+```
+npm i axios -S
+```
+
+```
+npm i parcel -D
+```
+
+* Lets start by creating _index.html_ in root folder solution.
 
 ```html
 <!DOCTYPE html>
@@ -31,6 +45,9 @@
 
 </html>
 ```
+
+* All our solution code will be placed in __src__ folder. Create this folder in root folder solution.
+
 * Lets create the code to handle this _form_, first we're going to create a new entry in _src/API/loginAPI.js_
 
 ```javascript
@@ -41,53 +58,96 @@ export default ({username, password}) => (
 );
 ```
 
-* Now it's time handle the UI code, but first we're going to create a new style of handling events, a way that allow us to retun _promises_, create _src/asynApi.js_
+* Now it's time handle the UI code, but first we're going to create a new style for handling events, we're going o create an event emitter. Create __src/eventEmitter.js__ 
 
 ```javascript
-export const submitButtonPromise = (event, targetId) => (
-    new Promise((resolve, _) => {
-        document.getElementById(targetId)
-            .addEventListener(event, (evt) => {
-                evt.stopPropagation();
-                evt.preventDefault();
-                resolve();
-            });
-    })
-); 
+const observer = () => {
+    const observers = [];
+    return {
+        subscribe(f) {
+            observers.push(f);
+        },
+        unsubscibe(f) {
+            observers = observers.filter((subscriber) => subscriber !== f);
+        },
+        notify(data) {
+            observers.forEach((observer) => observer(data));
+        }
+    }
+};
+
+export const eventSubscription = (targetId) => (event) => {
+    const eventTarget = document.getElementById(targetId);
+    
+    let obs = observer();
+
+    eventTarget.addEventListener(event, (evt) => {
+        evt.stopPropagation();
+        evt.preventDefault();
+        obs.notify(evt);
+    });
+
+    return obs;
+}
+
 ```
 
 * Now we can create _src/app.js_
 
 ```javascript
-// import { appendElement, createList } from './view/uiBuilder';
-import { submitButtonPromise } from './asyncApi';
+import { eventSubscription } from './eventEmitter';
 import login from './API/loginAPI';
 
-
 const readCredentials = () => {
     const username = document.getElementById('username').value;
     const password = document.getElementById('password').value;
     return {
         username,
-        password,
-    };
+        password
+    }
 };
 
 document.addEventListener('DOMContentLoaded', () => {
-    submitButtonPromise('click', 'login')
-        .then(() => {
-            const credentials = readCredentials();
-            return login(credentials)
-        })
-        .then((token) => {
-            console.log(token);
-        })
-        .catch((err) => console.log(err));
+    const submitButton = eventSubscription('login');
+    submitButton('click').subscribe(() => {
+        const credentials = readCredentials();
+        login(credentials)
+            .then(({data}) => {
+                console.log(data);
+            })
+            .catch(err => console.log(err));
+    });
 });
 ```
+
+* Modify __package.json__ to start our app
+
+```diff
+{
+  "name": "temp_auth_review",
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
++   "start": "parcel index.html",
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "axios": "^0.19.0"
+  },
+  "devDependencies": {
+    "parcel": "^1.12.3"
+  }
+}
+
+```
+
 * With our _auth_ server up and running we can check that this is already working.
 
-* Ok, so we're retrieving our token we wan to inject it so lets define _src/API/interceptors.js_
+* Ok, so we're retrieving our token we want to inject it so lets define _src/API/interceptors.js_
 
 ```javascript
 import axios from 'axios';
@@ -104,7 +164,7 @@ export const setUpRequest = (token) => {
 * Change _src/app.js_ to use the token;
 
 ```diff
-import { submitButtonPromise } from './asyncApi';
+import { eventSubscription } from './eventEmitter';
 import login from './API/loginAPI';
 +import { setUpRequest } from './API/interceptors';
 
@@ -113,22 +173,22 @@ const readCredentials = () => {
     const password = document.getElementById('password').value;
     return {
         username,
-        password,
-    };
+        password
+    }
 };
 
 document.addEventListener('DOMContentLoaded', () => {
-    submitButtonPromise('click', 'login')
-        .then(() => {
-            const credentials = readCredentials();
-            return login(credentials)
-        })
--       .then((token) => {
-+       .then((result) => {
-+           const { access_token } = result.data;
-+           setUpRequest(access_token);
-        })
-        .catch((err) => console.log(err));
+    const submitButton = eventSubscription('login');
+    submitButton('click').subscribe(() => {
+        const credentials = readCredentials();
+        login(credentials)
+-           .then(({data}) => {
++           .then(({data}) => {
++               const { access_token } = data;
++               setUpRequest(access_token);
++           })
+            .catch(err => console.log(err));
+    });
 });
 ```
 
@@ -158,7 +218,7 @@ document.addEventListener('DOMContentLoaded', () => {
 * Lets edit _src/app.js_ as follows
 
 ```javascript
-import { submitButtonPromise } from './asyncApi';
+import { eventSubscription } from './eventEmitter';
 import login from './API/loginAPI';
 import { setUpRequest } from './API/interceptors';
 /*diff*/
@@ -170,29 +230,28 @@ const readCredentials = () => {
     const password = document.getElementById('password').value;
     return {
         username,
-        password,
-    };
+        password
+    }
 };
 
 document.addEventListener('DOMContentLoaded', () => {
-    submitButtonPromise('click', 'login')
-        .then(() => {
-            const credentials = readCredentials();
-            return login(credentials)
-        })
-        .then((result) => {
-            const { access_token } = result.data;
-            setUpRequest(access_token);
-        })
-        .catch((err) => console.log(err));
+    const submitButton = eventSubscription('login');
+    submitButton('click').subscribe(() => {
+        const credentials = readCredentials();
+        login(credentials)
+            .then(({data}) => {
+                const { access_token } = data;
+                setUpRequest(access_token);
+            })
+            .catch(err => console.log(err));
+    });
     /*diff*/
-    document.getElementById('cars')
-        .addEventListener('click', (event) => {
-            event.stopPropagation();
-            axios.get('http://localhost:3050/api/cars')
-                .then((result) => console.log(result))
-                .catch((err) => console.log(err));
-        });
+    const loadCarsButton = eventSubscription('cars');
+    loadCarsButton('click').subscribe(() => {
+        axios.get('http://localhost:3050/api/cars')
+            .then((result) => console.log(result))
+            .catch((err) => console.log(err));
+    });
     /*diff*/
 });
 ```
diff --git a/auth/credentialResolver.js b/auth/credentialResolver.js
@@ -0,0 +1,44 @@
+const jwt = require('jsonwebtoken');
+
+const users = [
+    { id: 1, username: 'admin', password: 'admin' },
+    { id: 2, username: 'guest', password: 'guest' },
+];
+
+exports.resolveLogin = (username, password) => {
+    let status;
+    let response;
+    let emptyCredentials = !username || !password;
+    if (emptyCredentials) {
+        status = 400;
+        response = 'You need a username and password';
+    }
+
+    if (!emptyCredentials) {
+        const user = users.find((u) =>
+            u.username === username && u.password === password
+        );
+
+        if (!user) {
+            status = 401;
+            response = 'User not found';
+        } else {
+            const token = jwt.sign(
+                {
+                    sub: user.id,
+                    username: user.username
+                },
+                'mysupersecretkey',
+                { expiresIn: '3 hours' }
+            );
+
+            status = 200;
+            response = { access_token: token };
+        }
+    }
+
+    return {
+        status,
+        response,
+    }
+};
diff --git a/auth/index.js b/auth/index.js
@@ -1,50 +1,20 @@
 const express = require('express');
 const bodyParser = require('body-parser');
-const jwt = require('jsonwebtoken');
 const cors = require('cors');
+const { resolveLogin } = require('./credentialResolver');
 
 
 const app = express();
 const PORT = process.env.PORT || 8887;
-const users = [
-    { id: 1, username: 'admin', password: 'admin' },
-    { id: 2, username: 'guest', password: 'guest' },
-];
 
 app.use(bodyParser.json());
 app.use(cors());
 
-app.post('/login', (req, res, next) => {
-    console.log(req);
+app.post('/login', (req, res) => {
     const { username, password } = req.body;
-
-    if (!username || !password) {
-        res.status(400)
-            .send('You need a username and password');
-        next();
-    }
-
-    const user = users.find((u) =>
-        u.username === username && u.password === password
-    );
-
-    if (!user) {
-        res.status(401)
-            .send('User not found');
-        next();
-    }
-
-    const token = jwt.sign(
-        {
-            sub: user.id,
-            username: user.username
-        },
-        'mysupersecretkey',
-        { expiresIn: '3 hours' }
-    );
-
-    res.status(200)
-        .send({access_token: token});
+    const { status, response } = resolveLogin(username, password);
+    res.status(status)
+        .send(response);
 });
 
 app.get('*', (_, res) => {
diff --git a/server-in-memory/server.js b/server-in-memory/server.js
@@ -21,7 +21,7 @@ const jwtCheck = expressjwt({
 
 
 app.use('/api/users', jwtCheck, users);
-app.use('/api/cars', cars);
+app.use('/api/cars', jwtCheck, cars);
 
 
 app.set('port', process.env.PORT || 3050);
diff --git a/server-mongo/app.js b/server-mongo/app.js
