✨ init

Author: Hendrixer

.gitignore

@@ -0,0 +1,6 @@
+node_modules
+.DS_Store
+*.log
+*.error
+dist
+.webpack

README.md

@@ -0,0 +1,39 @@
+{
+  "name": "api-node",
+  "version": "1.0.0",
+  "main": "index.js",
+  "license": "MIT",
+  "scripts": {
+    "start": "webpack --colors --progress",
+    "test:unit": "NODE_ENV=testing rm -rf ./tmp/mocha-webpack && mocha-webpack --webpack-config webpack.testing.js \"src/**/*.spec.js\" --timeout 10000 --require source-map-support/register",
+    "test": "npm run test:unit"
+  },
+  "dependencies": {
+    "apollo-server-express": "^1.1.6",
+    "bcrypt": "^1.0.3",
+    "express": "^4.16.1",
+    "express-jwt": "^5.3.0",
+    "graphql-tools": "^2.4.0",
+    "jsonwebtoken": "^8.1.0",
+    "lodash.merge": "^4.6.0",
+    "mongoose": "^4.12.1"
+  },
+  "devDependencies": {
+    "babel-core": "^6.26.0",
+    "babel-loader": "^7.1.2",
+    "babel-plugin-transform-regenerator": "^6.26.0",
+    "babel-plugin-transform-runtime": "^6.23.0",
+    "babel-preset-env": "^1.6.0",
+    "babel-preset-stage-0": "^6.24.1",
+    "chai": "^4.1.2",
+    "chai-http": "^3.0.0",
+    "graphql-tag": "^2.4.2",
+    "mocha": "^4.0.1",
+    "mocha-webpack": "next",
+    "raw-loader": "^0.5.1",
+    "source-map-support": "^0.5.0",
+    "start-server-webpack-plugin": "^2.2.0",
+    "webpack": "^3.6.0",
+    "webpack-node-externals": "^1.6.0"
+  }
+}

package.json

@@ -0,0 +1,31 @@
+import { makeExecutableSchema } from 'graphql-tools'
+import { userType, userResolvers } from './resources/user'
+import merge from 'lodash.merge'
+import { graphqlExpress } from 'apollo-server-express'
+
+const baseSchema = `
+  schema {
+    query: Query
+    mutation: Mutation
+  }
+`
+
+const schema = makeExecutableSchema({
+  typeDefs: [
+    baseSchema,
+    userType
+  ],
+  resolvers: merge(
+    {},
+    userResolvers
+  )
+})
+
+
+export const graphQLRouter = graphqlExpress((req) => ({
+  schema,
+  context: {
+    req,
+    user: req.user
+  }
+}))

src/api/graphQLRouter.js

@@ -0,0 +1,2 @@
+export { restRouter } from './restRouter'
+export { graphQLRouter } from './graphQLRouter'

src/api/index.js

@@ -0,0 +1,93 @@
+import { User } from '../resources/user/user.model'
+import jwt from 'jsonwebtoken'
+import config from '../../config'
+import expressJwt from 'express-jwt'
+
+const checkToken = expressJwt({ secret: config.secrets.JWT_SECRET })
+
+export const signin = (req, res, next) => {
+  // req.user will be there from the middleware
+  // verify user. Then we can just create a token
+  // and send it back for the client to consume
+  const token = signToken(req.user.id)
+  res.json({token: token})
+}
+
+export const decodeToken = () => (req, res, next) => {
+  if (config.disableAuth) {
+    return next()
+  }
+  // make it optional to place token on query string
+  // if it is, place it on the headers where it should be
+  // so checkToken can see it. See follow the 'Bearer 034930493' format
+  // so checkToken can see it and decode it
+  if (req.query && req.query.hasOwnProperty('access_token')) {
+    req.headers.authorization = 'Bearer ' + req.query.access_token
+  }
+
+  // this will call next if token is valid
+  // and send error if its not. It will attached
+  // the decoded token to req.user
+  checkToken(req, res, next)
+}
+
+export const getFreshUser = () => (req, res, next) => {
+  return User.findById(req.user.id)
+    .then(function(user) {
+      if (!user) {
+        // if no user is found it was not
+        // it was a valid JWT but didn't decode
+        // to a real user in our DB. Either the user was deleted
+        // since the client got the JWT, or
+        // it was a JWT from some other source
+        res.status(401).send('Unauthorized')
+      } else {
+        // update req.user with fresh user from
+        // stale token data
+        req.user = user
+        next()
+      }
+    })
+    .catch(error => next(error))
+}
+
+export const verifyUser = () => (req, res, next) => {
+  const username = req.body.username
+  const password = req.body.password
+
+  // if no username or password then send
+  if (!username || !password) {
+    res.status(400).send('You need a username and password')
+    return
+  }
+
+  // look user up in the DB so we can check
+  // if the passwords match for the username
+  User.findOne({username: username})
+    .then(function(user) {
+      if (!user) {
+        res.status(401).send('No user with the given username')
+      } else {
+        // checking the passowords here
+        if (!user.authenticate(password)) {
+          res.status(401).send('Wrong password')
+        } else {
+          // if everything is good,
+          // then attach to req.user
+          // and call next so the controller
+          // can sign a token from the req.user._id
+          req.user = user;
+          next()
+        }
+      }
+    })
+    .catch(error => next(err))
+}
+
+export const signToken = (id) => jwt.sign(
+  {id},
+  config.secrets.JWT_SECRET,
+  {expiresIn: config.expireTime}
+)
+
+export const protect = [decodeToken(), getFreshUser()]

src/api/modules/auth.js

@@ -0,0 +1,4 @@
+export const apiErrorHandler = (error, req, res, next) => {
+  console.error(error.stack)
+  res.status(500).send(error.message || error.toString())
+}

src/api/modules/errorHandler.js

@@ -0,0 +1,90 @@
+import merge from 'lodash.merge'
+
+export const controllers = {
+  createOne(model, body) {
+    return model.create(body)
+  },
+
+  updateOne(docToUpdate, update) {
+    merge(docToUpdate, update)
+    return docToUpdate.save()
+  },
+
+  deleteOne(docToDelete) {
+    return docToDelete.remove()
+  },
+
+  getOne(docToGet) {
+    return Promise.resolve(docToGet)
+  },
+
+  getAll(model) {
+    return model.find({})
+  },
+
+  findByParam(model, id) {
+    return model.findById(id)
+  }
+}
+
+export const createOne = (model) => (req, res, next) => {
+  return controllers.createOne(model, req.body)
+    .then(doc => res.status(201).json(doc))
+    .catch(error => next(error))
+}
+
+export const updateOne = (model) => async (req, res, next) => {
+  const docToUpdate = req.docFromId
+  const update = req.body
+
+  return controllers.updateOne(docToUpdate, update)
+    .then(doc => res.status(201).json(doc))
+    .catch(error => next(error))
+}
+
+export const deleteOne = (model) => (req, res, next) => {
+  return controllers.deleteOne(req.docFromId)
+    .then(doc => res.status(201).json(doc))
+    .catch(error => next(error))
+}
+
+export const getOne = (model) => (req, res, next) => {
+  return controllers.getOne(req.docToUpdate)
+    .then(doc => res.status(200).json(doc))
+    .catch(error => next(error))
+}
+
+export const getAll = (model) => (req, res, next) => {
+  return controllers.getAll(model)
+    .then(docs => res.json(docs))
+    .catch(error => next(error))
+}
+
+export const findByParam = (model) => (req, res, next, id) => {
+  return controllers.findByParam(model, id)
+    .then(doc => {
+      if (!doc) {
+        next(new Error('Not Found Error'))
+      } else {
+        req.docFromId
+        next()
+      }
+    })
+    .catch(error => {
+      next(error)
+    })
+}
+
+
+export const generateControllers = (model, overrides = {}) => {
+  const defaults = {
+    findByParam: findByParam(model),
+    getAll: getAll(model),
+    getOne: getOne(model),
+    deleteOne: deleteOne(model),
+    updateOne: updateOne(model),
+    createOne: createOne(model)
+  }
+
+  return {...defaults, ...overrides}
+}

src/api/modules/query.js

@@ -0,0 +1,100 @@
+import { expect } from 'chai'
+import { dropDb } from '~/testhelpers'
+import { controllers } from './query'
+import { User } from '../resources/user/user.model'
+
+describe('Modules', () => {
+  beforeEach(async () => {
+    await dropDb()
+  })
+
+  afterEach(async () => {
+    await dropDb()
+  })
+
+  describe('query', () => {
+    describe('createOne', () => {
+      it('should create a document', async () => {
+        const result = await controllers.createOne(User, {
+          username: 'student12',
+          passwordHash: '1234abcd'
+        })
+        expect(result).to.be.ok
+        expect(result.id).to.be.ok
+        expect(result.username).to.equal('student12')
+      })
+    })
+    describe('updateOne', () => {
+      it('should update a document', async () => {
+        const user = await controllers.createOne(User, {
+          username: 'studentx',
+          passwordHash: '1234sdkfj'
+        })
+
+        const newUsername = 'newStudentZ'
+        const updatedUser = await controllers.updateOne(user, {username: newUsername})
+
+        expect(updatedUser.username).to.equal(newUsername)
+        expect(updatedUser.id).to.equal(user.id)
+      })
+    })
+
+    describe('deleteOne', () => {
+      it('should delete a document', async () => {
+        const user = await controllers.createOne(User, {
+          username: 'studentx',
+          passwordHash: '1234sdkfj'
+        })
+
+        const deletedUser = await controllers.deleteOne(user)
+
+        expect(deletedUser.id).to.equal(user.id)
+        expect(await User.findById(user.id)).to.equal(null)
+      })
+    })
+
+    describe('getOne', () => {
+      it('should get one document', async () => {
+        const user = await controllers.createOne(User, {
+          username: 'studentx',
+          passwordHash: '1234sdkfj'
+        })
+
+        const foundUser = await controllers.getOne(user)
+
+        expect(foundUser).to.equal(user)
+      })
+    })
+
+    describe('getAll', () => {
+      it('should get all documnets', async () => {
+        const usernames = ['student1', 'student2']
+
+        const users = await Promise.all(usernames.map(async username => {
+          const user = await controllers.createOne(User, {username, passwordHash: '1234qwer'})
+          return user.toJSON()
+        }))
+
+        const allUsers = (await controllers.getAll(User))
+          .map(user => user.toJSON())
+
+        expect(allUsers).to.have.length(users.length)
+      })
+    })
+
+    describe('findByParam', () => {
+      it('should find model my id', async () => {
+        const user = (await controllers.createOne(User, {
+          username: 'student1',
+          passwordHash: '1234qwe'
+        }))
+          .toJSON()
+
+        const foundUser = (await controllers.findByParam(User, user._id))
+          .toJSON()
+
+        expect(foundUser).to.deep.eql(user)
+      })
+    })
+  })
+})

src/api/modules/query.spec.js

@@ -0,0 +1,2 @@
+export * from './playlist.restRouter'
+export * from './playlist.graphQLRouter'

src/api/resources/playlist/index.js

@@ -0,0 +1,4 @@
+import { generateControllers } from '../../modules/query'
+import { Playlist } from './playlist.model'
+
+export default generateControllers(Playlist)

src/api/resources/playlist/playlist.controller.js

@@ -0,0 +1,2 @@
+export * as playlistType from './playlist.graphql'
+export { playlistResolvers } from './playlist.resolvers'