WIP: Exercise 4

backend/.env

@@ -0,0 +1 @@
+JWT_SECRET=thecountryroads

backend/.eslintrc.json

@@ -1,6 +1,6 @@
 {
     "env": {
-        "browser": true,
+        "node": true,
         "commonjs": true,
         "es2021": true
     },

backend/package.json

@@ -12,9 +12,14 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "apollo-datasource-rest": "^0.9.5",
+    "apollo-datasource": "^0.7.2",
     "apollo-server": "^2.19.0",
+    "bcrypt": "^5.0.0",
+    "dotenv": "^8.2.0",
     "graphql": "^15.4.0",
+    "graphql-middleware": "^4.0.2",
+    "graphql-shield": "^7.4.2",
+    "jsonwebtoken": "^8.5.1",
     "nodemon": "^2.0.6"
   },
   "devDependencies": {

backend/src/DataSources/posts-data-source.js

@@ -0,0 +1,87 @@
+const {DataSource} = require('apollo-datasource');
+const {UserInputError} = require('apollo-server');
+const crypto = require('crypto');
+
+class Post {
+  constructor (data) {
+    this.id = crypto.randomBytes(16).toString('hex');
+    this.voters = [];
+    this.votes = 0;
+    Object.assign(this, data);
+  }
+}
+
+class PostsDataSource extends DataSource {
+
+  constructor() {
+    super();
+    this.posts = [];
+  }
+
+  async allPosts () {
+    return this.posts;
+  }
+
+  async createPost (data, currUser) {
+
+    if(currUser){
+      const newPost = new Post({...data, author:currUser});
+      this.posts.push(newPost);
+
+      return newPost;
+    }
+
+    return null;
+  }
+
+  async votePost(id, value, currUser) {
+    const post = this.posts.find(e => e.id == id);
+
+    if (post) {
+
+      if(currUser) {
+
+        if(!post.voters.find(voter => voter.id == currUser.id)){
+
+          post.votes+= value;
+          post.voters.push(currUser);
+
+          return post;
+        }
+        else{
+          throw new UserInputError("This user voted on this post already");
+        }
+      }
+    }
+    else{
+      throw new UserInputError("No post with this ID", {invalidArgs: [id]});
+    }
+  }
+
+  async deletePost (id, currUser) {
+
+    const post = this.posts.find(e => e.id == id);
+
+    if (post) {
+
+      if(currUser) {
+
+        if( currUser.id == post.author.id) {
+
+          const deleteIndex = this.posts.indexOf(post);
+          this.posts.splice(deleteIndex,1);
+
+          return post;
+
+        }else {
+          throw new Error("Only authors of a post are allowed to delete their own posts.");
+        }
+      }
+    }
+    else{
+      throw new UserInputError("No post with this ID", {invalidArgs: [id]});
+    }
+
+  }
+} 
+module.exports = {Post, PostsDataSource}

backend/src/DataSources/users-data-source.js

@@ -0,0 +1,65 @@
+const {DataSource} = require('apollo-datasource');
+const {createAccessToken} = require('../token')
+const crypto = require('crypto');
+const bcrypt = require('bcrypt');
+
+class User{
+  constructor(data){
+    this.id = crypto.randomBytes(16).toString('hex')
+    data.password = bcrypt.hashSync(data.password, 10);
+    Object.assign(this, data);
+  }
+}
+
+class UsersDataSource extends DataSource {
+
+  constructor() {
+    super();
+    this.users = []
+  }
+
+  async getUser(id) {
+    return this.users.find(user => user.id === id);
+  }
+
+  getUserByEmail(email) {
+    return this.users.find(user => user.email === email);
+  }
+
+  async signup(name, email, password) {
+    //trim
+    email = email.trim();
+    password = password.trim();
+
+    /*
+      Validate:
+      - Make sure the email address is not taken by another user.
+      - Accept only passwords with a length of at least 8 characters.
+    */
+    if(this.getUserByEmail(email) || password.length < 8){
+      return null;
+    }
+
+    const newUser = new User({name, email, password});
+    this.users.push(newUser);
+    console.log(this.users);
+
+    return createAccessToken(newUser.id);
+  }
+
+  async login(email, password) {
+    let user = this.getUserByEmail(email);
+    console.log(user);
+
+    if(user && bcrypt.compareSync(password, user.password)){
+      return createAccessToken(user.id);
+    }
+
+    return null;
+  }
+
+  async allUsers() {
+    return this.users;
+  }
+}
+module.exports = {User, UsersDataSource}

backend/src/DataSource/users.spec.js → backend/src/DataSources/users.spec.js

@@ -1,16 +1,59 @@
 const { createTestClient } = require("apollo-server-testing");
 const {gql} = require("apollo-server");
+const {ApolloServer, makeExecutableSchema} = require('apollo-server');
 const {User, UsersDataSource} = require("./users-data-source");
 const {Post, PostsDataSource} = require("./posts-data-source");
-const Server = require("../server");
+const {applyMiddleware} = require('graphql-middleware');
+const server = require("../server");
+const bcrypt = require('bcrypt');
 
 let postsMemory = new PostsDataSource();
 let usersMemory = new UsersDataSource();
-const server = new Server({dataSources: ()=> ({postsDataSrc: postsMemory, usersDataSrc: usersMemory})});
+const typeDefs = require('../schema');
+const resolvers = require('../resolver');
 
-const {query, mutate } = createTestClient(server);
+const s = new server();
+
+const testContext = (testToken) => {
+    let token = testToken || ''
+    token = token.replace('Bearer ', '')
+    try {
+      const decodedJwt = jwt.verify(
+        token,
+        process.env.JWTSECRET
+      )
+      return { decodedJwt }
+    } catch (e) {
+      return {}
+    }
+  }
+
+  const schema = applyMiddleware(makeExecutableSchema({typeDefs, resolvers}));
+  const setupServer = (ps, us, testToken) => {
+    const server = new ApolloServer({
+    schema,
+      context: testContext(testToken), // not sure if this is the correct way. but we didn`t find another solution to add the token as request (see https://github.com/apollographql/apollo-server/issues/2277)
+      dataSources: () => ({
+        posts: new PostsDataSource(ps, us)
+      })
+    })
+    return createTestClient(server)
+  }
 
 describe("queries", () => {
+    const postData = [
+        { id: 'post1', title: 'Item 1', votes: 0, voters: [], author: {} }
+      ]
+      const userData = [
+        new User({name:'An', email:'an@gmail.com', password:'12345678'}),
+        new User({name:'Ilona', email:'ilona@gmail.com', password:'12345678'}),
+        new User({name:'Andrej', email:'andrej@gmail.com', password:'12345678'})        
+    ]
+      postData[0].author = userData[0];
+
+
+      const { query } = setupServer(postData, userData);
+
 
     describe("USERS", () => {
         const GET_USERS = gql`

backend/src/context.js

@@ -0,0 +1,24 @@
+require('dotenv').config();
+const jwt = require('jsonwebtoken');
+
+const context = ({req}) => {
+
+    let token = req.headers.authorization || '';
+    token = token.replace('Bearer ', '');
+
+    try {
+        const decodedJwt = jwt.verify(
+          token,
+          process.env.JWT_SECRET
+        );
+
+        console.log("context here", decodedJwt)
+
+        return {decodedJwt};
+
+    } catch(e) {
+        return {}
+    }
+}
+
+module.exports = {context};