Closed hiyaryan closed 10 months ago
This PR marks the start to attempt some TDD. There are some issues around testing the API and passport. Currently determining if the issue is due to a bug in the controller and middleware code or in the setup of the tests itself. It seemingly is due to the test setup. Working through this issue with ChatGPT in two conversations.
CDJ Troubleshoot Test Setup Issues CDJ TDD
Some things to look into is how passport is being used in the controllers and middleware. Incorrect usage may be causing these errors. Another thing is that passport may be trying to use the development test base which is not active in a testing environment (the test version of the database is) to authenticate/authorize a user so another passport strategy may be required to be setup.
Those issues can be resolved in another PR as it is seemingly going to cause a holdup in continuing development. In the meantime, the API was tested manually using curl commands verifying that only authenticated users may access the database and that all endpoints are in fact working as expected. The following commands were used for testing
Testing Entries API
curl -X GET http://localhost:3000/journals/65619e89bba77f3e6cff9580/entries
Attempts to retrieve all entries from the specified journal without authentication.
curl -X POST http://localhost:3000/journals/65619e89bba77f3e6cff9580/entries \
-H "Content-Type: application/json" \
-d '{"title": "Test Entry", "content": "This is a test entry."}'
Tries to add a new entry to the specified journal without authentication.
curl -X GET http://localhost:3000/journals/65619e89bba77f3e6cff9580/entries/65619e89bba77f3e6cff9582
Attempts to retrieve the specified journal entry without authentication.
curl -X PUT http://localhost:3000/journals/65619e89bba77f3e6cff9580/entries/65619e89bba77f3e6cff9582 \
-H "Content-Type: application/json" \
-d '{"title": "Updated Title", "content": "Updated content."}'
Tries to update the specified journal entry without authentication.
curl -X DELETE http://localhost:3000/journals/65619e89bba77f3e6cff9580/entries/65619e89bba77f3e6cff9582
Attempts to delete the specified journal entry without authentication.
Testing Access API
curl -X POST http://192.168.50.157:3000/access/register \
-H "Content-Type: application/json" \
-d '{"fname": "Alice", "lname": "Johnson", "email": "alicej92@berkeley.edu", "password": "gobears!2014"}'
Registers a new user with valid credentials.
curl -X POST http://192.168.50.157:3000/access/login \
-H "Content-Type: application/json" \
-d '{"email": "alicej92@berkeley.edu", "password": "gobears!2014"}'
Attempts to log in with valid credentials.
curl -X POST http://192.168.50.157:3000/access/login \
-H "Content-Type: application/json" \
-d '{"email": "alicej92@berkeley.edu", "password": "wrongpassword"}'
Attempts to log in with a valid email but incorrect password.
curl -X POST http://192.168.50.157:3000/access/login \
-H "Content-Type: application/json" \
-d '{"email": "wrongemail@berkeley.edu", "password": "gobears!2014"}'
Attempts to log in with an incorrect email and valid password.
curl -X GET http://192.168.50.157:3000/access/logout
Logs out the currently authenticated user.
curl -X POST http://192.168.50.157:3000/access/register \
-H "Content-Type: application/json" \
-d '{"fname": "Alice", "lname": "Johnson", "email": "alicej92@berkeley.edu", "password": "gobears!2014"}'
Attempts to register a user with an already existing email.
curl -X GET http://192.168.50.157:3000/access/logout
Attempts to log out when no user is logged in.
These curl commands are based on new API documentation also added in this PR in the backend docs directory.
Finally, this PR adds ESLint to the backend and lints the entire backend codebase.
This PR tests authorization on the backend. It is also introduces the first instance of Jest unit tests now that the code base has sufficiently grown and authentication/authorization is becoming increasingly important.