Getting Started โข API Endpoints โข Unit and E2E Tests
This project is a simple preview of how to use local session cookies for user authentication, using as few external libraries and frameworks as possible.
Session-based approaches are more appropriate for applications that prioritise server-side control, robust session management, and sensitive data protection.
Here is a list of all requisites to run this project.
- Clone the repository: Clone the project repository to your local machine using the following command in your terminal emulator:
git clone https://github.com/viniciusr-cmd/mdcf-typescript.git
- Navigate to the project directory: Change your current directory to the project directory:
cd mdcf-typescript
- Install dependencies: Install the project dependencies.
NPM
npm install
YARN
yarn install
- Start the project: Finally start the project.
NPM
npm start
YARN
yarn run
This project uses Vitest for unit testing. You also don't need to run the server, vitest can access the express app. Follow these steps to run the tests:
- Navigate to the project directory: If you're not already there, change your current directory to the project directory:
cd mdcf-typescript
- Install dependencies: If you haven't already done so, install the project dependencies:
NPM
npm install
YARN
yarn install
3.1 Run E2E tests: Use the following command to run the E2E tests:
NPM
npm run e2e
YARN
yarn run e2e
3.2 Run User Register Tests: Use the following command to run the User Register tests:
NPM
npm run test-register
YARN
yarn run test-register
3.3 Run User Login Tests: Use the following command to run the User Login tests:
NPM
npm run test-login
YARN
yarn run test-login
E2E
โ src/test/user.e2e.spec.ts (8) 584ms
โ
User Registration (2)
โ POST /auth/register - should create a new user and return 201 status
โ POST /auth/register - should return 400 status for missing parameters
โ
User Login (3)
โ POST /auth/login - should login a user and return 200 status
โ POST /auth/login - should return 400 status for incorrect credentials
โ POST /auth/login - should return 403 for a distinct password in database that is invalid
โ
User Update (2)
โ PATCH /users/:id - should update a user and return 200 status
โ PATCH /users/:id - should return 403 status for forbidden update
โ
User Deletion (1)
โ DELETE /users/:id - should delete a user and return 204 status
Test Files 1 passed (1)
Tests 8 passed (8)
TEST-REGISTER
โ src/test/user.register.spec.ts (2) 481ms
โ
User Registration (2)
โ POST /auth/register - should create a new user and return 201 status
โ POST /auth/register - should return 400 status for missing parameters
Test Files 1 passed (1)
Tests 2 passed (2)
TEST-LOGIN
โ src/test/user.login.spec.ts (3) 543ms
โ
User Login (3)
โ POST /auth/login - should login a user and return 200 status
โ POST /auth/login - should return 400 status for incorrect credentials
โ POST /auth/login - should return 403 for a distinct password in database that is invalid
Test Files 1 passed (1)
Tests 3 passed (3)
Here is listed the main routes of API, and what are their expected request and response bodies. โ
ROUTE | DESCRIPTION |
---|---|
POST /auth/register | registers user into mongodb database request details |
POST /auth/login | logs user if registered in database request details |
PATCH /users/:id | updates the specified user given their ID and if they are the owner request details |
DELETE /users/:id | deletes the specified user given their ID and if they are the owner response details |
GET /users | get all users info for debug response details |
REQUEST
{
"username": "testuser",
"password": "testpassword"
}
RESPONSE
{
"authentication": {
"password": "e0dc347803777c3bf601ebbc2e1c1223c8b4ec1ff6567507823babb6b15bcaae",
"salt": "trHLYZNZ8L5v6YQHPduclIeEjAX6XfCJDtTmGr7LtYTGdsDtVw5fLPk5NfebChAHy2vrfIUvzRre48PvTDl8LHZid0ahLacF5NQ5HswAHD8QYURMmXXTtP3JlMGbhe2eR3mw45RtdQQwR0hPntpIjSH3sE1cdf3IUvkhtk8As2I=",
"sessionToken": "651b7dcd0fd8cb5ae3687e8518470aca12e4d0d989ad66de1207eaf473f973fe"
},
"_id": "65da248452b8fd995ae08b92",
"username": "testuser",
"__v": 0
}
REQUEST
{
"username": "testuser",
"password": "testpassword"
}
RESPONSE
{
"authentication": {
"password": "e0dc347803777c3bf601ebbc2e1c1223c8b4ec1ff6567507823babb6b15bcaae",
"salt": "trHLYZNZ8L5v6YQHPduclIeEjAX6XfCJDtTmGr7LtYTGdsDtVw5fLPk5NfebChAHy2vrfIUvzRre48PvTDl8LHZid0ahLacF5NQ5HswAHD8QYURMmXXTtP3JlMGbhe2eR3mw45RtdQQwR0hPntpIjSH3sE1cdf3IUvkhtk8As2I=",
"sessionToken": "651b7dcd0fd8cb5ae3687e8518470aca12e4d0d989ad66de1207eaf473f973fe"
},
"_id": "65da248452b8fd995ae08b92",
"username": "testuser",
"__v": 0
}
REQUEST
{
"username": "TESTUSERUPDATED"
}
RESPONSE
{
"authentication": {
"password": "f3a8f30ee08e90b348a4a7b9a81008ab363176f8dab32b7c3bbc74c6f4f1acf7",
"salt": "1prFs01jEV5TGz5z8DneFJRiAzYg/AbE+jG92W/NZjrXYBXA2cn8saOtWcFUePbVYJhSzG7fx7tBrS2xouayp4R+KRdpPoif+T2uRgrcNTdvVcq+KXxyyt1G+rpkDZWmZwWLdC3hB8xvwTTYYAonM15rSJszQM7/q3a3bXDX03U=",
"sessionToken": "7dd4efbff4ca66e4fa380294a66787a6ef6fac79b08f9745069f37e00ad1a947"
},
"_id": "65da2a0e3aa903838235d7e4",
"username": "TESTUSERUPDATED",
"__v": 0
}
CURL REQUEST
curl --request DELETE \
--url http://localhost:8080/users/65da2a0e3aa903838235d7e4
RESPONSE
204 No Content
RESPONSE
{
"authentication": {
"password": "f3a8f30ee08e90b348a4a7b9a81008ab363176f8dab32b7c3bbc74c6f4f1acf7",
"salt": "1prFs01jEV5TGz5z8DneFJRiAzYg/AbE+jG92W/NZjrXYBXA2cn8saOtWcFUePbVYJhSzG7fx7tBrS2xouayp4R+KRdpPoif+T2uRgrcNTdvVcq+KXxyyt1G+rpkDZWmZwWLdC3hB8xvwTTYYAonM15rSJszQM7/q3a3bXDX03U=",
"sessionToken": "7dd4efbff4ca66e4fa380294a66787a6ef6fac79b08f9745069f37e00ad1a947"
},
"_id": "65da2a0e3aa903838235d7e4",
"username": "TESTUSERUPDATED",
"__v": 0
}