-
-
Notifications
You must be signed in to change notification settings - Fork 17
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
V0 #33
Merged
Merged
V0 #33
Changes from 31 commits
Commits
Show all changes
37 commits
Select commit
Hold shift + click to select a range
ab5dcc1
feat: check user roles
jean-michelet 8cf0a81
fix: conflicts
jean-michelet 23cb294
refactor: nit
jean-michelet 5b04aef
test: ensure and admin can assign and unassign a task
jean-michelet 70f95be
fix: authorization plugin has no dependency
jean-michelet 992977f
fix: update migrations dir path
jean-michelet cf526c0
fix: eslint
jean-michelet 6087f51
refactor: nit
jean-michelet 9c4c09e
Update .env.example
jean-michelet c08ffdd
refactor: use knex
jean-michelet 48a5ef9
Merge branch 'authorization' of github.com:jean-michelet/demo into au…
jean-michelet c69e826
refactor: migrations
jean-michelet edd2b48
fix: remove useless c8 ignore comments
jean-michelet 7483692
docs: update path
jean-michelet 43eb97f
refactor: change JWT auth for cookie session auth
jean-michelet 0f17f3f
chore: ci - env must have required property 'COOKIE_NAME'
jean-michelet e2f934b
fix: uncomment unauthenticated test
jean-michelet 667f132
refactor: leverage fastify sensible decorators
jean-michelet 745875c
chore: use tsx
jean-michelet 99b362e
feat: add pagination to tasks
jean-michelet da0fb0d
refactor: use COUNT(*) OVER() AS rowNum for tasks pagination
jean-michelet 8292859
refactor: decorate request for authorization
jean-michelet d4c335e
fix: use transaction for login controller
jean-michelet 6240960
refactor: register cookie plugin in session plugin
jean-michelet 188cc60
fix: conflict
jean-michelet ebf639f
test: mock app.compare implementation instead of reassignation
jean-michelet 8723ee3
test: spy logger to ensure 500 error is due to Transaction failure
jean-michelet 59d083e
feat: allow to upload task image
jean-michelet 2ba800f
refactor: improve scripts typing
jean-michelet ed78e1c
docs: static and multipart plugin
jean-michelet b2e502c
chore: dangerous DB operations should be explicitly authorized
jean-michelet bfd7380
refactor: use node test runner utitities
jean-michelet e946939
refactor: check file size before mime-type
jean-michelet 265940e
fix: identifier typo
jean-michelet 7c4dbc3
feat: do not use rm -rf
jean-michelet 5af3cd0
fix: storage path disclosure
jean-michelet 444000e
fix: nit
jean-michelet File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
CREATE TABLE roles ( | ||
id INT AUTO_INCREMENT PRIMARY KEY, | ||
name VARCHAR(255) NOT NULL | ||
); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
DROP TABLE IF EXISTS roles; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
CREATE TABLE user_roles ( | ||
id INT AUTO_INCREMENT PRIMARY KEY, | ||
user_id INT NOT NULL, | ||
role_id INT NOT NULL, | ||
FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE, | ||
FOREIGN KEY (role_id) REFERENCES roles(id) ON DELETE CASCADE | ||
); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
DROP TABLE IF EXISTS user_roles; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -9,29 +9,33 @@ | |
}, | ||
"scripts": { | ||
"start": "npm run build && fastify start -l info dist/app.js", | ||
"build": "tsc", | ||
"build": "rm -rf ./dist && tsc", | ||
"watch": "tsc -w", | ||
"dev": "npm run build && concurrently -k -p \"[{name}]\" -n \"TypeScript,App\" -c \"yellow.bold,cyan.bold\" \"npm:watch\" \"npm:dev:start\"", | ||
"dev:start": "fastify start --ignore-watch=.ts$ -w -l info -P dist/app.js", | ||
"dev:start": "npm run build && fastify start --ignore-watch=.ts$ -w -l info -P dist/app.js", | ||
"test": "npm run db:seed && tap --jobs=1 test/**/*", | ||
"standalone": "node --env-file=.env dist/server.js", | ||
"standalone": "npm run build && node --env-file=.env dist/server.js", | ||
"lint": "eslint --ignore-pattern=dist", | ||
"lint:fix": "npm run lint -- --fix", | ||
"db:migrate": "node --env-file=.env scripts/migrate.js", | ||
"db:seed": "node --env-file=.env scripts/seed-database.js" | ||
"db:create": "tsx --env-file=.env ./scripts/create-database.ts", | ||
"db:drop": "tsx --env-file=.env ./scripts/drop-database.ts", | ||
"db:migrate": "tsx --env-file=.env ./scripts/migrate.ts", | ||
"db:seed": "tsx --env-file=.env ./scripts/seed-database.ts" | ||
}, | ||
"keywords": [], | ||
"author": "Michelet Jean <[email protected]>", | ||
"license": "MIT", | ||
"dependencies": { | ||
"@fastify/autoload": "^6.0.0", | ||
"@fastify/cookie": "^11.0.1", | ||
"@fastify/cors": "^10.0.0", | ||
"@fastify/env": "^5.0.1", | ||
"@fastify/helmet": "^12.0.0", | ||
"@fastify/jwt": "^9.0.0", | ||
"@fastify/mysql": "^5.0.1", | ||
"@fastify/multipart": "^9.0.1", | ||
"@fastify/rate-limit": "^10.0.1", | ||
"@fastify/sensible": "^6.0.1", | ||
"@fastify/session": "^11.0.1", | ||
"@fastify/static": "^8.0.2", | ||
"@fastify/swagger": "^9.0.0", | ||
"@fastify/swagger-ui": "^5.0.1", | ||
"@fastify/type-provider-typebox": "^5.0.0", | ||
|
@@ -41,15 +45,18 @@ | |
"fastify": "^5.0.0", | ||
"fastify-cli": "^7.0.0", | ||
"fastify-plugin": "^5.0.1", | ||
"form-data": "^4.0.1", | ||
"knex": "^3.1.0", | ||
"mysql2": "^3.11.3", | ||
"postgrator": "^7.3.0" | ||
}, | ||
"devDependencies": { | ||
"@types/node": "^22.5.5", | ||
"eslint": "^9.11.0", | ||
"fastify-tsconfig": "^2.0.0", | ||
"mysql2": "^3.11.3", | ||
"neostandard": "^0.11.5", | ||
"tap": "^21.0.1", | ||
"tsx": "^4.19.1", | ||
"typescript": "~5.6.2" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
import { createConnection, Connection } from 'mysql2/promise' | ||
|
||
if (Number(process.env.CAN_CREATE_DATABASE) !== 1) { | ||
throw new Error("You can't create the database. Set `CAN_CREATE_DATABASE=1` environment variable to allow this operation.") | ||
} | ||
|
||
async function createDatabase () { | ||
const connection = await createConnection({ | ||
host: process.env.MYSQL_HOST, | ||
port: Number(process.env.MYSQL_PORT), | ||
user: process.env.MYSQL_USER, | ||
password: process.env.MYSQL_PASSWORD | ||
}) | ||
|
||
try { | ||
await createDB(connection) | ||
console.log(`Database ${process.env.MYSQL_DATABASE} has been created successfully.`) | ||
} catch (error) { | ||
console.error('Error creating database:', error) | ||
} finally { | ||
await connection.end() | ||
} | ||
} | ||
|
||
async function createDB (connection: Connection) { | ||
await connection.query(`CREATE DATABASE IF NOT EXISTS \`${process.env.MYSQL_DATABASE}\``) | ||
console.log(`Database ${process.env.MYSQL_DATABASE} created or already exists.`) | ||
} | ||
|
||
createDatabase() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
import { createConnection, Connection } from 'mysql2/promise' | ||
|
||
if (Number(process.env.CAN_DROP_DATABASE) !== 1) { | ||
throw new Error("You can't drop the database. Set `CAN_DROP_DATABASE=1` environment variable to allow this operation.") | ||
} | ||
|
||
async function dropDatabase () { | ||
const connection = await createConnection({ | ||
host: process.env.MYSQL_HOST, | ||
port: Number(process.env.MYSQL_PORT), | ||
user: process.env.MYSQL_USER, | ||
password: process.env.MYSQL_PASSWORD | ||
}) | ||
|
||
try { | ||
await dropDB(connection) | ||
console.log(`Database ${process.env.MYSQL_DATABASE} has been dropped successfully.`) | ||
} catch (error) { | ||
console.error('Error dropping database:', error) | ||
} finally { | ||
await connection.end() | ||
} | ||
} | ||
|
||
async function dropDB (connection: Connection) { | ||
await connection.query(`DROP DATABASE IF EXISTS \`${process.env.MYSQL_DATABASE}\``) | ||
console.log(`Database ${process.env.MYSQL_DATABASE} dropped.`) | ||
} | ||
|
||
dropDatabase() |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,51 @@ | ||
import mysql, { FieldPacket } from 'mysql2/promise' | ||
import path from 'node:path' | ||
import fs from 'node:fs' | ||
import Postgrator from 'postgrator' | ||
|
||
interface PostgratorResult { | ||
rows: any; | ||
fields: FieldPacket[]; | ||
} | ||
|
||
async function doMigration (): Promise<void> { | ||
const connection = await mysql.createConnection({ | ||
multipleStatements: true, | ||
host: process.env.MYSQL_HOST, | ||
port: Number(process.env.MYSQL_PORT), | ||
database: process.env.MYSQL_DATABASE, | ||
user: process.env.MYSQL_USER, | ||
password: process.env.MYSQL_PASSWORD | ||
}) | ||
|
||
try { | ||
const migrationDir = path.join(import.meta.dirname, '../migrations') | ||
|
||
if (!fs.existsSync(migrationDir)) { | ||
throw new Error( | ||
`Migration directory "${migrationDir}" does not exist. Skipping migrations.` | ||
) | ||
} | ||
|
||
const postgrator = new Postgrator({ | ||
migrationPattern: path.join(migrationDir, '*'), | ||
driver: 'mysql', | ||
database: process.env.MYSQL_DATABASE, | ||
execQuery: async (query: string): Promise<PostgratorResult> => { | ||
const [rows, fields] = await connection.query(query) | ||
return { rows, fields } | ||
}, | ||
schemaTable: 'schemaversion' | ||
}) | ||
|
||
await postgrator.migrate() | ||
|
||
console.log('Migration completed!') | ||
} catch (err) { | ||
console.error(err) | ||
} finally { | ||
await connection.end().catch(err => console.error(err)) | ||
} | ||
} | ||
|
||
doMigration() |
This file was deleted.
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
rm -rf
won't work for Windows users using cmd or PowerShell.You may need to either add a script to
scripts/
that cleans up dist usingnode:fs
'srm
and call that, or explicitly state in documentation for users to use Git Bash which comes with Git for Windows.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Or just don't use windows 🤣🤭