diff --git a/backend/docs/api.md b/backend/docs/api.md index 7c584d2..e88687e 100644 --- a/backend/docs/api.md +++ b/backend/docs/api.md @@ -160,3 +160,11 @@ Example request: ] } ``` + +## Users + +### GET /shop/:shop/user/:id + +### POST /shop/:shop/user/ + +### PUT /shop/:shop/user/:id diff --git a/backend/docs/data-model.md b/backend/docs/data-model.md index 85fdbc3..12c56cf 100644 --- a/backend/docs/data-model.md +++ b/backend/docs/data-model.md @@ -47,3 +47,12 @@ See the create script for more details about the data types and keys. - `customers`: Maximum number of customers for this time slot. - `min_duration`: Minimum duration time to issue a ticket. - `max_duration`: Maximum duration time to issue a ticket. + +### users + +`users` contains all registered users. + +- `id`: Id of the user as an integer. +- `label`: Name of the user as string. +- `token`: Bearer token for login using `access_token` query parameter. +- `admin`: Flag if the user has admin right as boolean. diff --git a/backend/test/all.sh b/backend/examples/all.sh similarity index 100% rename from backend/test/all.sh rename to backend/examples/all.sh diff --git a/backend/test/baseUrl.txt b/backend/examples/baseUrl.txt similarity index 100% rename from backend/test/baseUrl.txt rename to backend/examples/baseUrl.txt diff --git a/backend/test/delete.sh b/backend/examples/delete.sh similarity index 100% rename from backend/test/delete.sh rename to backend/examples/delete.sh diff --git a/backend/test/shop-get.sh b/backend/examples/shop-get.sh similarity index 100% rename from backend/test/shop-get.sh rename to backend/examples/shop-get.sh diff --git a/backend/test/shop-put.json b/backend/examples/shop-put.json similarity index 100% rename from backend/test/shop-put.json rename to backend/examples/shop-put.json diff --git a/backend/test/shop-put.sh b/backend/examples/shop-put.sh similarity index 100% rename from backend/test/shop-put.sh rename to backend/examples/shop-put.sh diff --git a/backend/test/ticket-available.sh b/backend/examples/ticket-available.sh similarity index 100% rename from backend/test/ticket-available.sh rename to backend/examples/ticket-available.sh diff --git a/backend/test/ticket-get.sh b/backend/examples/ticket-get.sh similarity index 100% rename from backend/test/ticket-get.sh rename to backend/examples/ticket-get.sh diff --git a/backend/test/ticket-image.sh b/backend/examples/ticket-image.sh similarity index 100% rename from backend/test/ticket-image.sh rename to backend/examples/ticket-image.sh diff --git a/backend/test/ticket-post.sh b/backend/examples/ticket-post.sh similarity index 100% rename from backend/test/ticket-post.sh rename to backend/examples/ticket-post.sh diff --git a/backend/test/ticket-put.json b/backend/examples/ticket-put.json similarity index 100% rename from backend/test/ticket-put.json rename to backend/examples/ticket-put.json diff --git a/backend/test/ticket-put.sh b/backend/examples/ticket-put.sh similarity index 100% rename from backend/test/ticket-put.sh rename to backend/examples/ticket-put.sh diff --git a/backend/test/ticket1-post.json b/backend/examples/ticket1-post.json similarity index 100% rename from backend/test/ticket1-post.json rename to backend/examples/ticket1-post.json diff --git a/backend/test/ticket2-post.json b/backend/examples/ticket2-post.json similarity index 100% rename from backend/test/ticket2-post.json rename to backend/examples/ticket2-post.json diff --git a/backend/test/ticket3-post.json b/backend/examples/ticket3-post.json similarity index 100% rename from backend/test/ticket3-post.json rename to backend/examples/ticket3-post.json diff --git a/backend/test/timeslot-get.sh b/backend/examples/timeslot-get.sh similarity index 100% rename from backend/test/timeslot-get.sh rename to backend/examples/timeslot-get.sh diff --git a/backend/test/timeslot-put.json b/backend/examples/timeslot-put.json similarity index 100% rename from backend/test/timeslot-put.json rename to backend/examples/timeslot-put.json diff --git a/backend/test/timeslot-put.sh b/backend/examples/timeslot-put.sh similarity index 100% rename from backend/test/timeslot-put.sh rename to backend/examples/timeslot-put.sh diff --git a/backend/examples/user-get.sh b/backend/examples/user-get.sh new file mode 100755 index 0000000..1b5dddc --- /dev/null +++ b/backend/examples/user-get.sh @@ -0,0 +1,5 @@ +#!/bin/bash + +BASE_URL=$(cat baseUrl.txt) + +curl -v $BASE_URL/shop/default/user/owner -H "accept: application/json" diff --git a/backend/examples/user-post.json b/backend/examples/user-post.json new file mode 100644 index 0000000..bade1ff --- /dev/null +++ b/backend/examples/user-post.json @@ -0,0 +1,5 @@ +{ + "id": "owner", + "label": "Shop Owner", + "admin": true +} diff --git a/backend/examples/user-post.sh b/backend/examples/user-post.sh new file mode 100755 index 0000000..309a2b3 --- /dev/null +++ b/backend/examples/user-post.sh @@ -0,0 +1,6 @@ +#!/bin/bash + +BASE_URL=$(cat baseUrl.txt) +DATA=$(cat user-post.json) + +curl -v $BASE_URL/shop/default/user/ -X POST -H "content-type: application/json" -H "accept: application/json" --data "$DATA" diff --git a/backend/lib/Database.js b/backend/lib/Database.js index e5cf0a6..e16dcf0 100644 --- a/backend/lib/Database.js +++ b/backend/lib/Database.js @@ -188,6 +188,36 @@ ORDER BY "range"."start" return result.rows } + + async addUser ({ id, label, token, admin }) { + const query = 'INSERT INTO users("id", "label", "token", "admin") VALUES ($1, $2, $3, $4) RETURNING *' + const values = [id, label, token, admin] + const result = await this.client.query(query, values) + + return result.rows[0] + } + + async setUser ({ id, label, token, admin }) { + const query = 'UPDATE users SET "label"=$1, "token"=$2, "admin"=$3 WHERE "id"=$4' + const values = [label, token, admin, id] + await this.client.query(query, values) + } + + async getUser (id) { + const query = 'SELECT * FROM users WHERE "id"=$1' + const values = [id] + const result = await this.client.query(query, values) + + return result.rows[0] + } + + async getUserByToken (token) { + const query = 'SELECT * FROM users WHERE "token"=$1' + const values = [token] + const result = await this.client.query(query, values) + + return result.rows[0] + } } module.exports = Database diff --git a/backend/lib/defaults.js b/backend/lib/defaults.js index 6edb591..a967ed3 100644 --- a/backend/lib/defaults.js +++ b/backend/lib/defaults.js @@ -7,7 +7,18 @@ const defaults = { host: 'localhost', database: 'postgres', password: null, - port: null + port: null, + }, + express: { + session: { + key: 'random' + } + }, + auth: { + operator: { + user: 'operator', + password: 'operator' + } } } diff --git a/backend/lib/middleware/authn.js b/backend/lib/middleware/authn.js new file mode 100644 index 0000000..6cf0265 --- /dev/null +++ b/backend/lib/middleware/authn.js @@ -0,0 +1,44 @@ +const express = require('express') +const passport = require('passport') +const { BasicStrategy } = require('passport-http') +const BearerStrategy = require('passport-http-bearer') + +function auth ({ config, db }) { + const router = new express.Router() + + router.use(passport.initialize()) + router.use(passport.session()) + + passport.serializeUser((user, done) => done(null, user)) + passport.deserializeUser((user, done) => done(null, user)) + + passport.use(new BasicStrategy((user, password, done) => { + if (user !== config.operator.user) { + return done(null, false) + } + + if (password !== config.operator.password) { + return done(null, false) + } + + done(null, { user, admin: true, operator: true }) + })) + + passport.use(new BearerStrategy(async (token, done) => { + if (!token) { + return done(null, false) + } + + const user = await db.getUserByToken(token) + + if (!user) { + return done(null, false) + } + + done(null, user) + })) + + return router +} + +module.exports = auth diff --git a/backend/lib/middleware/authz.js b/backend/lib/middleware/authz.js new file mode 100644 index 0000000..d24f67d --- /dev/null +++ b/backend/lib/middleware/authz.js @@ -0,0 +1,13 @@ +const HttpError = require('http-errors') + +function requiresAdmin (req, res, next) { + if (req.user && req.user.admin) { + return next() + } + + next(new HttpError(401)) +} + +module.exports = { + requiresAdmin +} diff --git a/backend/lib/middleware/shop.js b/backend/lib/middleware/shop.js index 9f27a45..77feffd 100644 --- a/backend/lib/middleware/shop.js +++ b/backend/lib/middleware/shop.js @@ -1,8 +1,11 @@ const absoluteUrl = require('absolute-url') -const express = require('express') const bodyParser = require('body-parser') +const express = require('express') +const passport = require('passport') +const { requiresAdmin } = require('./authz') const ticket = require('./ticket') const timeslot = require('./timeslot') +const user = require('./user') function shop ({ db }) { const router = new express.Router() @@ -10,6 +13,8 @@ function shop ({ db }) { router.use(absoluteUrl()) router.get('/', async (req, res, next) => { + console.log(req.user) + const config = await db.getConfig() res.json({ @@ -18,14 +23,31 @@ function shop ({ db }) { }) }) - router.put('/', bodyParser.json(), async (req, res, next) => { + router.put('/', requiresAdmin, bodyParser.json(), async (req, res, next) => { await db.setConfig(req.body) res.status(201).end() }) + router.get('/login', passport.authenticate('basic'), (req, res) => { + if (!req.user) { + return next(new Error('auth failed')) + } + + res.redirect('.') + }) + + router.get('/token', passport.authenticate('bearer'), (req, res, next) => { + if (!req.user) { + return next(new Error('auth failed')) + } + + res.redirect('.') + }) + router.use('/ticket', ticket({ db })) router.use('/timeslot', timeslot({ db })) + router.use('/user', user({ db })) return router } diff --git a/backend/lib/middleware/ticket.js b/backend/lib/middleware/ticket.js index f4ccd6d..b4b724d 100644 --- a/backend/lib/middleware/ticket.js +++ b/backend/lib/middleware/ticket.js @@ -1,5 +1,6 @@ const absoluteUrl = require('absolute-url') const bodyParser = require('body-parser') +const { requiresAdmin } = require('./authz') const express = require('express') const uuid = require('uuid').v4 const qrcode = require('./qrcode') @@ -77,7 +78,7 @@ function ticket ({ db }) { } }) - router.put('/:id', bodyParser.json(), async (req, res, next) => { + router.put('/:id', requiresAdmin, bodyParser.json(), async (req, res, next) => { try { await db.setTicket({ id: req.params.id, diff --git a/backend/lib/middleware/timeslot.js b/backend/lib/middleware/timeslot.js index c16b373..b11c33a 100644 --- a/backend/lib/middleware/timeslot.js +++ b/backend/lib/middleware/timeslot.js @@ -1,6 +1,8 @@ const absoluteUrl = require('absolute-url') const bodyParser = require('body-parser') const express = require('express') +const HttpError = require('http-errors') +const { requiresAdmin } = require('./authz') function timeslot ({ db }) { const router = new express.Router() @@ -30,7 +32,7 @@ function timeslot ({ db }) { } }) - router.put('/', bodyParser.json(), async (req, res, next) => { + router.put('/', requiresAdmin, bodyParser.json(), async (req, res, next) => { try { await db.replaceTimeslots(req.body.member.map(member => ({ diff --git a/backend/lib/middleware/user.js b/backend/lib/middleware/user.js new file mode 100644 index 0000000..9ff0133 --- /dev/null +++ b/backend/lib/middleware/user.js @@ -0,0 +1,60 @@ +const absoluteUrl = require('absolute-url') +const express = require('express') +const bodyParser = require('body-parser') +const uuid = require('uuid').v4 +const { requiresAdmin } = require('./authz') +const urlResolve = require('../urlResolve') + +function user ({ db }) { + const router = new express.Router() + + router.use(absoluteUrl()) + + router.post('/', requiresAdmin, bodyParser.json(), async (req, res, next) => { + if (req.accepts('html')) { + return next() + } + + const result = await db.addUser({ + id: req.body.id, + label: req.body.label, + token: uuid(), + admin: Boolean(req.body.admin) + }) + + res.status(201).set('location', urlResolve(req.absoluteUrl(), result.id)).end() + }) + + router.get('/:id', requiresAdmin, async (req, res, next) => { + if (req.accepts('html')) { + return next() + } + + const user = await db.getUser(req.params.id) + + if (!user) { + return next() + } + + res.json(user) + }) + + router.put('/:id', requiresAdmin, bodyParser.json(), async (req, res, next) => { + if (req.accepts('html')) { + return next() + } + + await db.setUser({ + id: req.body.id, + label: req.body.label, + token: req.body.token, + admin: Boolean(req.body.admin) + }) + + res.status(201).end() + }) + + return router +} + +module.exports = user diff --git a/backend/lib/tables.js b/backend/lib/tables.js index 7923010..619d087 100644 --- a/backend/lib/tables.js +++ b/backend/lib/tables.js @@ -28,7 +28,17 @@ const tables = { "min_duration" integer, "max_duration" integer );`, - delete: 'DROP TABLE timeslots;' + delete: 'DROP TABLE timeslots;', + }, + users: { + clear: 'TRUNCATE users;', + create: `CREATE TABLE users ( + "id" character varying(1024), + "label" character varying(1024), + "token" character varying(1024), + "admin" boolean DEFAULT false + );`, + delete: 'DROP TABLE users;', } } diff --git a/backend/package-lock.json b/backend/package-lock.json index a7c143b..2f52574 100644 --- a/backend/package-lock.json +++ b/backend/package-lock.json @@ -249,6 +249,12 @@ "tslib": "^1.9.3" } }, + "ansi-colors": { + "version": "3.2.3", + "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-3.2.3.tgz", + "integrity": "sha512-LEHHyuhlPY3TmuUYMh2oz89lTShfvgbmzaBcxve9t/9Wuy7Dwf4yoAKcND7KFT1HAQfqZ12qtc+DUrBMeKF9nw==", + "dev": true + }, "ansi-escapes": { "version": "4.3.1", "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.1.tgz", @@ -285,6 +291,16 @@ "integrity": "sha512-/FQM1EDkTsf63Ub2C6O7GuYFDsSXUwsaZDurV0np41ocwq0jthUAYCmhBX9f+KwlaCgIuWyr/4WlUQUBfKfZog==", "dev": true }, + "anymatch": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.1.tgz", + "integrity": "sha512-mM8522psRCqzV+6LhomX5wgp25YVibjh8Wj23I5RPkPppSVSjyKD2A2mBJmWGa+KN7f2D6LNh9jkBCeyLktzjg==", + "dev": true, + "requires": { + "normalize-path": "^3.0.0", + "picomatch": "^2.0.4" + } + }, "argparse": { "version": "1.0.10", "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", @@ -357,6 +373,12 @@ "safe-buffer": "5.1.2" } }, + "binary-extensions": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.0.0.tgz", + "integrity": "sha512-Phlt0plgpIIBOGTT/ehfFnbNlfsDEiqmzE2KRXoX1bLIlir4X/MR+zSyBEkL05ffWgnRSf/DXv+WrUAVr93/ow==", + "dev": true + }, "body-parser": { "version": "1.19.0", "resolved": "https://registry.npmjs.org/body-parser/-/body-parser-1.19.0.tgz", @@ -425,6 +447,12 @@ "fill-range": "^7.0.1" } }, + "browser-stdout": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/browser-stdout/-/browser-stdout-1.3.1.tgz", + "integrity": "sha512-qhAVI1+Av2X7qelOfAIYwXONood6XlZE/fXaBSmW/T5SzLAmCgzi+eiWE7fUvbHaeNBQH13UftjpXxsfLkMpgw==", + "dev": true + }, "buffer": { "version": "5.6.0", "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.6.0.tgz", @@ -540,6 +568,22 @@ "integrity": "sha512-mT8iDcrh03qDGRRmoA2hmBJnxpllMR+0/0qlzjqZES6NdiWDcZkCNAk4rPFZ9Q85r27unkiNNg8ZOiwZXBHwcA==", "dev": true }, + "chokidar": { + "version": "3.3.0", + "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.3.0.tgz", + "integrity": "sha512-dGmKLDdT3Gdl7fBUe8XK+gAtGmzy5Fn0XkkWQuYxGIgWVPPse2CxFA5mtrlD0TOHaHjEUqkWNyP1XdHoJES/4A==", + "dev": true, + "requires": { + "anymatch": "~3.1.1", + "braces": "~3.0.2", + "fsevents": "~2.1.1", + "glob-parent": "~5.1.0", + "is-binary-path": "~2.1.0", + "is-glob": "~4.0.1", + "normalize-path": "~3.0.0", + "readdirp": "~3.2.0" + } + }, "ci-info": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-2.0.0.tgz", @@ -750,6 +794,16 @@ } } }, + "cross-fetch": { + "version": "3.0.4", + "resolved": "https://registry.npmjs.org/cross-fetch/-/cross-fetch-3.0.4.tgz", + "integrity": "sha512-MSHgpjQqgbT/94D4CyADeNoYh52zMkCX4pcJvPP5WqPsLFMKjr2TCMg381ox5qI0ii2dPwaLx/00477knXqXVw==", + "dev": true, + "requires": { + "node-fetch": "2.6.0", + "whatwg-fetch": "3.0.0" + } + }, "cross-spawn": { "version": "6.0.5", "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz", @@ -808,6 +862,15 @@ "integrity": "sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ=", "dev": true }, + "define-properties": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/define-properties/-/define-properties-1.1.3.tgz", + "integrity": "sha512-3MqfYKj2lLzdMSf8ZIZE/V+Zuy+BgD6f164e8K2w7dgnpKArBDerGYpM46IYYcjnkdPNMjPk9A6VFB8+3SKlXQ==", + "dev": true, + "requires": { + "object-keys": "^1.0.12" + } + }, "del": { "version": "5.1.0", "resolved": "https://registry.npmjs.org/del/-/del-5.1.0.tgz", @@ -973,6 +1036,36 @@ "is-arrayish": "^0.2.1" } }, + "es-abstract": { + "version": "1.17.5", + "resolved": "https://registry.npmjs.org/es-abstract/-/es-abstract-1.17.5.tgz", + "integrity": "sha512-BR9auzDbySxOcfog0tLECW8l28eRGpDpU3Dm3Hp4q/N+VtLTmyj4EUN088XZWQDW/hzj6sYRDXeOFsaAODKvpg==", + "dev": true, + "requires": { + "es-to-primitive": "^1.2.1", + "function-bind": "^1.1.1", + "has": "^1.0.3", + "has-symbols": "^1.0.1", + "is-callable": "^1.1.5", + "is-regex": "^1.0.5", + "object-inspect": "^1.7.0", + "object-keys": "^1.1.1", + "object.assign": "^4.1.0", + "string.prototype.trimleft": "^2.1.1", + "string.prototype.trimright": "^2.1.1" + } + }, + "es-to-primitive": { + "version": "1.2.1", + "resolved": "https://registry.npmjs.org/es-to-primitive/-/es-to-primitive-1.2.1.tgz", + "integrity": "sha512-QCOllgZJtaUo9miYBcLChTUaHNjJF3PYs1VidD7AwiEj1kYxKeQTctLAezAOH5ZKRH0g2IgPn6KwB4IT8iRpvA==", + "dev": true, + "requires": { + "is-callable": "^1.1.4", + "is-date-object": "^1.0.1", + "is-symbol": "^1.0.2" + } + }, "escape-html": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz", @@ -1240,6 +1333,46 @@ } } }, + "express-session": { + "version": "1.17.1", + "resolved": "https://registry.npmjs.org/express-session/-/express-session-1.17.1.tgz", + "integrity": "sha512-UbHwgqjxQZJiWRTMyhvWGvjBQduGCSBDhhZXYenziMFjxst5rMV+aJZ6hKPHZnPyHGsrqRICxtX8jtEbm/z36Q==", + "requires": { + "cookie": "0.4.0", + "cookie-signature": "1.0.6", + "debug": "2.6.9", + "depd": "~2.0.0", + "on-headers": "~1.0.2", + "parseurl": "~1.3.3", + "safe-buffer": "5.2.0", + "uid-safe": "~2.1.5" + }, + "dependencies": { + "debug": { + "version": "2.6.9", + "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", + "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==", + "requires": { + "ms": "2.0.0" + } + }, + "depd": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/depd/-/depd-2.0.0.tgz", + "integrity": "sha512-g7nH6P6dyDioJogAAGprGpCtVImJhpPk/roCzdb3fIh61/s/nPsfR6onyMwkCAR/OlC3yBC0lESvUoQEAssIrw==" + }, + "ms": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz", + "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=" + }, + "safe-buffer": { + "version": "5.2.0", + "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.2.0.tgz", + "integrity": "sha512-fZEwUGbVl7kouZs1jCdMLdt95hdIv0ZeHg6L7qPeciMZhZ+/gdesW4wgTARkrFWEpspjEATAzUGPG8N2jJiwbg==" + } + } + }, "extend": { "version": "3.0.2", "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", @@ -1374,6 +1507,15 @@ "locate-path": "^3.0.0" } }, + "flat": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/flat/-/flat-4.1.0.tgz", + "integrity": "sha512-Px/TiLIznH7gEDlPXcUD4KnBusa6kR6ayRUVcnEAbreRIuhkqow/mun59BuRXwoYk7ZQOLW1ZM05ilIvK38hFw==", + "dev": true, + "requires": { + "is-buffer": "~2.0.3" + } + }, "flat-cache": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-2.0.1.tgz", @@ -1419,6 +1561,19 @@ "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=", "dev": true }, + "fsevents": { + "version": "2.1.3", + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.1.3.tgz", + "integrity": "sha512-Auw9a4AxqWpa9GUfj370BMPzzyncfBABW8Mab7BGWBYDj4Isgq+cDKtx0i6u9jcX9pQDnswsaaOTgTmA5pEjuQ==", + "dev": true, + "optional": true + }, + "function-bind": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz", + "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", + "dev": true + }, "functional-red-black-tree": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz", @@ -1511,6 +1666,12 @@ "iterall": "^1.2.2" } }, + "growl": { + "version": "1.10.5", + "resolved": "https://registry.npmjs.org/growl/-/growl-1.10.5.tgz", + "integrity": "sha512-qBr4OuELkhPenW6goKVXiv47US3clb3/IbuWF9KNKEijAy9oeHxU9IgzjvJhHkUzhaj7rOUD7+YGWqUjLp5oSA==", + "dev": true + }, "handlebars": { "version": "4.7.6", "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.7.6.tgz", @@ -1524,6 +1685,15 @@ "wordwrap": "^1.0.0" } }, + "has": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/has/-/has-1.0.3.tgz", + "integrity": "sha512-f2dvO0VU6Oej7RkWJGrehjbzMAjFp5/VKPp5tTpWIV4JHHZK1/BxbFRtf/siA2SWTe09caDmVtYYzWEIbBS4zw==", + "dev": true, + "requires": { + "function-bind": "^1.1.1" + } + }, "has-ansi": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/has-ansi/-/has-ansi-2.0.0.tgz", @@ -1547,6 +1717,18 @@ "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=", "dev": true }, + "has-symbols": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.1.tgz", + "integrity": "sha512-PLcsoqu++dmEIZB+6totNFKq/7Do+Z0u4oT0zKOJNl3lYK6vGwwu2hjHs+68OEZbTjiUE9bgOABXbP/GvrS0Kg==", + "dev": true + }, + "he": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/he/-/he-1.2.0.tgz", + "integrity": "sha512-F/1DnUGPopORZi0ni+CvrCgHQ5FyEAHRLSApuYWMmrbSwoN2Mn/7k+Gl38gJnR7yyDZk6WLXwiGod1JOWNDKGw==", + "dev": true + }, "html-element-attributes": { "version": "2.2.1", "resolved": "https://registry.npmjs.org/html-element-attributes/-/html-element-attributes-2.2.1.tgz", @@ -1777,12 +1959,27 @@ "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=", "dev": true }, + "is-binary-path": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-2.1.0.tgz", + "integrity": "sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==", + "dev": true, + "requires": { + "binary-extensions": "^2.0.0" + } + }, "is-buffer": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-2.0.4.tgz", "integrity": "sha512-Kq1rokWXOPXWuaMAqZiJW4XxsmD9zGx9q4aePabbn3qCRGedtH7Cm+zV8WETitMfu1wdh+Rvd6w5egwSngUX2A==", "dev": true }, + "is-callable": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/is-callable/-/is-callable-1.2.0.tgz", + "integrity": "sha512-pyVD9AaGLxtg6srb2Ng6ynWJqkHU9bEM087AKck0w8QwDarTfNcpIYoU8x8Hv2Icm8u6kFJM18Dag8lyqGkviw==", + "dev": true + }, "is-ci": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/is-ci/-/is-ci-2.0.0.tgz", @@ -1792,6 +1989,12 @@ "ci-info": "^2.0.0" } }, + "is-date-object": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/is-date-object/-/is-date-object-1.0.2.tgz", + "integrity": "sha512-USlDT524woQ08aoZFzh3/Z6ch9Y/EWXEHQ/AaRN0SkKq4t2Jw2R2339tSXmwuVoY7LLlBCbOIlx2myP/L5zk0g==", + "dev": true + }, "is-decimal": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/is-decimal/-/is-decimal-1.0.4.tgz", @@ -1875,6 +2078,15 @@ "integrity": "sha512-+lP4/6lKUBfQjZ2pdxThZvLUAafmZb8OAxFb8XXtiQmS35INgr85hdOGoEs124ez1FCnZJt6jau/T+alh58QFQ==", "dev": true }, + "is-regex": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-regex/-/is-regex-1.1.0.tgz", + "integrity": "sha512-iI97M8KTWID2la5uYXlkbSDQIg4F6o1sYboZKKTDpnDQMLtUL86zxhgDet3Q2SriaYsyGqZ6Mn2SjbRKeLHdqw==", + "dev": true, + "requires": { + "has-symbols": "^1.0.1" + } + }, "is-regexp": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/is-regexp/-/is-regexp-1.0.0.tgz", @@ -1887,6 +2099,15 @@ "integrity": "sha512-XCoy+WlUr7d1+Z8GgSuXmpuUFC9fOhRXglJMx+dwLKTkL44Cjd4W1Z5P+BQZpr+cR93aGP4S/s7Ftw6Nd/kiEw==", "dev": true }, + "is-symbol": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/is-symbol/-/is-symbol-1.0.3.tgz", + "integrity": "sha512-OwijhaRSgqvhm/0ZdAcXNZt9lYdKFpcRDT5ULUuYXPoT794UNOdU+gpT6Rzo7b4V2HUl/op6GqY894AZwv9faQ==", + "dev": true, + "requires": { + "has-symbols": "^1.0.1" + } + }, "is-whitespace-character": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/is-whitespace-character/-/is-whitespace-character-1.0.4.tgz", @@ -2452,6 +2673,100 @@ "minimist": "^1.2.5" } }, + "mocha": { + "version": "7.2.0", + "resolved": "https://registry.npmjs.org/mocha/-/mocha-7.2.0.tgz", + "integrity": "sha512-O9CIypScywTVpNaRrCAgoUnJgozpIofjKUYmJhiCIJMiuYnLI6otcb1/kpW9/n/tJODHGZ7i8aLQoDVsMtOKQQ==", + "dev": true, + "requires": { + "ansi-colors": "3.2.3", + "browser-stdout": "1.3.1", + "chokidar": "3.3.0", + "debug": "3.2.6", + "diff": "3.5.0", + "escape-string-regexp": "1.0.5", + "find-up": "3.0.0", + "glob": "7.1.3", + "growl": "1.10.5", + "he": "1.2.0", + "js-yaml": "3.13.1", + "log-symbols": "3.0.0", + "minimatch": "3.0.4", + "mkdirp": "0.5.5", + "ms": "2.1.1", + "node-environment-flags": "1.0.6", + "object.assign": "4.1.0", + "strip-json-comments": "2.0.1", + "supports-color": "6.0.0", + "which": "1.3.1", + "wide-align": "1.1.3", + "yargs": "13.3.2", + "yargs-parser": "13.1.2", + "yargs-unparser": "1.6.0" + }, + "dependencies": { + "debug": { + "version": "3.2.6", + "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.6.tgz", + "integrity": "sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==", + "dev": true, + "requires": { + "ms": "^2.1.1" + } + }, + "diff": { + "version": "3.5.0", + "resolved": "https://registry.npmjs.org/diff/-/diff-3.5.0.tgz", + "integrity": "sha512-A46qtFgd+g7pDZinpnwiRJtxbC1hpgf0uzP3iG89scHk0AUC7A1TGxf5OiiOUv/JMZR8GOt8hL900hV0bOy5xA==", + "dev": true + }, + "glob": { + "version": "7.1.3", + "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.3.tgz", + "integrity": "sha512-vcfuiIxogLV4DlGBHIUOwI0IbrJ8HWPc4MU7HzviGeNho/UJDfi6B5p3sHeWIQ0KGIU0Jpxi5ZHxemQfLkkAwQ==", + "dev": true, + "requires": { + "fs.realpath": "^1.0.0", + "inflight": "^1.0.4", + "inherits": "2", + "minimatch": "^3.0.4", + "once": "^1.3.0", + "path-is-absolute": "^1.0.0" + } + }, + "js-yaml": { + "version": "3.13.1", + "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.13.1.tgz", + "integrity": "sha512-YfbcO7jXDdyj0DGxYVSlSeQNHbD7XPWvrVWeVUujrQEoZzWJIRrCPoyk6kL6IAjAG2IolMK4T0hNUe0HOUs5Jw==", + "dev": true, + "requires": { + "argparse": "^1.0.7", + "esprima": "^4.0.0" + } + }, + "ms": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz", + "integrity": "sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg==", + "dev": true + }, + "strip-json-comments": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-2.0.1.tgz", + "integrity": "sha1-PFMZQukIwml8DsNEhYwobHygpgo=", + "dev": true + }, + "supports-color": { + "version": "6.0.0", + "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-6.0.0.tgz", + "integrity": "sha512-on9Kwidc1IUQo+bQdhi8+Tijpo0e1SS6RoGo2guUwn5vdaxw8RXOF9Vb2ws+ihWOmh4JnCJOvaziZWP1VABaLg==", + "dev": true, + "requires": { + "has-flag": "^3.0.0" + } + } + } + }, "morgan": { "version": "1.10.0", "resolved": "https://registry.npmjs.org/morgan/-/morgan-1.10.0.tgz", @@ -2542,6 +2857,24 @@ "integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==", "dev": true }, + "node-environment-flags": { + "version": "1.0.6", + "resolved": "https://registry.npmjs.org/node-environment-flags/-/node-environment-flags-1.0.6.tgz", + "integrity": "sha512-5Evy2epuL+6TM0lCQGpFIj6KwiEsGh1SrHUhTbNX+sLbBtjidPZFAnVK9y5yU1+h//RitLbRHTIMyxQPtxMdHw==", + "dev": true, + "requires": { + "object.getownpropertydescriptors": "^2.0.3", + "semver": "^5.7.0" + }, + "dependencies": { + "semver": { + "version": "5.7.1", + "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", + "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==", + "dev": true + } + } + }, "node-fetch": { "version": "2.6.0", "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.0.tgz", @@ -2582,6 +2915,40 @@ "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", "integrity": "sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM=" }, + "object-inspect": { + "version": "1.7.0", + "resolved": "https://registry.npmjs.org/object-inspect/-/object-inspect-1.7.0.tgz", + "integrity": "sha512-a7pEHdh1xKIAgTySUGgLMx/xwDZskN1Ud6egYYN3EdRW4ZMPNEDUTF+hwy2LUC+Bl+SyLXANnwz/jyh/qutKUw==", + "dev": true + }, + "object-keys": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/object-keys/-/object-keys-1.1.1.tgz", + "integrity": "sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==", + "dev": true + }, + "object.assign": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/object.assign/-/object.assign-4.1.0.tgz", + "integrity": "sha512-exHJeq6kBKj58mqGyTQ9DFvrZC/eR6OwxzoM9YRoGBqrXYonaFyGiFMuc9VZrXf7DarreEwMpurG3dd+CNyW5w==", + "dev": true, + "requires": { + "define-properties": "^1.1.2", + "function-bind": "^1.1.1", + "has-symbols": "^1.0.0", + "object-keys": "^1.0.11" + } + }, + "object.getownpropertydescriptors": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/object.getownpropertydescriptors/-/object.getownpropertydescriptors-2.1.0.tgz", + "integrity": "sha512-Z53Oah9A3TdLoblT7VKJaTDdXdT+lQO+cNpKVnya5JDe9uLvzu1YyY1yFDFrcxrlRgWrEFH0jJtD/IbuwjcEVg==", + "dev": true, + "requires": { + "define-properties": "^1.1.3", + "es-abstract": "^1.17.0-next.1" + } + }, "on-finished": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/on-finished/-/on-finished-2.3.0.tgz", @@ -2730,6 +3097,44 @@ "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz", "integrity": "sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ==" }, + "passport": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/passport/-/passport-0.4.1.tgz", + "integrity": "sha512-IxXgZZs8d7uFSt3eqNjM9NQ3g3uQCW5avD8mRNoXV99Yig50vjuaez6dQK2qC0kVWPRTujxY0dWgGfT09adjYg==", + "requires": { + "passport-strategy": "1.x.x", + "pause": "0.0.1" + } + }, + "passport-http": { + "version": "0.3.0", + "resolved": "https://registry.npmjs.org/passport-http/-/passport-http-0.3.0.tgz", + "integrity": "sha1-juU9Q4C+nGDfIVGSUCmCb3cRVgM=", + "requires": { + "passport-strategy": "1.x.x" + } + }, + "passport-http-bearer": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/passport-http-bearer/-/passport-http-bearer-1.0.1.tgz", + "integrity": "sha1-FHRp6jZp4qhMYWfvmdu3fh8AmKg=", + "requires": { + "passport-strategy": "1.x.x" + } + }, + "passport-local": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/passport-local/-/passport-local-1.0.0.tgz", + "integrity": "sha1-H+YyaMkudWBmJkN+O5BmYsFbpu4=", + "requires": { + "passport-strategy": "1.x.x" + } + }, + "passport-strategy": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz", + "integrity": "sha1-tVOaqPwiWj0a0XlHbd8ja0QPUuQ=" + }, "path-exists": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-3.0.0.tgz", @@ -2764,6 +3169,11 @@ "integrity": "sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==", "dev": true }, + "pause": { + "version": "0.0.1", + "resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz", + "integrity": "sha1-HUCLP9t2kjuVQ9lvtMnf1TXZy10=" + }, "pg": { "version": "8.0.3", "resolved": "https://registry.npmjs.org/pg/-/pg-8.0.3.tgz", @@ -3329,6 +3739,11 @@ "resolved": "https://registry.npmjs.org/qs/-/qs-6.7.0.tgz", "integrity": "sha512-VCdBRNFTX1fyE7Nb6FYoURo/SPe62QCaAyzJvUjwRaIsc+NePBEniHlvxFmmX56+HZphIGtV0XeCirBtpDrTyQ==" }, + "random-bytes": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/random-bytes/-/random-bytes-1.0.0.tgz", + "integrity": "sha1-T2ih3Arli9P7lYSMMDJNt11kNgs=" + }, "range-parser": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", @@ -3364,6 +3779,15 @@ } } }, + "readdirp": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-3.2.0.tgz", + "integrity": "sha512-crk4Qu3pmXwgxdSgGhgA/eXiJAPQiX4GMOZZMXnqKxHX7TaoL+3gQVo/WeuAiogr07DpnfjIMpXXa+PAIvwPGQ==", + "dev": true, + "requires": { + "picomatch": "^2.0.4" + } + }, "regenerator-runtime": { "version": "0.13.5", "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.13.5.tgz", @@ -3681,6 +4105,48 @@ "strip-ansi": "^5.1.0" } }, + "string.prototype.trimend": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/string.prototype.trimend/-/string.prototype.trimend-1.0.1.tgz", + "integrity": "sha512-LRPxFUaTtpqYsTeNKaFOw3R4bxIzWOnbQ837QfBylo8jIxtcbK/A/sMV7Q+OAV/vWo+7s25pOE10KYSjaSO06g==", + "dev": true, + "requires": { + "define-properties": "^1.1.3", + "es-abstract": "^1.17.5" + } + }, + "string.prototype.trimleft": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/string.prototype.trimleft/-/string.prototype.trimleft-2.1.2.tgz", + "integrity": "sha512-gCA0tza1JBvqr3bfAIFJGqfdRTyPae82+KTnm3coDXkZN9wnuW3HjGgN386D7hfv5CHQYCI022/rJPVlqXyHSw==", + "dev": true, + "requires": { + "define-properties": "^1.1.3", + "es-abstract": "^1.17.5", + "string.prototype.trimstart": "^1.0.0" + } + }, + "string.prototype.trimright": { + "version": "2.1.2", + "resolved": "https://registry.npmjs.org/string.prototype.trimright/-/string.prototype.trimright-2.1.2.tgz", + "integrity": "sha512-ZNRQ7sY3KroTaYjRS6EbNiiHrOkjihL9aQE/8gfQ4DtAC/aEBRHFJa44OmoWxGGqXuJlfKkZW4WcXErGr+9ZFg==", + "dev": true, + "requires": { + "define-properties": "^1.1.3", + "es-abstract": "^1.17.5", + "string.prototype.trimend": "^1.0.0" + } + }, + "string.prototype.trimstart": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/string.prototype.trimstart/-/string.prototype.trimstart-1.0.1.tgz", + "integrity": "sha512-XxZn+QpvrBI1FOcg6dIpxUPgWCPuNXvMD72aaRaUQv1eD4e/Qy8i/hFTe0BUmD60p/QA6bh1avmuPTfNjqVWRw==", + "dev": true, + "requires": { + "define-properties": "^1.1.3", + "es-abstract": "^1.17.5" + } + }, "stringify-object": { "version": "3.3.0", "resolved": "https://registry.npmjs.org/stringify-object/-/stringify-object-3.3.0.tgz", @@ -3840,6 +4306,14 @@ "commander": "~2.20.3" } }, + "uid-safe": { + "version": "2.1.5", + "resolved": "https://registry.npmjs.org/uid-safe/-/uid-safe-2.1.5.tgz", + "integrity": "sha512-KPHm4VL5dDXKz01UuEd88Df+KzynaohSL9fBh096KWAxSKZQDI2uBrVqtvRM4rwrIrRRKsdLNML/lnaaVSRioA==", + "requires": { + "random-bytes": "~1.0.0" + } + }, "unherit": { "version": "1.1.3", "resolved": "https://registry.npmjs.org/unherit/-/unherit-1.1.3.tgz", @@ -4003,6 +4477,12 @@ } } }, + "whatwg-fetch": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/whatwg-fetch/-/whatwg-fetch-3.0.0.tgz", + "integrity": "sha512-9GSJUgz1D4MfyKU7KRqwOjXCXTqWdFNvEr7eUBYchQiVc744mqK/MzXPNR2WsPkmkOa4ywfg8C2n8h+13Bey1Q==", + "dev": true + }, "which": { "version": "1.3.1", "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", @@ -4017,6 +4497,42 @@ "resolved": "https://registry.npmjs.org/which-module/-/which-module-2.0.0.tgz", "integrity": "sha1-2e8H3Od7mQK4o6j6SzHD4/fm6Ho=" }, + "wide-align": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/wide-align/-/wide-align-1.1.3.tgz", + "integrity": "sha512-QGkOQc8XL6Bt5PwnsExKBPuMKBxnGxWWW3fU55Xt4feHozMUhdUMaBCk290qpm/wG5u/RSKzwdAC4i51YigihA==", + "dev": true, + "requires": { + "string-width": "^1.0.2 || 2" + }, + "dependencies": { + "ansi-regex": { + "version": "3.0.0", + "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-3.0.0.tgz", + "integrity": "sha1-7QMXwyIGT3lGbAKWa922Bas32Zg=", + "dev": true + }, + "string-width": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/string-width/-/string-width-2.1.1.tgz", + "integrity": "sha512-nOqH59deCq9SRHlxq1Aw85Jnt4w6KvLKqWVik6oA9ZklXLNIOlqg4F2yrT1MVaTjAqvVwdfeZ7w7aCvJD7ugkw==", + "dev": true, + "requires": { + "is-fullwidth-code-point": "^2.0.0", + "strip-ansi": "^4.0.0" + } + }, + "strip-ansi": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz", + "integrity": "sha1-qEeQIusaw2iocTibY1JixQXuNo8=", + "dev": true, + "requires": { + "ansi-regex": "^3.0.0" + } + } + } + }, "word-wrap": { "version": "1.2.3", "resolved": "https://registry.npmjs.org/word-wrap/-/word-wrap-1.2.3.tgz", @@ -4115,6 +4631,17 @@ "camelcase": "^5.0.0", "decamelize": "^1.2.0" } + }, + "yargs-unparser": { + "version": "1.6.0", + "resolved": "https://registry.npmjs.org/yargs-unparser/-/yargs-unparser-1.6.0.tgz", + "integrity": "sha512-W9tKgmSn0DpSatfri0nx52Joq5hVXgeLiqR/5G0sZNDoLZFOr/xjBUDcShCOGNsBnEMNo1KAMBkTej1Hm62HTw==", + "dev": true, + "requires": { + "flat": "^4.1.0", + "lodash": "^4.17.15", + "yargs": "^13.3.0" + } } } } diff --git a/backend/package.json b/backend/package.json index 11168bb..a600691 100644 --- a/backend/package.json +++ b/backend/package.json @@ -4,7 +4,8 @@ "description": "", "main": "index.js", "scripts": { - "lint": "prettier-standard" + "lint": "prettier-standard", + "test": "mocha" }, "author": "Thomas Bergwinkl (https://www.bergnet.org/people/bergi/card#me)", "license": "MIT", @@ -14,13 +15,20 @@ "cors": "^2.8.5", "debug": "^4.1.1", "express": "^4.17.1", + "express-session": "^1.17.1", "http-errors": "^1.7.3", "morgan": "^1.10.0", + "passport": "^0.4.1", + "passport-http": "^0.3.0", + "passport-http-bearer": "^1.0.1", + "passport-local": "^1.0.0", "pg": "^8.0.3", "qrcode": "^1.4.4", "uuid": "^8.1.0" }, "devDependencies": { + "cross-fetch": "^3.0.4", + "mocha": "^7.1.2", "node-fetch": "^2.6.0", "prettier-standard": "^16.3.0" } diff --git a/backend/server.js b/backend/server.js index 771b7bc..55b2f71 100644 --- a/backend/server.js +++ b/backend/server.js @@ -1,10 +1,12 @@ const debug = require('debug')('noqueue-server') const { resolve } = require('path') const express = require('express') +const expressSession = require('express-session') const cors = require('cors') const morgan = require('morgan') const Database = require('./lib/Database') const defaults = require('./lib/defaults') +const authn = require('./lib/middleware/authn') const admin = require('./lib/middleware/admin') const shop = require('./lib/middleware/shop') @@ -17,7 +19,18 @@ const config = { password: process.env.DB_PASSWORD || defaults.db.password, port: process.env.DB_PORT || defaults.db.port }, - path: process.env.SHOP_PATH || 'default' + path: process.env.SHOP_PATH || 'default', + express: { + session: { + key: process.env.SESSION_KEY || defaults.express.session.key + } + }, + auth: { + operator: { + user: process.env.OPERATOR_USER || defaults.auth.operator.user, + password: process.env.OPERATOR_PASSWORD || defaults.auth.operator.password + } + } } /* @@ -43,6 +56,16 @@ async function init () { })) } + debug('mount express session') + app.use(expressSession({ + secret: config.express.session.key, + resave: true, + saveUninitialized: true + })) + + debug('mount authn') + app.use(authn({ config: config.auth, db })) + const frontendPath = resolve(__dirname, '../frontend/build') debug(`mount frontend from ${frontendPath}`) app.use(express.static(frontendPath)) diff --git a/backend/test/support/Client.js b/backend/test/support/Client.js new file mode 100644 index 0000000..48c2a66 --- /dev/null +++ b/backend/test/support/Client.js @@ -0,0 +1,49 @@ +const fetch = require('cross-fetch') +const urlResolve = require('../../lib/urlResolve') + +class Client { + constructor ({ baseUrl = 'http://localhost:8080/shop/default/' } = {}) { + this.baseUrl = baseUrl + this.cookie = null + } + + async fetch (url, options = {}) { + options.headers = new fetch.Headers(options.headers) + options.headers.set('accept', 'application/json') + + if (this.cookie) { + options.headers.set('cookie', this.cookie) + } + + if (options.body) { + options.headers.set('content-type', 'application/json') + } + + const [path, query] = url.split('?') + + return fetch(urlResolve(this.baseUrl, path) + (query ? `?${query}` : ''), options) + } + + async logout () { + this.cookie = null + } + + async basicLogin ({ user, password }) { + const result = await this.fetch('login', { + headers: { + authorization: 'Basic ' + Buffer.from(user + ':' + password).toString('base64') + }, + redirect: 'manual' + }) + + this.cookie = result.headers.get('set-cookie').split(';')[0] + } + + async tokenLogin ({ token }) { + const result = await this.fetch(`token?access_token=${token}`, { redirect: 'manual' }) + + this.cookie = result.headers.get('set-cookie').split(';')[0] + } +} + +module.exports = Client diff --git a/backend/test/tickets-available.sh b/backend/test/tickets-available.sh deleted file mode 100755 index 8d7491c..0000000 --- a/backend/test/tickets-available.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash - -BASE_URL=$(cat baseUrl.txt) - -curl -v $BASE_URL/shop/default/ticket/available -H "accept: application/json" diff --git a/backend/test/user.test.js b/backend/test/user.test.js new file mode 100644 index 0000000..b879760 --- /dev/null +++ b/backend/test/user.test.js @@ -0,0 +1,83 @@ +const { strictEqual } = require('assert') +const { describe, it } = require('mocha') +const Client = require('./support/Client') + +const operator = { + user: 'operator', + password: 'operator' +} + +describe('user', () => { + it('should allow the operator to create a user', async () => { + const expected = { + id: 'owner', + label: 'Shop Owner', + admin: true + } + + const client = new Client() + + await client.basicLogin(operator) + + const created = await client.fetch('user/', { + method: 'POST', + body: JSON.stringify(expected) + }) + + strictEqual(created.status, 201) + + const fetched = await client.fetch('user/owner') + const user = await fetched.json() + + strictEqual(fetched.status, 200) + strictEqual(user.id, expected.id) + strictEqual(user.label, expected.label) + strictEqual(user.admin, expected.admin) + }) + + it('should allow an admin user to create a user', async () => { + const owner = { + id: 'owner', + label: 'Shop Owner', + admin: true + } + + const expected = { + id: 'employee', + label: 'Shop Employee', + admin: true + } + + const client = new Client() + + await client.basicLogin(operator) + + const created = await client.fetch('user/', { + method: 'POST', + body: JSON.stringify(owner) + }) + + strictEqual(created.status, 201) + + const fetched = await client.fetch('user/owner') + const user = await fetched.json() + + await client.logout() + await client.tokenLogin(user) + + const createdByOwner = await client.fetch('user/', { + method: 'POST', + body: JSON.stringify(expected) + }) + + strictEqual(createdByOwner.status, 201) + + const fetchedByOwner = await client.fetch('user/employee') + const userByOwner = await fetchedByOwner.json() + + strictEqual(fetchedByOwner.status, 200) + strictEqual(userByOwner.id, expected.id) + strictEqual(userByOwner.label, expected.label) + strictEqual(userByOwner.admin, expected.admin) + }) +})