Merge pull request #24 from ruiqi7/feature/user-authentication

Author: nicolelim02

backend/question-service/src/models/Question.ts

@@ -20,16 +20,6 @@ const questionSchema: Schema<IQuestion> = new mongoose.Schema(
     },
     category: {
       type: [String],
-      enum: [
-        "Strings",
-        "Algorithms",
-        "Data Structures",
-        "Bit Manipulation",
-        "Recursion",
-        "Databases",
-        "Arrays",
-        "Brainteaser",
-      ],
       required: true,
     },
   },

backend/user-service/.env.sample

@@ -5,6 +5,8 @@ PORT=3001
 JWT_SECRET=you-can-replace-this-with-your-own-secret
 
 # admin default credentials
+ADMIN_FIRST_NAME=Admin
+ADMIN_LAST_NAME=User
 ADMIN_USERNAME=administrator
 ADMIN_EMAIL=[email protected]
 ADMIN_PASSWORD=Admin@123

backend/user-service/README.md

@@ -48,10 +48,12 @@
 
 - Body
 
-  - Required: `username` (string), `email` (string), `password` (string)
+  - Required: `firstName` (string), `lastName` (string), `username` (string), `email` (string), `password` (string)
 
     ```json
     {
+      "firstName": "SampleFirstName",
+      "lastName": "SampleLastName",
       "username": "SampleUserName",
       "email": "[email protected]",
       "password": "SecurePassword"

backend/user-service/controller/user-controller.ts

@@ -26,15 +26,27 @@ export async function createUser(
   res: Response
 ): Promise<Response> {
   try {
-    const { username, email, password, firstName, lastName } = req.body;
+    const { firstName, lastName, username, email, password } = req.body;
     const existingUser = await _findUserByUsernameOrEmail(username, email);
     if (existingUser) {
       return res
         .status(409)
-        .json({ message: "username or email already exists" });
+        .json({ message: "Username or email already exists" });
     }
 
-    if (username && email && password && firstName && lastName) {
+    if (firstName && lastName && username && email && password) {
+      const { isValid: isValidFirstName, message: firstNameMessage } =
+        validateName(firstName, "first name");
+      if (!isValidFirstName) {
+        return res.status(400).json({ message: firstNameMessage });
+      }
+
+      const { isValid: isValidLastName, message: lastNameMessage } =
+        validateName(lastName, "last name");
+      if (!isValidLastName) {
+        return res.status(400).json({ message: lastNameMessage });
+      }
+
       const { isValid: isValidUsername, message: usernameMessage } =
         validateUsername(username);
       if (!isValidUsername) {
@@ -56,36 +68,22 @@ export async function createUser(
       const salt = bcrypt.genSaltSync(10);
       const hashedPassword = bcrypt.hashSync(password, salt);
 
-      const { isValid: isValidFirstName, message: firstNameMessage } =
-        validateName(firstName, "first name");
-      if (!isValidFirstName) {
-        return res.status(400).json({ message: firstNameMessage });
-      }
-
-      const { isValid: isValidLastName, message: lastNameMessage } =
-        validateName(lastName, "last name");
-      if (!isValidLastName) {
-        return res.status(400).json({ message: lastNameMessage });
-      }
-
       const createdUser = await _createUser(
+        firstName,
+        lastName,
         username,
         email,
         hashedPassword,
-        firstName,
-        lastName
       );
       return res.status(201).json({
         message: `Created new user ${username} successfully`,
         data: formatUserResponse(createdUser),
       });
     } else {
-      return res
-        .status(400)
-        .json({
-          message:
-            "username and/or email and/or password and/or first name and/or last name are missing",
-        });
+      return res.status(400).json({
+        message:
+          "At least one of first name, last name, username, email and password are missing",
+      });
     }
   } catch (err) {
     console.error(err);

backend/user-service/model/repository.ts

@@ -13,19 +13,19 @@ export async function connectToDB() {
 }
 
 export async function createUser(
+  firstName: string,
+  lastName: string,
   username: string,
   email: string,
   password: string,
-  firstName: string,
-  lastName: string,
   isAdmin: boolean = false
 ): Promise<IUser> {
   return new UserModel({
+    firstName,
+    lastName,
     username,
     email,
     password,
-    firstName,
-    lastName,
     isAdmin,
   }).save();
 }

backend/user-service/scripts/seed.ts

@@ -4,17 +4,21 @@ import { connectToDB, createUser, findUserByEmail } from "../model/repository";
 export async function seedAdminAccount() {
   await connectToDB();
 
+  const adminFirstName = process.env.ADMIN_FIRST_NAME || "Admin";
+  const adminLastName = process.env.ADMIN_LAST_NAME || "User";
   const adminUsername = process.env.ADMIN_USERNAME || "administrator";
   const adminEmail = process.env.ADMIN_EMAIL || "[email protected]";
   const adminPassword = process.env.ADMIN_PASSWORD || "Admin@123";
 
   if (
+    !process.env.ADMIN_FIRST_NAME ||
+    !process.env.ADMIN_LAST_NAME ||
     !process.env.ADMIN_USERNAME ||
     !process.env.ADMIN_EMAIL ||
     !process.env.ADMIN_PASSWORD
   ) {
     console.error(
-      "Admin account not seeded in .env. Using default admin account credentials (username: administrator, email: [email protected], password: Admin@123)"
+      "Admin account not seeded in .env. Using default admin account credentials (first name: Admin, last name: User, username: administrator, email: [email protected], password: Admin@123)"
     );
   }
 
@@ -28,7 +32,7 @@ export async function seedAdminAccount() {
     const salt = bcrypt.genSaltSync(10);
     const hashedPassword = bcrypt.hashSync(adminPassword, salt);
 
-    await createUser(adminUsername, adminEmail, hashedPassword, true);
+    await createUser(adminFirstName, adminLastName, adminUsername, adminEmail, hashedPassword, true);
 
     console.log("Admin account created successfully.");
     process.exit(0);

backend/user-service/swagger.yml

@@ -75,6 +75,12 @@ components:
       properties:
         message:
           type: string
+    ServerErrorResponse:
+      properties:
+        message:
+          type: string
+        error:
+          type: string
 
 paths:
   /:
@@ -102,7 +108,23 @@ paths:
         content:
           application/json:
             schema:
-              $ref: "#/components/schemas/User"
+              type: object
+              properties:
+                firstName:
+                  type: string
+                  required: true
+                lastName:
+                  type: string
+                  required: true
+                username:
+                  type: string
+                  required: true
+                email:
+                  type: string
+                  required: true
+                password:
+                  type: string
+                  required: true
       responses:
         201:
           description: Successful Response
@@ -213,13 +235,13 @@ paths:
             application/json:
               schema:
                 $ref: "#/components/schemas/ErrorResponse"
-        404: 
+        404:
           description: Not Found
           content:
             application/json:
               schema:
                 $ref: "#/components/schemas/ErrorResponse"
-        500: 
+        500:
           description: Internal Server Error
           content:
             application/json:
@@ -270,9 +292,52 @@ paths:
                       user:
                         type: object
                         $ref: "#/definitions/UserOutput"
+        400:
+          description: Bad Request
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ErrorResponse"
+        401:
+          description: Unauthorized
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ErrorResponse"
+        500:
+          description: Internal Server Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ServerErrorResponse"
 
   /api/auth/verify-token:
     get:
       summary: Verify token
       tags:
         - auth
+      requestBody:
+        required: true
+        content:
+          application/json:
+            schema:
+              $ref: "#/components/schemas/User"
+      responses:
+        200:
+          description: Successful Response
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/UserResponse"
+        401:
+          description: Unauthorized
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ErrorResponse"
+        500:
+          description: Internal Server Error
+          content:
+            application/json:
+              schema:
+                $ref: "#/components/schemas/ServerErrorResponse"

backend/user-service/utils/validators.ts

@@ -68,7 +68,7 @@ export function validateUsername(username: string): {
     return {
       isValid: false,
       message:
-        "Username must only contain alphanumeric characters, underscores, and full stops",
+        "Username must only contain alphanumeric characters, underscores and full stops",
     };
   }
 
@@ -86,10 +86,10 @@ export function validateName(
     };
   }
 
-  if (!/^[a-zA-Z0-9\s]+$/.test(name)) {
+  if (!/^[a-zA-Z\s-]*$/.test(name)) {
     return {
       isValid: false,
-      message: `${type} must only contain alphanumeric characters and white spaces`,
+      message: `${type} must only contain alphabetical, hypen and white space characters`,
     };
   }