fix apikey validation

Author: janishar

addons/instruction.md

@@ -0,0 +1 @@
+# The resouces provided in this directory can be used to setup the project

addons/mongodb/api_keys.json

@@ -0,0 +1 @@
+{"_id":{"$oid":"5e7b8e40d347fc2407c564a9"},"metadata":"To be used by the xyz vendor","key":"GCMUDiuY5a7WvyUNt9n3QztToSHzK7Uj","version":{"$numberInt":"1"},"status":true,"createdAt":{"$date":{"$numberLong":"1585141250000"}},"updatedAt":{"$date":{"$numberLong":"1585141250000"}}}

addons/mongodb/roles.json

@@ -0,0 +1,4 @@
+{"_id":{"$oid":"5e7b8acad7aded2407e078d7"},"code":"LEARNER","status":true,"createdAt":{"$date":{"$numberLong":"1585161000000"}},"updatedAt":{"$date":{"$numberLong":"1585161000000"}}}
+{"_id":{"$oid":"5e7b8c22d347fc2407c564a6"},"code":"WRITER","status":true,"createdAt":{"$date":{"$numberLong":"1585161000000"}},"updatedAt":{"$date":{"$numberLong":"1585161000000"}}}
+{"_id":{"$oid":"5e7b8c2ad347fc2407c564a7"},"code":"EDITOR","status":true,"createdAt":{"$date":{"$numberLong":"1585161000000"}},"updatedAt":{"$date":{"$numberLong":"1585161000000"}}}
+{"_id":{"$oid":"5e7b8c32d347fc2407c564a8"},"code":"ADMIN","status":true,"createdAt":{"$date":{"$numberLong":"1585161000000"}},"updatedAt":{"$date":{"$numberLong":"1585161000000"}}}

src/auth/schema.ts

@@ -4,9 +4,9 @@ import { JoiObjectId } from '../helpers/validator';
 export default {
 	apiKey: Joi.object().keys({
 		'x-api-key': Joi.string().required().min(1)
-	}),
+	}).unknown(true),
 	auth: Joi.object().keys({
 		'x-access-token': Joi.string().required().min(1),
 		'x-user-id': JoiObjectId,
-	})
+	}).unknown(true)
 };

src/database/repository/ApiKeyRepo.ts

@@ -3,6 +3,6 @@ import ApiKey, { IApiKey } from '../model/ApiKey';
 export default class ApiRepository {
 
 	public static async findByKey(key: string): Promise<IApiKey> {
-		return ApiKey.findOne({ apiKey: key, status: true }).lean<IApiKey>().exec();
+		return ApiKey.findOne({ key: key, status: true }).lean<IApiKey>().exec();
 	}
 }

src/helpers/validator.ts

@@ -18,12 +18,12 @@ export const JoiObjectId = () => Joi.string().custom((value: string, helpers) =>
 }, 'Object Id Validation');
 
 
-export default (schema: Joi.Schema, source: ValidationSource = ValidationSource.BODY) =>
+export default (schema: Joi.ObjectSchema, source: ValidationSource = ValidationSource.BODY) =>
 	(req: Request, res: Response, next: NextFunction) => {
 		try {
 			const { error } = schema.validate(req[source]);
 
-			if (error === null) return next();
+			if (!error) return next();
 
 			const { details } = error;
 			const message = details.map(i => i.message.replace(/['"]+/g, '')).join(',');

src/routes/v1/access/schema.ts

@@ -12,7 +12,7 @@ export default {
 	auth: Joi.object().keys({
 		'x-access-token': Joi.string().required().min(1),
 		'x-user-id': JoiObjectId,
-	}),
+	}).unknown(true),
 	signup: Joi.object().keys({
 		name: Joi.string().required().min(3),
 		email: Joi.string().required().email(),

src/routes/v1/index.ts

@@ -4,7 +4,7 @@ const app = express();
 
 /*-------------------------------------------------------------------------*/
 // Below all APIs are public APIs protected by api-key
-app.use('/', require('../../auth/apiValidation'));
+app.use('/', require('../../auth/apikey'));
 /*-------------------------------------------------------------------------*/
 
 app.use('/signup', require('./access/signup'));

src/server.ts

@@ -1,4 +1,4 @@
-import express, { Request, Response, NextFunction, Errback } from 'express';
+import express, { Request, Response, NextFunction } from 'express';
 import Logger from './utils/Logger';
 import bodyParser from 'body-parser';
 import http from 'http';
@@ -19,14 +19,17 @@ http.createServer(app).listen(port, () => { Logger.info(`server running on port
 app.use('/v1', require('./routes/v1'));
 
 // catch 404 and forward to error handler
-app.use((req: Request, res: Response, next: NextFunction) => next(new NotFoundError()));
+app.use((req, res, next) => next(new NotFoundError()));
 
 // Middleware Error Handler
-app.use((err: Errback, req: Request, res: Response, next: NextFunction) => {
+app.use((err: Error, req: Request, res: Response, next: NextFunction) => {
 	if (err instanceof ApiError) {
 		ApiError.handle(err, res);
 	} else {
-		if (environment === 'development') return res.status(500).json(err);
+		if (environment === 'development') {
+			Logger.error(err);
+			return res.status(500).send(err.message);
+		}
 		ApiError.handle(new InternalError(), res);
 	}
 });

src/utils/logger.ts

@@ -13,7 +13,7 @@ if (!fs.existsSync(dir)) {
 	fs.mkdirSync(dir);
 }
 
-const logLevel = environment === 'development' ? 'debug' : 'info';
+const logLevel = environment === 'development' ? 'debug' : 'warn';
 
 const options = {
 	file: {
@@ -26,17 +26,22 @@ const options = {
 		humanReadableUnhandledException: true,
 		prettyPrint: true,
 		json: true,
-		maxsize: 5242880, // 5MB
+		maxSize: '20m',
 		colorize: true,
+		maxFiles: '14d'
 	}
 };
 
 export default createLogger({
 	transports: [
 		new transports.Console({
 			level: logLevel,
-			format: format.combine(format.colorize(), format.simple())
-		})
+			format: format.combine(
+				format.colorize(),
+				format.metadata(),
+				format.errors({ stack: true }),
+				format.prettyPrint())
+		}),
 	],
 	exceptionHandlers: [
 		new DailyRotateFile(options.file),