added more tests

Author: iolufemi

config/development.js

@@ -8,11 +8,9 @@ module.exports = {
 	secret: process.env.SECRET || 'lakikihdgdfdjjjdgd67264664vdjhjdyncmxuei8336%%^#%gdvdhj????jjhdghduue',
 	mongoURL: process.env.MONGOLAB_URL || 'mongodb://192.168.99.100/snipe',
     noFrontendCaching: process.env.NO_CACHE || 'yes',
-    rateLimit: process.env.RATE_LIMIT || '180',
+    rateLimit: process.env.RATE_LIMIT || '1800',
     rateLimitExpiry: process.env.RATE_LIMIT_EXPIRY || '3600000',
     redisURL: process.env.REDIS_URL || 'redis://192.168.99.100:6379/1',
-    userVerificationEndpoint: process.env.USER_VERIFICATION_API || 'http://mockbin.org/bin/9edd4bf7-bb36-47b6-adb2-54d7a7236e80',
-    appVerificationEndpoint: process.env.APP_VERIFICATION_API || 'http://mockbin.org/bin/9edd4bf7-bb36-47b6-adb2-54d7a7236e80',
     letsencryptSSLVerificationURL: process.env.LETSENCRYPT_VERIFICATION_URL || '/.well-known/acme-challenge/xvArhQBSilF4V30dGUagNAZ96ASipB0b0ex0kXn0za8',
     letsencryptSSLVerificationBody: process.env.LETSENCRYPT_VERIFICATION_BODY || 'xvArhQBSilF4V30dGUagNAZ96ASipB0b0ex0kXn0za8._v6aFbaRYWeOmSebtlD-X4Ixf5tPsyULMsXM8HjsK-Q',
     maxContentLength: process.env.MAX_CONTENT_LENGTH || '9999',

config/production.js

@@ -2,17 +2,15 @@
 module.exports = {
 	env: process.env.NODE_ENV || 'production',
 	port: process.env.PORT || 80,
-	trustProxy: process.env.TRUST_PROXY || 'no',
+	trustProxy: process.env.TRUST_PROXY || 'yes',
 	bugsnagKey: process.env.BUGSNAG_KEY || false,
 	secureMode: process.env.SECURE_MODE || true,
 	secret: process.env.SECRET || 'lakikihdgdfdjjjdgd67264660okjnbgtrdxswerfgytg373745ei8336%%^#%gdvdhj????jjhdghduue',
 	mongoURL: process.env.MONGOLAB_URL || 'mongodb://192.168.99.100/snipe',
-    noFrontendCaching: process.env.NO_CACHE || 'yes',
-    rateLimit: process.env.RATE_LIMIT || '180',
+    noFrontendCaching: process.env.NO_CACHE || 'no',
+    rateLimit: process.env.RATE_LIMIT || '1800',
     rateLimitExpiry: process.env.RATE_LIMIT_EXPIRY || '3600000',
     redisURL: process.env.REDIS_URL || 'redis://192.168.99.100:6379/1',
-    userVerificationEndpoint: process.env.USER_VERIFICATION_API || 'http://mockbin.org/bin/9edd4bf7-bb36-47b6-adb2-54d7a7236e80',
-    appVerificationEndpoint: process.env.APP_VERIFICATION_API || 'http://mockbin.org/bin/9edd4bf7-bb36-47b6-adb2-54d7a7236e80',
     letsencryptSSLVerificationURL: process.env.LETSENCRYPT_VERIFICATION_URL || '/.well-known/acme-challenge/xvArhQBSilF4V30dGUagNAZ96ASipB0b0ex0kXn0za8',
     letsencryptSSLVerificationBody: process.env.LETSENCRYPT_VERIFICATION_BODY || 'xvArhQBSilF4V30dGUagNAZ96ASipB0b0ex0kXn0za8._v6aFbaRYWeOmSebtlD-X4Ixf5tPsyULMsXM8HjsK-Q',
     maxContentLength: process.env.MAX_CONTENT_LENGTH || '9999',

gulpfile.js

@@ -5,32 +5,34 @@ var stylish = require('jshint-stylish');
 var nodemon = require('gulp-nodemon');
 var debug = require('debug')('gulp');
 var mocha = require('gulp-mocha');
- 
+
 gulp.task('lint', function() {
   return gulp.src(['./*.js','./**/*.js','!./node_modules/**','!./node_modules/*.js'])
-    .pipe(jshint())
-    .pipe(jshint.reporter(stylish));
+  .pipe(jshint())
+  .pipe(jshint.reporter(stylish));
 });
 
 gulp.task('default', function(){
     var stream = nodemon({ script: 'app.js' , env: { 'NODE_ENV': 'development', 'DEBUG':'gulp' }, tasks: ['lint','test'] });
- 
+
     stream
-      .on('restart', function () {
+    .on('restart', function () {
         debug('restarted!');
-      })
-      .on('crash', function() {
+    })
+    .on('crash', function() {
         debug('Application has crashed!\n');
          stream.emit('restart', 10);  // restart the server in 10 seconds 
-      });
+     });
 });
- 
+
 gulp.task('test', function() {
-        gulp.src('./test', {read: false})
+    // Override RATE LIMIT HERE FOR UNIT TEST
+    process.env.RATE_LIMIT = 10;
+    gulp.src('./test', {read: false})
         // `gulp-mocha` needs filepaths so you can't have any plugins before it 
         .pipe(mocha({reporter: 'spec'}));
     }
-);
+    );
 
 gulp.task('create', function(){
 

models/RequestLogs.js

@@ -111,6 +111,7 @@ Schema.pre('save', function(next) {
     // Indexing for search
     var ourDoc = this._doc;
     var split = [];
+    // ToDo: Move this to a queue and index only pure strings
     for(var n in ourDoc){
         if(typeof ourDoc[n] === 'string'){
             split.push(ourDoc[n].split(' '));
@@ -165,6 +166,7 @@ Schema.pre('update', function(next) {
     // Indexing for search
     var ourDoc = this._update.$set;
     var split = [];
+    // ToDo: Move this to a queue and index only pure strings
     for(var n in ourDoc){
         if(typeof ourDoc[n] === 'string'){
             split.push(ourDoc[n].split(' '));
@@ -181,5 +183,6 @@ Schema.pre('update', function(next) {
 });
 
 var Model = db.model(collection, Schema);
+Model._mongoose = db;
 
 module.exports = Model;

models/Trash.js

@@ -85,6 +85,7 @@ Schema.pre('save', function(next) {
     // Indexing for search
     var ourDoc = this._doc;
     var split = [];
+    // ToDo: Move this to a queue and index only pure strings
     for(var n in ourDoc){
         if(typeof ourDoc[n] === 'string'){
             split.push(ourDoc[n].split(' '));
@@ -139,6 +140,7 @@ Schema.pre('update', function(next) {
     // Indexing for search
     var ourDoc = this._update.$set;
     var split = [];
+    // ToDo: Move this to a queue and index only pure strings
     for(var n in ourDoc){
         if(typeof ourDoc[n] === 'string'){
             split.push(ourDoc[n].split(' '));
@@ -155,5 +157,6 @@ Schema.pre('update', function(next) {
 });
 
 var Model = db.model(collection, Schema);
+Model._mongoose = db;
 
 module.exports = Model;

models/Users.js

@@ -82,6 +82,7 @@ Schema.pre('save', function(next) {
     // Indexing for search
     var ourDoc = this._doc;
     var split = [];
+    // ToDo: Move this to a queue and index only pure strings
     for(var n in ourDoc){
         if(typeof ourDoc[n] === 'string'){
             split.push(ourDoc[n].split(' '));
@@ -136,6 +137,7 @@ Schema.pre('update', function(next) {
     // Indexing for search
     var ourDoc = this._update.$set;
     var split = [];
+    // ToDo: Move this to a queue and index only pure strings
     for(var n in ourDoc){
         if(typeof ourDoc[n] === 'string'){
             split.push(ourDoc[n].split(' '));
@@ -152,5 +154,6 @@ Schema.pre('update', function(next) {
 });
 
 var Model = db.model(collection, Schema);
+Model._mongoose = db;
 
 module.exports = Model;

package.json

@@ -33,7 +33,8 @@
     "mongoose-mock": "^0.4.0",
     "proxyquire": "^1.8.0",
     "sinon": "^2.3.4",
-    "sinon-chai": "^2.11.0"
+    "sinon-chai": "^2.11.0",
+    "supertest": "^3.0.0"
   },
   "dependencies": {
     "aes-js": "^3.0.0",

routes/index.js

@@ -21,7 +21,7 @@ var url = require('url');
 var fnv = require('fnv-plus');
 var RequestLogs = require('../models/RequestLogs');
 
-var sanitizeRequestUrl = function(req) {
+router._sanitizeRequestUrl = function(req) {
   var requestUrl = url.format({
     protocol: req.protocol,
     host: req.hostname,
@@ -32,7 +32,7 @@ var sanitizeRequestUrl = function(req) {
   return requestUrl.replace(/(password=).*?(&|$)/ig, '$1<hidden>$2');
 };
 
-var allRequestData = function(req,res,next){
+router._allRequestData = function(req,res,next){
     var requestData = {};
     req.param = function(key, defaultValue){
         var newRequestData = _.assignIn(requestData, req.params, req.body, req.query);
@@ -47,7 +47,7 @@ var allRequestData = function(req,res,next){
     next();
 };
 
-var enforceUserIdAndAppId = function(req,res,next){
+router._enforceUserIdAndAppId = function(req,res,next){
     var userId = req.param('userId');
     var appId = req.param('appId');
     if(!userId){
@@ -61,6 +61,37 @@ var enforceUserIdAndAppId = function(req,res,next){
     }
 };
 
+// Log requests here
+router.use(function(req,res,next){
+  var ipAddress = req.get('x-forwarded-for') || req.connection && req.connection.remoteAddress;
+  req.requestId = fnv.hash(new Date().valueOf() + ipAddress, 128).str();
+
+  var reqLog = {
+    RequestId: req.requestId,
+    ipAddress: ipAddress,
+    url: router._sanitizeRequestUrl(req),
+    method: req.method,
+    body: _.omit(req.body, ['password','cardno']),
+    app: req.appId,
+    user: req.userId,
+    device: req.get('user-agent'),
+    createdAt: new Date()
+};
+// ToDo: Move this to a queue. Not good for performance
+RequestLogs.create(reqLog)
+.then(function(res){
+    return _.identity(res);
+})
+.catch(function(err){
+  log.error(err);
+});
+
+  // persist RequestLog entry in the background; continue immediately
+
+  log.info(reqLog);
+  next();
+});
+
 router.use(helmet());
 // no client side caching
 if(config.noFrontendCaching === 'yes'){
@@ -76,7 +107,7 @@ router.use(encryption.interpreter);
 router.use(hpp());
 router.use(contentLength.validateMax({max: MAX_CONTENT_LENGTH_ACCEPTED, status: 400, message: "Stop! Maximum content length exceeded."})); // max size accepted for the content-length
 // add the param function to request object
-router.use(allRequestData);
+router.use(router._allRequestData);
 
 // API Rate limiter
 limiter({
@@ -92,33 +123,6 @@ limiter({
 
 router.use(response);
 router.use(expressValidator());
-// Log requests here
-router.use(function(req,res,next){
-  var ipAddress = req.get('x-forwarded-for') || req.connection && req.connection.remoteAddress;
-  req.requestId = fnv.hash(new Date().valueOf() + ipAddress, 128).str();
-
-  var reqLog = {
-    RequestId: req.requestId,
-    ipAddress: ipAddress,
-    url: sanitizeRequestUrl(req),
-    method: req.method,
-    body: _.omit(req.body, ['password','cardno']),
-    app: req.appId,
-    user: req.userId,
-    device: req.get('user-agent'),
-    createdAt: new Date()
-};
-
-RequestLogs.create(reqLog)
-.then(function(res){
-    return _.identity(res);
-});
-
-  // persist RequestLog entry in the background; continue immediately
-
-  log.info(reqLog);
-  next();
-});
 
 router.get('/', function (req, res) {
     res.ok({name: me.name, version: me.version});
@@ -137,7 +141,7 @@ router.use('/', initialize);
 
 
 // Make userId compolsory in every request
-router.use(enforceUserIdAndAppId);
+router.use(router._enforceUserIdAndAppId);
 
 // Other routes here
 // 

services/encryption/index.js

@@ -99,11 +99,11 @@ module.exports = {
 
     interpreter: function(req, res, next){
         var encryption = require('./');
-        if(req.header('x-tag')){
-            res.set('x-tag', req.header('x-tag'));
+        if( req.get('x-tag') ){
+            res.set('x-tag', req.get('x-tag'));
             res.set('Access-Control-Expose-Headers','x-tag');
 
-            var key = req.header('x-tag');
+            var key = req.get('x-tag');
 
             if(req.method === 'POST' && config.secureMode){
                 if(req.body.secureData){

services/response/badRequest.js

@@ -7,10 +7,13 @@ module.exports = function(data, message){
 	log.warn('Sending bad request response: ', data, message || 'bad request');
     var req = this.req;
     var res = this;
-
+    // ToDo: Move this to a queue. Not good for performance
     RequestLogs.update({RequestId: req.requestId},{response: {status: 'error', data: data, message: message ? message : 'bad request'}})
     .then(function(res){
         return _.identity(res);
+    })
+    .catch(function(err){
+        log.error(err);
     });
 
 	if (data !== undefined && data !== null) {