chore(api): add ExamEnvironmentAuthorizationToken -> user relation (freeCodeCamp#56627)

ShaunSHamilton · ojeytonwilliams · web-flow · commit 51802492b1ff · 2024-10-25T10:10:26.000+02:00
Co-authored-by: Oliver Eyton-Williams &lt;ojeytonwilliams@gmail.com&gt;
diff --git a/api/jest.utils.ts b/api/jest.utils.ts
@@ -207,6 +207,11 @@ export const defaultUserEmail = 'foo@bar.com';
 export const defaultUsername = 'fcc-test-user';
 
 export const resetDefaultUser = async (): Promise<void> => {
+  await fastifyTestInstance.prisma.examEnvironmentAuthorizationToken.deleteMany(
+    {
+      where: { userId: defaultUserId }
+    }
+  );
   await fastifyTestInstance.prisma.user.deleteMany({
     where: { email: defaultUserEmail }
   });
diff --git a/api/prisma/schema.prisma b/api/prisma/schema.prisma
@@ -143,7 +143,8 @@ model user {
   isClassroomAccount           Boolean? // Undefined
 
   // Relations
-  examAttempts EnvExamAttempt[]
+  examAttempts                      EnvExamAttempt[]
+  examEnvironmentAuthorizationToken ExamEnvironmentAuthorizationToken?
 }
 
 // -----------------------------------
@@ -377,15 +378,13 @@ model UserToken {
   @@index([userId], map: "userId_1")
 }
 
-/// TODO: Token has to outlive the exam attempt
-/// Validation has to be taken as the attempt is requested
-/// to ensure it lives long enough.
 model ExamEnvironmentAuthorizationToken {
   id          String   @id @map("_id")
   createdDate DateTime @db.Date
-  userId      String   @db.ObjectId
+  userId      String   @unique @db.ObjectId
 
-  @@index([userId], map: "userId_1")
+  // Relations
+  user user @relation(fields: [userId], references: [id])
 }
 
 model sessions {
diff --git a/api/src/exam-environment/routes/exam-environment.ts b/api/src/exam-environment/routes/exam-environment.ts
@@ -107,7 +107,7 @@ async function tokenVerifyHandler(
   const examEnvironmentAuthorizationToken =
     payload.examEnvironmentAuthorizationToken;
 
-  const token = await this.prisma.examEnvironmentAuthorizationToken.findFirst({
+  const token = await this.prisma.examEnvironmentAuthorizationToken.findUnique({
     where: {
       id: examEnvironmentAuthorizationToken
     }
diff --git a/api/src/routes/protected/user.test.ts b/api/src/routes/protected/user.test.ts
@@ -16,6 +16,7 @@ import {
   createSuperRequest
 } from '../../../jest.utils';
 import { JWT_SECRET } from '../../utils/env';
+import { customNanoid } from '../../utils/ids';
 import { getMsTranscriptApiUrl } from './user';
 
 const mockedFetch = jest.fn();
@@ -564,6 +565,11 @@ describe('userRoutes', () => {
         await fastifyTestInstance.prisma.userToken.deleteMany({
           where: { id: userTokenId }
         });
+        await fastifyTestInstance.prisma.examEnvironmentAuthorizationToken.deleteMany(
+          {
+            where: { userId: defaultUserId }
+          }
+        );
       });
 
       test('GET rejects with 500 status code if the username is missing', async () => {
@@ -1130,6 +1136,72 @@ Thanks and regards,
         });
       });
     });
+
+    describe('/user/exam-environment/token', () => {
+      afterEach(async () => {
+        await fastifyTestInstance.prisma.examEnvironmentAuthorizationToken.deleteMany(
+          {
+            where: { userId: defaultUserId }
+          }
+        );
+      });
+
+      test('POST generates a new token if one does not exist', async () => {
+        const response = await superPost('/user/exam-environment/token');
+        const { examEnvironmentAuthorizationToken } = response.body.data;
+
+        const decodedToken = jwt.decode(examEnvironmentAuthorizationToken);
+
+        expect(decodedToken).toStrictEqual({
+          examEnvironmentAuthorizationToken:
+            expect.stringMatching(/^[a-zA-Z0-9]{64}$/),
+          iat: expect.any(Number)
+        });
+
+        expect(() =>
+          jwt.verify(examEnvironmentAuthorizationToken, 'wrong-secret')
+        ).toThrow();
+        expect(() =>
+          jwt.verify(examEnvironmentAuthorizationToken, JWT_SECRET)
+        ).not.toThrow();
+
+        expect(response.status).toBe(200);
+      });
+
+      test('POST only allows for one token per user id', async () => {
+        const id = customNanoid();
+        await fastifyTestInstance.prisma.examEnvironmentAuthorizationToken.create(
+          {
+            data: {
+              userId: defaultUserId,
+              id,
+              createdDate: new Date()
+            }
+          }
+        );
+
+        const response = await superPost('/user/exam-environment/token');
+
+        const { examEnvironmentAuthorizationToken } = response.body.data;
+
+        const decodedToken = jwt.decode(examEnvironmentAuthorizationToken);
+
+        expect(decodedToken).not.toHaveProperty(
+          'examEnvironmentAuthorizationToken',
+          id
+        );
+
+        expect(response.status).toBe(200);
+
+        const tokens =
+          await fastifyTestInstance.prisma.examEnvironmentAuthorizationToken.findMany(
+            {
+              where: { userId: defaultUserId }
+            }
+          );
+        expect(tokens).toHaveLength(1);
+      });
+    });
   });
 
   describe('Unauthenticated user', () => {

Original file line number	Diff line number	Diff line change
`@@ -107,7 +107,7 @@ async function tokenVerifyHandler(`
`107`	`107`	`const examEnvironmentAuthorizationToken =`
`108`	`108`	`payload.examEnvironmentAuthorizationToken;`
`109`	`109`
`110`		`- const token = await this.prisma.examEnvironmentAuthorizationToken.findFirst({`
	`110`	`+ const token = await this.prisma.examEnvironmentAuthorizationToken.findUnique({`
`111`	`111`	`where: {`
`112`	`112`	`id: examEnvironmentAuthorizationToken`
`113`	`113`	`}`