Merge pull request #27 from fullstack-development/25-e2e-tests

e2e tests

Author: hersveit

api/package.json

@@ -32,7 +32,7 @@
         "@nestjs/passport": "^9.0.0",
         "@nestjs/platform-express": "^9.0.0",
         "@nestjs/schedule": "^2.1.0",
-        "@prisma/client": "^3.14.0",
+        "@prisma/client": "3.14.0",
         "body-parser": "^1.19.0",
         "class-transformer": "^0.3.1",
         "class-validator": "^0.12.2",
@@ -43,8 +43,8 @@
         "express": "^4.17.2",
         "node-fetch": "^2.6.7",
         "passport": "^0.4.1",
+        "prisma": "3.14.0",
         "passport-jwt": "^4.0.0",
-        "prisma": "^3.14.0",
         "ramda": "^0.27.1",
         "reflect-metadata": "^0.1.13",
         "rimraf": "^3.0.2",

api/src/controllers/auth/__tests__/auth.controller.spec.ts

@@ -19,6 +19,7 @@ import { getUserStub } from '../../../__mocks__/user.stub';
 import { DatabaseServiceProvider } from '../../../services/database/database.service';
 import { ModuleRef } from '@nestjs/core';
 import { TokenServiceProvider } from '../../../services/token/token.service';
+import { v4 } from 'uuid';
 
 describe('AuthController', () => {
     const appWrap = {} as AppWrap;
@@ -187,12 +188,13 @@ describe('AuthController', () => {
                 refreshCookie: '2',
                 refreshToken: '2',
             });
+            const confirmUuid = v4();
             const response = await request(appWrap.app.getHttpServer())
                 .post('/api/auth/confirm-email')
                 .set('Content-Type', 'application/x-www-form-urlencoded')
-                .send({ confirmUuid: '123' });
+                .send({ confirmUuid });
 
-            expect(authService.confirmEmail).toBeCalledWith('123');
+            expect(authService.confirmEmail).toBeCalledWith(confirmUuid);
             expect(response.statusCode).toEqual(200);
             expect(response.body).toEqual({
                 success: true,

api/src/controllers/auth/auth.model.ts

@@ -1,4 +1,4 @@
-import { IsEmail, IsString, MaxLength, MinLength } from 'class-validator';
+import { IsEmail, IsString, IsUUID, MaxLength, MinLength } from 'class-validator';
 
 export class SignUpInput {
     @IsEmail()
@@ -21,6 +21,6 @@ export class SignInInput {
 }
 
 export class ConfirmEmailInput {
-    @IsString() //TODO: replace validate string for UUID
+    @IsUUID('4')
     confirmUuid: string;
 }

api/src/controllers/user/__tests__/user.controller.spec.ts

@@ -117,7 +117,7 @@ describe('UserController', () => {
 
             expect(response.statusCode).toEqual(200);
             expect(omit(['created'], response.body.data)).toEqual(
-                omit(['refreshToken', 'created'], user),
+                omit(['refreshToken', 'created', 'emailConfirm', 'hash'], user),
             );
         });
     });

api/src/controllers/user/user.controller.ts

@@ -13,7 +13,7 @@ export class UserControllerProvider {
     async me(@User() { id }: RequestUser) {
         return mapResponse(await this.users.findUser({ id }))((user) => {
             return ControllerResponse.Success({
-                body: R.omit(['refreshToken'], user),
+                body: R.omit(['refreshToken', 'emailConfirm', 'hash'], user),
             });
         });
     }

api/yarn.lock

@@ -797,22 +797,22 @@
     consola "^2.15.0"
     node-fetch "^2.6.1"
 
-"@prisma/client@^3.14.0":
-  version "3.15.2"
-  resolved "https://registry.yarnpkg.com/@prisma/client/-/client-3.15.2.tgz#2181398147afc79bfe0d83c03a88dc45b49bd365"
-  integrity sha512-ErqtwhX12ubPhU4d++30uFY/rPcyvjk+mdifaZO5SeM21zS3t4jQrscy8+6IyB0GIYshl5ldTq6JSBo1d63i8w==
+"@prisma/client@3.14.0":
+  version "3.14.0"
+  resolved "https://registry.yarnpkg.com/@prisma/client/-/client-3.14.0.tgz#bb90405c012fcca11f4647d91153ed4c58f3bd48"
+  integrity sha512-atb41UpgTR1MCst0VIbiHTMw8lmXnwUvE1KyUCAkq08+wJyjRE78Due+nSf+7uwqQn+fBFYVmoojtinhlLOSaA==
   dependencies:
-    "@prisma/engines-version" "3.15.1-1.461d6a05159055555eb7dfb337c9fb271cbd4d7e"
+    "@prisma/engines-version" "3.14.0-36.2b0c12756921c891fec4f68d9444e18c7d5d4a6a"
 
-"@prisma/engines-version@3.15.1-1.461d6a05159055555eb7dfb337c9fb271cbd4d7e":
-  version "3.15.1-1.461d6a05159055555eb7dfb337c9fb271cbd4d7e"
-  resolved "https://registry.yarnpkg.com/@prisma/engines-version/-/engines-version-3.15.1-1.461d6a05159055555eb7dfb337c9fb271cbd4d7e.tgz#bf5e2373ca68ce7556b967cb4965a7095e93fe53"
-  integrity sha512-e3k2Vd606efd1ZYy2NQKkT4C/pn31nehyLhVug6To/q8JT8FpiMrDy7zmm3KLF0L98NOQQcutaVtAPhzKhzn9w==
+"@prisma/engines-version@3.14.0-36.2b0c12756921c891fec4f68d9444e18c7d5d4a6a":
+  version "3.14.0-36.2b0c12756921c891fec4f68d9444e18c7d5d4a6a"
+  resolved "https://registry.yarnpkg.com/@prisma/engines-version/-/engines-version-3.14.0-36.2b0c12756921c891fec4f68d9444e18c7d5d4a6a.tgz#4edae57cf6527f35e22cebe75e49214fc0e99ac9"
+  integrity sha512-D+yHzq4a2r2Rrd0ZOW/mTZbgDIkUkD8ofKgusEI1xPiZz60Daks+UM7Me2ty5FzH3p/TgyhBpRrfIHx+ha20RQ==
 
-"@prisma/engines@3.15.1-1.461d6a05159055555eb7dfb337c9fb271cbd4d7e":
-  version "3.15.1-1.461d6a05159055555eb7dfb337c9fb271cbd4d7e"
-  resolved "https://registry.yarnpkg.com/@prisma/engines/-/engines-3.15.1-1.461d6a05159055555eb7dfb337c9fb271cbd4d7e.tgz#f691893df506b93e3cb1ccc15ec6e5ac64e8e570"
-  integrity sha512-NHlojO1DFTsSi3FtEleL9QWXeSF/UjhCW0fgpi7bumnNZ4wj/eQ+BJJ5n2pgoOliTOGv9nX2qXvmHap7rJMNmg==
+"@prisma/engines@3.14.0-36.2b0c12756921c891fec4f68d9444e18c7d5d4a6a":
+  version "3.14.0-36.2b0c12756921c891fec4f68d9444e18c7d5d4a6a"
+  resolved "https://registry.yarnpkg.com/@prisma/engines/-/engines-3.14.0-36.2b0c12756921c891fec4f68d9444e18c7d5d4a6a.tgz#7fa11bc26a51d450185c816cc0ab8cac673fb4bf"
+  integrity sha512-LwZvI3FY6f43xFjQNRuE10JM5R8vJzFTSmbV9X0Wuhv9kscLkjRlZt0BEoiHmO+2HA3B3xxbMfB5du7ZoSFXGg==
 
 "@sinclair/typebox@^0.24.1":
   version "0.24.51"
@@ -4072,12 +4072,12 @@ pretty-format@^28.0.0, pretty-format@^28.1.3:
     ansi-styles "^5.0.0"
     react-is "^18.0.0"
 
-prisma@^3.14.0:
-  version "3.15.2"
-  resolved "https://registry.yarnpkg.com/prisma/-/prisma-3.15.2.tgz#4ebe32fb284da3ac60c49fbc16c75e56ecf32067"
-  integrity sha512-nMNSMZvtwrvoEQ/mui8L/aiCLZRCj5t6L3yujKpcDhIPk7garp8tL4nMx2+oYsN0FWBacevJhazfXAbV1kfBzA==
+prisma@3.14.0:
+  version "3.14.0"
+  resolved "https://registry.yarnpkg.com/prisma/-/prisma-3.14.0.tgz#dd67ece37d7b5373e9fd9588971de0024b49be81"
+  integrity sha512-l9MOgNCn/paDE+i1K2fp9NZ+Du4trzPTJsGkaQHVBufTGqzoYHuNk8JfzXuIn0Gte6/ZjyKj652Jq/Lc1tp2yw==
   dependencies:
-    "@prisma/engines" "3.15.1-1.461d6a05159055555eb7dfb337c9fb271cbd4d7e"
+    "@prisma/engines" "3.14.0-36.2b0c12756921c891fec4f68d9444e18c7d5d4a6a"
 
 process-nextick-args@~2.0.0:
   version "2.0.1"

e2e/src/controllers/api/auth.controller.spec.ts

@@ -1,5 +1,151 @@
+import { PrismaClient } from '@prisma/client';
+import { isJWT } from 'class-validator';
+import { v4 } from 'uuid';
+import { confirmEmail, refresh, signIn, signUp } from './endpoints/auth.controller.endpoints';
+
 describe('Auth Controller', () => {
-    it('no test', () => {
-        expect(true).toBeTruthy();
-    })
-});
+    let prisma: PrismaClient;
+
+    beforeAll(async () => {
+        prisma = new PrismaClient();
+        await prisma.$connect();
+    });
+
+    afterAll(async () => {
+        await prisma.$disconnect();
+    });
+
+    describe('POST /api/auth/sign-up', () => {
+        it('should return 400 on invalid body', async () => {
+            await signUp.spec().withBody({}).expectStatus(400).toss();
+        });
+
+        it('should return 400 on invalid email', async () => {
+            await signUp
+                .spec()
+                .withBody({ password: '12345678', email: 'invalid' })
+                .expectStatus(400)
+                .toss();
+        });
+
+        it('should success sign up user', async () => {
+            await signUp.send({ email: 'test@example.com', password: '12345678' });
+
+            expect(
+                (await prisma.user.findFirst({ where: { email: 'test@example.com' } }))
+                    ?.emailConfirmed,
+            ).toBeFalsy();
+        });
+
+        it('should return error if user already exist', async () => {
+            await signUp
+                .spec()
+                .withBody({ email: 'test@example.com', password: '12345678' })
+                .expectStatus(200)
+                .expectJsonLike({ data: { error: 'userAlreadyExist' } });
+        });
+    });
+
+    describe('POST /api/auth/confirm-email', () => {
+        it('should return 400 on invalid body', async () => {
+            await confirmEmail.spec().withBody({}).expectStatus(400).toss();
+        });
+
+        it('should return 400 on invalid uuid', async () => {
+            await confirmEmail.spec().withBody({ confirmUuid: 'invalid' }).expectStatus(400).toss();
+        });
+
+        it('should return error if email confirm not found', async () => {
+            await confirmEmail
+                .spec()
+                .withBody({ confirmUuid: v4() })
+                .expectStatus(200)
+                .expectJsonLike({ data: { error: 'cannotFindEmailConfirm' } });
+        });
+
+        it('should success confirm email', async () => {
+            const user = await prisma.user.findFirst({
+                where: { email: 'test@example.com' },
+                include: { emailConfirm: true },
+            });
+
+            expect(
+                (await prisma.user.findFirst({ where: { email: 'test@example.com' } }))
+                    ?.emailConfirmed,
+            ).toBeFalsy();
+
+            await confirmEmail.send(user?.emailConfirm?.confirmUuid as string);
+
+            expect(
+                (await prisma.user.findFirst({ where: { email: 'test@example.com' } }))
+                    ?.emailConfirmed,
+            ).toBeTruthy();
+        });
+
+        it('should return error if user already confirmed email', async () => {
+            const user = await prisma.user.findFirst({
+                where: { email: 'test@example.com' },
+                include: { emailConfirm: true },
+            });
+
+            await confirmEmail
+                .spec()
+                .withBody({ confirmUuid: user?.emailConfirm?.confirmUuid })
+                .expectStatus(200)
+                .expectJsonLike({ data: { error: 'emailAlreadyConfirmed' } });
+        });
+    });
+
+    describe('POST /api/auth/sign-in', () => {
+        it('should return 400 on invalid body', async () => {
+            await signIn.spec().withBody({}).expectStatus(400).toss();
+            await signIn.spec().withBody({ email: 'test@example.com' }).expectStatus(400).toss();
+            await signIn
+                .spec()
+                .withBody({ email: 'invalid', password: '12345678' })
+                .expectStatus(400)
+                .toss();
+        });
+
+        it('should return error if user not confirm email', async () => {
+            await signUp.send({ email: 'test1@example.com', password: '12345678' });
+
+            await signIn
+                .spec()
+                .withBody({ email: 'test1@example.com', password: '12345678' })
+                .expectStatus(200)
+                .expectJsonLike({ data: { error: 'emailNotConfirmed' } });
+        });
+
+        it('should return error if email or password incorrect', async () => {
+            await signIn
+                .spec()
+                .withBody({ email: 'test@example.com', password: '123456789' })
+                .expectStatus(200)
+                .expectJsonLike({ data: { error: 'emailOrPasswordIncorrect' } });
+            await signIn
+                .spec()
+                .withBody({ email: 'test2@example.com', password: '12345678' })
+                .expectStatus(200)
+                .expectJsonLike({ data: { error: 'emailOrPasswordIncorrect' } });
+        });
+
+        it('should success return tokens', async () => {
+            await signIn.send({ email: 'test@example.com', password: '12345678' });
+        });
+    });
+
+    describe('GET /api/auth/refresh', () => {
+        it('should return 401', async () => {
+            await refresh.spec().expectStatus(401).toss();
+        });
+
+        it('should return new access token and refresh token in cookie', async () => {
+            const tokens = await signIn.send({ email: 'test@example.com', password: '12345678' });
+
+            const result = await refresh.send(tokens.refreshToken);
+            expect(isJWT(result.accessToken)).toEqual(true);
+            expect(isJWT(result.refreshToken)).toEqual(true);
+        });
+    });
+});

e2e/src/controllers/api/endpoints/auth.controller.endpoints.ts

@@ -0,0 +1,94 @@
+import Spec from 'pactum/src/models/Spec';
+import { plainToClass } from 'class-transformer';
+import { IsJWT, isJWT, validate } from 'class-validator';
+import * as cookieParser from 'cookie';
+import { getSpec, postSpec } from '../../../pactum';
+import { IsTrue } from '../../../utils/validation.utils';
+
+type SignInput = {
+    email: string;
+    password: string;
+};
+
+const signIn = postSpec.api<SignInput, { accessToken: string; refreshToken: string }>(
+    'auth/sign-in',
+    (spec: Spec) => async (data: SignInput) => {
+        const response = await spec
+            .withBody({
+                email: data.email,
+                password: data.password,
+            })
+            .expectStatus(200)
+            .toss();
+
+        return extractAuthData(response);
+    },
+);
+
+const signUp = postSpec.api<SignInput, true>(
+    'auth/sign-up',
+    (spec: Spec) => async (data: SignInput) => {
+        const response = await spec
+            .withBody({
+                email: data.email,
+                password: data.password,
+            })
+            .expectStatus(200)
+            .toss();
+    
+        const body = plainToClass(SignUpResponse, response.json);
+
+        const errors =  await validate(body);
+        expect(errors.length).toEqual(0);
+
+        return body.success;
+    },
+);
+
+const refresh = getSpec.api<string, { accessToken: string; refreshToken: string }>(
+    'auth/refresh',
+    (spec) => async (refreshToken) => {
+        const response = await spec
+            .withCookies({
+                Refresh: refreshToken,
+            })
+            .expectStatus(200)
+            .toss();
+
+        return extractAuthData(response);
+    },
+);
+
+const confirmEmail = postSpec.api<string, { accessToken: string; refreshToken: string }>(
+    'auth/confirm-email',
+    (spec) => async (confirmUuid) => {
+        const response = await spec.withBody({ confirmUuid }).expectStatus(200).toss();
+
+        return extractAuthData(response);
+    },
+);
+
+async function extractAuthData(response: any) {
+    const refreshToken = (cookieParser.parse(response.headers['set-cookie'][0]) || {})['Refresh'];
+    expect(isJWT(refreshToken)).toEqual(true);
+
+    const bodyErrors = await validate(plainToClass(AuthBody, response.json));
+    expect(bodyErrors.length).toEqual(0);
+
+    return {
+        accessToken: response.json.data as string,
+        refreshToken: refreshToken,
+    };
+}
+
+class AuthBody {
+    @IsJWT()
+    data: string;
+}
+
+class SignUpResponse {
+    @IsTrue()
+    success: true;
+}
+
+export { signIn, refresh, confirmEmail, signUp };