Dev

.github/workflows/deno.yml

@@ -38,4 +38,5 @@ jobs:
         run: cd backend; deno lint
 
       - name: Run tests
-        run: cd backend; deno test -A
+        run: cd backend; deno test --allow-read --allow-env --trace-leaks
+

.github/workflows/node.js.yml

@@ -29,6 +29,8 @@ jobs:
         run: cd frontend; npm ci
       - name: check formatting with prettier
         run: cd frontend; npm run check-formatting
+      - name: lint
+        run: cd frontend; npm run lint
       - name: nextjs build
         run: cd frontend; npm run build
       - name: run tests

.gitignore

@@ -1,5 +1,8 @@
-# editor
-/.vscode/
-
 # node
 /node_modules
+
+# temporary files
+*.tmp
+
+# Environment variables
+.env

.vscode/settings.json

@@ -0,0 +1,4 @@
+{
+	"deno.enable": true,
+	"deno.enablePaths": ["backend"]
+}

README.md

@@ -52,5 +52,5 @@ deno run dev
 
 (in `/backend`)
 ```sh
-deno run test
+deno test --allow-read --allow-env --trace-leaks
 ```

backend/.env

@@ -0,0 +1 @@
+JWT_SECRET_KEY=team6-resume-analyser

backend/api/login/login.test.ts

@@ -0,0 +1,190 @@
+import { assertEquals } from "@std/assert";
+import { createMockContext } from "@oak/oak/testing";
+import { Router } from "@oak/oak";
+import userLogin from "./login.ts";
+import { users } from "../register/register.ts";
+import { createBody } from "../../util/util.test.ts";
+import { generateHash } from "../../util/generate_hash.ts";
+
+Deno.test("POST /api/login - Successful Login", async () => {
+	// Generate the hashed password
+	const hashedPassword = await generateHash(
+		"[email protected]",
+		"securePassword",
+	);
+
+	// Pre-populate the imported users object with a registered user
+	users["[email protected]"] = {
+		email: "[email protected]",
+		username: "user123",
+		password: hashedPassword, // SHA-256 hash for 'securePassword'
+	};
+	const ctx = createMockContext({
+		method: "POST",
+		path: "/api/login",
+		headers: [["Content-Type", "application/json"]],
+		body: createBody(
+			JSON.stringify({
+				email: "[email protected]",
+				password: "securePassword",
+			}),
+		),
+	});
+
+	const router = new Router();
+	userLogin(router);
+
+	// Mock `next` function
+	const next = async () => {};
+
+	// Call the login handler
+	await router.routes()(ctx, next);
+
+	// Assertions
+	assertEquals(ctx.response.status, 200);
+
+	// Cleanup: Remove the user from the users object after the test
+	delete users["[email protected]"];
+});
+
+Deno.test("POST /api/login - Missing User Email", async () => {
+	// Generate the hashed password
+	const hashedPassword = await generateHash(
+		"[email protected]",
+		"securePassword",
+	);
+
+	// Pre-populate the imported users object with a registered user
+	users["[email protected]"] = {
+		email: "[email protected]",
+		username: "user123",
+		password: hashedPassword, // SHA-256 hash for 'securePassword'
+	};
+	const ctx = createMockContext({
+		method: "POST",
+		path: "/api/login",
+		headers: [["Content-Type", "application/json"]],
+		body: createBody(
+			JSON.stringify({
+				password: "securePassword",
+			}),
+		),
+	});
+
+	const router = new Router();
+	userLogin(router);
+
+	// Mock `next` function
+	const next = async () => {};
+
+	// Call the login handler
+	await router.routes()(ctx, next);
+
+	// Assertions
+	assertEquals(ctx.response.status, 400);
+	assertEquals(
+		ctx.response.body,
+		JSON.stringify({
+			isError: true,
+			message: "Email and password are required",
+		}),
+	);
+
+	// Cleanup: Remove the user from the users object after the test
+	delete users["[email protected]"];
+});
+
+Deno.test("POST /api/login - Missing User Password", async () => {
+	// Generate the hashed password
+	const hashedPassword = await generateHash(
+		"[email protected]",
+		"securePassword",
+	);
+
+	// Pre-populate the imported users object with a registered user
+	users["[email protected]"] = {
+		email: "[email protected]",
+		username: "user123",
+		password: hashedPassword, // SHA-256 hash for 'securePassword'
+	};
+	const ctx = createMockContext({
+		method: "POST",
+		path: "/api/login",
+		headers: [["Content-Type", "application/json"]],
+		body: createBody(
+			JSON.stringify({
+				email: "[email protected]",
+			}),
+		),
+	});
+
+	const router = new Router();
+	userLogin(router);
+
+	// Mock `next` function
+	const next = async () => {};
+
+	// Call the login handler
+	await router.routes()(ctx, next);
+
+	// Assertions
+	assertEquals(ctx.response.status, 400);
+	assertEquals(
+		ctx.response.body,
+		JSON.stringify({
+			isError: true,
+			message: "Email and password are required",
+		}),
+	);
+
+	// Cleanup: Remove the user from the users object after the test
+	delete users["[email protected]"];
+});
+
+Deno.test("POST /api/login - Invalid password", async () => {
+	// Generate the hashed password
+	const hashedPassword = await generateHash(
+		"[email protected]",
+		"securePassword",
+	);
+
+	// Pre-populate the imported users object with a registered user
+	users["[email protected]"] = {
+		email: "[email protected]",
+		username: "user123",
+		password: hashedPassword, // SHA-256 hash for 'securePassword'
+	};
+	const ctx = createMockContext({
+		method: "POST",
+		path: "/api/login",
+		headers: [["Content-Type", "application/json"]],
+		body: createBody(
+			JSON.stringify({
+				email: "[email protected]",
+				password: "securePassword11",
+			}),
+		),
+	});
+
+	const router = new Router();
+	userLogin(router);
+
+	// Mock `next` function
+	const next = async () => {};
+
+	// Call the login handler
+	await router.routes()(ctx, next);
+
+	// Assertions
+	assertEquals(ctx.response.status, 401);
+	assertEquals(
+		ctx.response.body,
+		JSON.stringify({
+			isError: true,
+			message: "Invalid email or password",
+		}),
+	);
+
+	// Cleanup: Remove the user from the users object after the test
+	delete users["[email protected]"];
+});

backend/api/login/login.ts

@@ -0,0 +1,45 @@
+import { Context, Router } from "@oak/oak";
+import { createJWT } from "../../util/jwt.ts";
+import { generateHash } from "../../util/generate_hash.ts";
+import { users } from "../register/register.ts";
+
+export default function (router: Router) {
+	router.post("/api/login", login);
+}
+
+async function login(ctx: Context) {
+	const { email, password } = await ctx.request.body.json();
+
+	if (!email || !password) {
+		ctx.response.status = 400;
+		ctx.response.body = JSON.stringify({
+			isError: true,
+			message: "Email and password are required",
+		});
+		return;
+	}
+
+	const user = users[email];
+
+	const hashedPassword = await generateHash(email, password);
+
+	if (user.email !== email || user.password !== hashedPassword) {
+		ctx.response.status = 401;
+		ctx.response.body = JSON.stringify({
+			isError: true,
+			message: "Invalid email or password",
+		});
+		return;
+	}
+
+	// Generate JWT
+	const token = await createJWT(email);
+
+	// Send the token
+	ctx.response.status = 200;
+	ctx.response.body = JSON.stringify({
+		isError: false,
+		message: "Logged in",
+		token,
+	});
+}

backend/api/register/register.test.ts

@@ -0,0 +1,110 @@
+import { assertEquals } from "@std/assert";
+import { createMockContext } from "@oak/oak/testing";
+import { Router } from "@oak/oak";
+import userRegistration from "./register.ts";
+import { createBody } from "../../util/util.test.ts";
+
+Deno.test("POST /api/register - Successful Registration", async () => {
+	const ctx = createMockContext({
+		method: "POST",
+		path: "/api/register",
+		headers: [["Content-Type", "application/json"]],
+		body: createBody(
+			JSON.stringify({
+				email: "[email protected]",
+				password: "securePassword",
+				username: "user123",
+			}),
+		),
+	});
+
+	const router = new Router();
+	userRegistration(router);
+
+	// Mock `next` function
+	const next = async () => {};
+
+	// Call the registration handler
+	await router.routes()(ctx, next);
+
+	assertEquals(ctx.response.status, 201);
+	assertEquals(
+		ctx.response.body,
+		JSON.stringify({
+			isError: false,
+			message: "Registered successfully",
+		}),
+	);
+});
+
+Deno.test("POST /api/register - Missing Fields", async () => {
+	const ctx = createMockContext({
+		method: "POST",
+		path: "/api/register",
+		headers: [["Content-Type", "application/json"]],
+		body: createBody(
+			JSON.stringify({
+				email: "[email protected]",
+				username: "user123", // Missing password
+			}),
+		),
+	});
+
+	const router = new Router();
+	userRegistration(router);
+
+	const next = async () => {};
+
+	await router.routes()(ctx, next);
+
+	assertEquals(ctx.response.status, 400);
+	assertEquals(
+		ctx.response.body,
+		JSON.stringify({
+			isError: true,
+			message: "All fields are required",
+		}),
+	);
+});
+
+Deno.test("POST /api/register - Duplicate Email", async () => {
+	const mockBody = {
+		email: "[email protected]",
+		password: "securePassword",
+		username: "user123",
+	};
+
+	const router = new Router();
+	userRegistration(router);
+
+	// First registration
+	const ctx1 = createMockContext({
+		method: "POST",
+		path: "/api/register",
+		headers: [["Content-Type", "application/json"]],
+		body: createBody(JSON.stringify(mockBody)),
+	});
+
+	const next = async () => {};
+
+	await router.routes()(ctx1, next);
+
+	// Duplicate registration
+	const ctx2 = createMockContext({
+		method: "POST",
+		path: "/api/register",
+		headers: [["Content-Type", "application/json"]],
+		body: createBody(JSON.stringify(mockBody)),
+	});
+
+	await router.routes()(ctx2, next);
+
+	assertEquals(ctx2.response.status, 400);
+	assertEquals(
+		ctx2.response.body,
+		JSON.stringify({
+			isError: true,
+			message: "Email already registered",
+		}),
+	);
+});