Frontend

.eslintrc.json

@@ -1,27 +1,12 @@
 {
     "env": {
         "commonjs": true,
-        "es6": true,
-        "node": true,
-        "jest/globals": true,
-        "cypress/globals": true
-    },
-    "extends": [
-      "eslint:recommended",
-      "plugin:node/recommended"
-    ],
-    "globals": {
-        "Atomics": "readonly",
-        "SharedArrayBuffer": "readonly"
+        "es2021": true,
+        "node": true
     },
     "parserOptions": {
-        "ecmaVersion": 2022
+        "ecmaVersion": "latest"
     },
-    "plugins": [
-      "cypress",
-      "jest",
-      "node"
-    ],
     "rules": {
     }
 }

.github/workflows/main.yml

@@ -0,0 +1,45 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - main
+
+jobs:
+  build-and-test:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node-version: [18.x]
+        mongodb-version: ['6.0']
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v2
+        with:
+          node-version: ${{ matrix.node-version }}
+
+      - name: Start MongoDB
+        uses: supercharge/[email protected]
+        with:
+          mongodb-version: ${{ matrix.mongodb-version }}
+
+      - name: Install dependencies
+        run: npm install
+# run the unit tests but exclude the selenium tests.
+      - name: Run unit tests
+        run: npm run test:unit
+# run the cypress tests using cypress actions.
+      - name: Start test server
+        run: npm run start:test &
+
+      - name: Run all Cypress tests
+        uses: cypress-io/github-action@v5
+        with:
+          start: npm start
+          record: true
+        env:
+          CYPRESS_RECORD_KEY: ${{ secrets.CYPRESS_RECORD_KEY }}

README.md

@@ -14,7 +14,7 @@ It uses:
 
 ## Card wall
 
-REPLACE THIS TEXT WITH A LINK TO YOUR CARD WALL
+[Trello Board](https://trello.com/b/ZcUWX9qo/betta-acebook)
 
 ## Quickstart
 

app.js

@@ -11,31 +11,41 @@ const postsRouter = require("./routes/posts");
 const sessionsRouter = require("./routes/sessions");
 const usersRouter = require("./routes/users");
 
+const mongoose = require('mongoose')
+const User = require("./models/user");
+
+const sanitizeInput = require('./functions/sanitize')
+
 const app = express();
 
 // view engine setup
 app.set("views", path.join(__dirname, "views"));
 app.set("view engine", "hbs");
 
+
 app.use(logger("dev"));
 app.use(express.json());
 app.use(express.urlencoded({ extended: true }));
 app.use(cookieParser());
 app.use(express.static(path.join(__dirname, "public")));
 app.use(methodOverride("_method"));
 
+
 app.use(
   session({
     key: "user_sid",
     secret: "super_secret",
     resave: false,
     saveUninitialized: false,
     cookie: {
-      expires: 600000,
+      expires: 1200000,
     },
+    rolling: true, // Extend the session expiration on each request
+    rollingTimeout: 1200000, // Set the rolling timeout to 10 minutes
   })
 );
 
+
 // clear the cookies after user logs out
 app.use((req, res, next) => {
   if (req.cookies.user_sid && !req.session.user) {
@@ -44,13 +54,16 @@ app.use((req, res, next) => {
   next();
 });
 
+
 // middleware function to check for logged-in users
 const sessionChecker = (req, res, next) => {
   if (!req.session.user && !req.cookies.user_sid) {
     res.redirect("/sessions/new");
   } else {
     next();
   }
+
+
 };
 
 // route setup
@@ -59,11 +72,13 @@ app.use("/posts", sessionChecker, postsRouter);
 app.use("/sessions", sessionsRouter);
 app.use("/users", usersRouter);
 
+
 // catch 404 and forward to error handler
 app.use((req, res, next) => {
   next(createError(404));
 });
 
+
 // error handler
 app.use((err, req, res) => {
   // set locals, only providing error in development
@@ -75,4 +90,31 @@ app.use((err, req, res) => {
   res.render("error");
 });
 
+
+app.post("/users/new", async (req, res) => {
+  try {
+    const { firstName, lastName, email, password, confirmPassword } = req.body;
+
+    // Sanitize and validate input
+    const sanitizedFirstName = sanitizeInput(firstName);
+    const sanitizedLastName = sanitizeInput(lastName);
+    const sanitizedEmail = sanitizeInput(email);
+
+    // Create a new user
+    const user = new User({
+      firstName: sanitizedFirstName,
+      lastName: sanitizedLastName,
+      email: sanitizedEmail,
+      password: password,
+    });
+
+    // Save the user to the database
+    await user.save();
+
+    res.status(200).json({ message: "Signup successful!" });
+  } catch (error) {
+    res.status(500).json({ message: "Signup failed." });
+  }
+});
+
 module.exports = app;

betta_test_scenarios.md

@@ -0,0 +1,60 @@
+# Acebook Betta - Test Scenarios
+    Making people's lives betta
+
+#### **1. Home Page:**
+
+| Test Case ID | Test Scenario                                                                          | Test Steps                                                                | Expected Result                                     | Actual Result |
+|-------|----------------------------------------------------------------------------------------|---------------------------------------------------------------------------|-----------------------------------------------------|---------|
+| HP_01 | Verify all links on the navigation bar                                                 | Click each link on the navigation bar  <br/> signup link  <br/>login link | Each link should direct to the correct page         |
+| HP_02 | Verify that menu options show on navigation bar when page size is reduced(mobile view) | Reduce the page size and check the menu                                   | Menu should display and links should work correctly |
+| HP_03 | Verify page title visibility(including accessibility)                                  | Look at the title of the homepage(check if accessible)                    | The title should be visible and findable with label |
+| HP_04 | Verify persistence of login session                                                    | Login, navigate away to another website, and return to homepage           | User should still be logged in                      |
+
+#### **2. Sign Up:**
+
+| Test Case ID | Test Scenario                                                       | Test Steps                                                                                | Expected Result                                                                               | Actual Result |
+|--------------|---------------------------------------------------------------------|-------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------|--------------|
+| SU_01 | Verify home link / cancel / back functionality                      | Click on each  <br/>submit button  <br/>cancel button                                     | Should navigate to the corresponding page                                                     |
+| SU_02 | Verify valid username, full name, email, password are only accepted | 1- Try to sign up with invalid credentials  <br/>2- Try to sign up with valid credentials | 1- Error message should be displayed if fails  <br/>2- Signup confirmation shown if succesful |
+| SU_03 | Verify password hashing                                             | Sign up and inspect database                                                              | Password should be stored as a hash                                                           |
+| SU_04 | Unable to signup with existing email address                        | Try to sign up with an email already in use                                               | Should throw an error message                                                                 |
+| SU_05 | Verify prevention of duplicate signup credentials                   | Try to sign up with duplicate credentials                                                 | Should throw an error message                                                                 |
+| SU_06 | Verify password criteria                                            | Check if password requirements are displayed and enforced                                 | Requirements should be enforced, and error message should be displayed if not met             |
+| SU_07 | Verify error message if fields left blank                           | Try to sign up leaving fields blank                                                       | Error message should be received                                                              |
+| SU_08 | Verify confirm sign up button functionality                         | Click the confirm sign up button                                                          | Should return to homepage/landing page/profile page                                           |
+| SU_09 | Verify punctuation acceptance in name fields                        | Try to sign up with punctuation in name fields                                            | Should throw error if entered incorrectly                                                     |
+| SU_10 | Verify maximum character limit                                      | Try to sign up with a name fields that exceeds character limit                            | Should throw error if character limit is exceeded                                             |
+| SU_11 | Verify auto log out feature (SECURITY)                              | Stay inactive for the duration of the session timeout                                     | Should be logged out automatically                                                            |
+| SU_12 | Verify prevention of harmful scripts                                | Try to inject harmful script during sign up                                               | Should prevent script injection                                                               |
+
+#### **3. Login Page:**
+
+| Test Case ID | Test Scenario                                      | Test Steps                                  | Expected Result | Actual Result |
+|--------------|----------------------------------------------------|---------------------------------------------|----------------|--------------| 
+| LP_01 | Verify only valid email address is accepted        | Try to log in with an invalid email address | Should not be able to log in |
+| LP_02 | Verify only valid passwords are accepted           | Try to log in with an invalid password      | Should not be able to log in |
+| LP_03 | Verify error message for invalid login credentials | Try to log in with invalid credentials      | Error message should display (should not specify if password/email is incorrect) |
+| LP_04 | Verify prevention of harmful scripts               | Try to inject harmful script during login   | Should prevent script injection |
+| LP_05 | Verify blank fields are not accepted               | Try to log in with blank fields             | Error message should display |
+
+#### **4. Posts Page:**
+
+| Test Case ID | Test Scenario                                                          | Test Steps                                        | Expected Result                                    | Actual Result                                |
+|--------------|------------------------------------------------------------------------|---------------------------------------------------|----------------------------------------------------|----------------------------------------------|
+| PP_01 | Verify ability to create a new post                                    | Log in and try to create a new post               | Should be able to create a post                    |
+| PP_02 | Verify ability to create multiple posts                                | Log in and try to create multiple posts           | Should be able to create multiple posts            |
+| PP_03 | Verify upper limit of number of posts shown  <br/> (Check performance) | Create posts that exceed the limit                | Should only show the maximum number of posts       |
+| PP_04 | Verify local date stamp on post                                        | Create a post and check the local date stamp      | Date stamp should match the current local date     |
+| PP_05 | Verify emoji acceptance                                                | Create a post with emojis                         | Post should display with emojis                    | Pass                                         |
+| PP_06 | Verify special characters/punctuation acceptance                       | Create a post with special characters/punctuation | Post should display with special characters/punctuation |
+| PP_07 | Verify UTF-8 language character support                                | Create a post with UTF-8 characters               | Post should display with UTF-8 characters          |
+| PP_08 | Verify post creation only when signed in (SECURITY)                    | Try to create a post when not logged in           | Should not be able to create a post                |
+| PP_09 | Verify handling of post creation with empty fields                     | Try to create a post with empty fields            | Error message should display                       | Fail - Able to create posts with empty field |
+| PP_10 | Verify navigation bar displays properly                                | Check the navigation bar on the posts page        | Navigation bar should display properly             |
+
+#### **5. Performance Testing:**
+| Test Case ID | Test Scenario | Test Steps | Expected Result | Actual Result |
+|--------------|---------------|--------------|----------------|--------------|
+| PT_01        | Sign up       | placeholder | placeholder | placeholder |
+| PT_02        | Login         | placeholder | placeholder | placeholder |
+

betta_user_stories.md

@@ -0,0 +1,55 @@
+## **Acebook Betta User Stories**
+Acebook aims to be an easy-to-use and accessible platform that simplifies staying in touch with friends.
+
+Acebook will connect people and make their lives betta.
+
+## User Stories
+**Feature:** Signup
+- As a new user,  
+  When I am on homepage and I click on sign up,  
+  I want to be taken to the sign up page,
+  I want to see the option to enter my first name, last name, email, password, confirm password
+  So that I can signup.
+
+**Feature:** Login
+- As a user with account,  
+  When I am on homepage I want to be able click login,  
+  So that I can be taken to the login page,  
+  And be able to enter my account details,
+  So that I can be taken to my homepage
+
+**Feature:** Logout
+- As a user,  
+  I want to be able to click logout,  
+  So that I can end my session securely, 
+  And be taken back to the login page.
+
+**Feature:** Posts Page
+- As a logged-in user,  
+  I want to be able to see posts,
+  See comments on posts, and number of likes,
+  So that I can connect with friends.
+
+**Feature:** Create Post
+- As a logged-in user,
+  I want to be able to click create post,
+  And be taken to new post page,
+  Enter some content and upload an image,
+  So that I can create a post.
+
+**Feature:** Comment on Post
+- As a logged-in user,  
+  I want to be able to comment on an existing post, 
+  By entering a comment and submitting it, 
+  So that I can see my comment is reflected on the post.
+
+**Feature:** Like a Post
+- As a logged-in user,  
+  I want to be able to like an existing post,
+  By clicking a like button,
+  So that I can see my like is reflected on the post.
+
+**Feature:** Upload Profile Picture
+- As a logged-in user,
+  I want to be able to upload a profile picture,
+  So that it is displayed to other users across pages.

controllers/home.js

@@ -4,4 +4,4 @@ const HomeController = {
   },
 };
 
-module.exports = HomeController;
+module.exports = HomeController;