arthur791004 · arthur791004 · Oct 4, 2019 · Oct 3, 2019 · Oct 4, 2019
diff --git a/.env.sample b/.env.sample
@@ -1,2 +1,3 @@
 HOST=127.0.0.1
 PORT=3000
+SESSION_SECRET=
diff --git a/.eslintrc.js b/.eslintrc.js
@@ -19,7 +19,11 @@ const config = {
     'import/no-extraneous-dependencies': [
       'error',
       {
-        devDependencies: ['internals/**/*.js', 'client/**/stories.js'],
+        devDependencies: [
+          'internals/**/*.js',
+          'client/**/stories.js',
+          '**/__tests__/*.test.js',
+        ],
       },
     ],
     'import/prefer-default-export': 0,

diff --git a/.gitignore b/.gitignore
@@ -4,3 +4,7 @@ yarn-error.log
 build
 coverage
 .vscode
+.local
+
+# sqlite
+*.sqlite3
diff --git a/.sequelizerc b/.sequelizerc
@@ -0,0 +1,12 @@
+const path = require('path');
+
+const base = path.resolve(__dirname, 'server/db');
+
+const config = {
+  config: path.resolve(base, 'config/index.js'),
+  'models-path': path.resolve(base, 'models'),
+  'seeders-path': path.resolve(base, 'seeders'),
+  'migrations-path': path.resolve(base, 'migrations'),
+};
+
+module.exports = config;
diff --git a/babel.config.js b/babel.config.js
@@ -1,5 +1,15 @@
 module.exports = {
-  presets: ['@babel/preset-env', '@babel/preset-react'],
+  presets: [
+    [
+      '@babel/preset-env',
+      {
+        targets: {
+          node: 'current',
+        },
+      },
+    ],
+    '@babel/preset-react',
+  ],
   plugins: [
     [
       'module-resolver',

diff --git a/internals/jest/config.js b/internals/jest/config.js
@@ -11,6 +11,9 @@ const config = {
     '^.+\\.js$': 'babel-jest',
   },
   testRegex: '__tests__/.*\\.test\\.js$',
+  globalSetup: '<rootDir>/internals/jest/globalSetup.js',
+  globalTeardown: '<rootDir>/internals/jest/globalTeardown.js',
+  setupFiles: ['<rootDir>/internals/jest/setup.js'],
 };
 
 module.exports = config;
diff --git a/internals/jest/globalSetup.js b/internals/jest/globalSetup.js
@@ -0,0 +1,3 @@
+module.exports = () => {
+  require('../../server'); // eslint-disable-line global-require
+};
diff --git a/internals/jest/globalTeardown.js b/internals/jest/globalTeardown.js
@@ -0,0 +1,5 @@
+const server = require('../../server');
+
+module.exports = () => {
+  server.close();
+};
diff --git a/internals/jest/setup.js b/internals/jest/setup.js
@@ -0,0 +1,12 @@
+const axios = require('axios');
+const { host, port } = require('../../server/constants');
+
+const origin = `http://${host}:${port}`;
+
+global.createApi = apiPath => {
+  const api = axios.create({
+    baseURL: `${origin}${apiPath}`,
+  });
+
+  return api;
+};
diff --git a/package.json b/package.json
@@ -17,21 +17,29 @@
     "test:watch": "yarn run test --watch",
     "lint": "yarn run lint-eslint .",
     "lint:eslint": "eslint --ignore-path .gitignore",
-    "storybook": "start-storybook -p 6006"
+    "storybook": "start-storybook -p 6006",
+    "db:migrate": "sequelize db:migrate",
+    "db:seed": "sequelize db:seed:all",
+    "db:seed:undo": "sequelize db:seed:undo:all"
   },
   "repository": "https://github.com/arthur791004/FullStackEngineerChallenge",
   "author": "arthur <arthur791004@gmail.com>",
   "license": "MIT",
   "private": true,
   "dependencies": {
     "@hot-loader/react-dom": "~16.8.6",
+    "axios": "~0.19.0",
+    "bcrypt": "~3.0.6",
+    "body-parser": "~1.19.0",
     "dotenv": "~8.1.0",
     "express": "~4.17.1",
+    "express-session": "~1.16.2",
     "prop-types": "~15.7.2",
     "react": "~16.8.6",
     "react-dom": "~16.8.6",
     "react-hot-loader": "~4.12.10",
     "react-router-dom": "~5.0.1",
+    "sequelize": "~5.19.2",
     "styled-components": "~4.3.2",
     "webpack-hot-middleware": "~2.25.0"
   },
@@ -67,6 +75,8 @@
     "lint-staged": "~9.2.0",
     "prettier": "~1.18.2",
     "rimraf": "~2.6.3",
+    "sequelize-cli": "~5.5.1",
+    "sqlite3": "~4.1.0",
     "uglifyjs-webpack-plugin": "~2.1.3",
     "url-loader": "~2.0.1",
     "webpack": "~4.35.3",

diff --git a/server/api/__tests__/users.test.js b/server/api/__tests__/users.test.js
@@ -0,0 +1,219 @@
+const { ROLES } = require('../../constants/users');
+const db = require('../../db/models');
+
+const api = global.createApi('/api/v1/users');
+
+const generateUser = (name, role = ROLES.NORMAL) => ({
+  email: `${name}@test.com`,
+  password: name,
+  role,
+});
+
+const userIds = {
+  admin: null,
+  normal: null,
+};
+
+const cookies = {
+  admin: null,
+  normal: null,
+};
+
+const adminUser = generateUser('admin', ROLES.ADMIN);
+const normalUser = generateUser('normal', ROLES.ADMIN);
+
+const login = async user => {
+  const { email, password } = user;
+  const res = await api.post('/login', { email, password });
+
+  return res;
+};
+
+const createUser = async (user, cookie) => {
+  const headers = {};
+  if (cookie) {
+    headers.Cookie = cookie;
+  }
+
+  const res = await api.post('/', user, { headers });
+
+  return res;
+};
+
+const updateUser = async (userId, user, cookie) => {
+  const headers = {};
+  if (cookie) {
+    headers.Cookie = cookie;
+  }
+
+  const res = await api.patch(`/${userId}`, user, { headers });
+
+  return res;
+};
+
+const getCookieByUser = async user => {
+  const { headers } = await login(user);
+
+  return headers['set-cookie'].join(';');
+};
+
+/**
+ * Clean and create data for testing
+ */
+beforeAll(async () => {
+  await db.sequelize.sync();
+  await db.User.destroy({ truncate: true });
+
+  userIds.admin = (await db.User.create(adminUser)).get('id');
+  userIds.normal = (await db.User.create(normalUser)).get('id');
+
+  cookies.admin = await getCookieByUser(adminUser);
+  cookies.normal = await getCookieByUser(normalUser);
+});
+
+describe('login', () => {
+  it('should succeed with correct email and password', async () => {
+    const { status, data } = await login(adminUser);
+
+    expect(status).toBe(200);
+    expect(data.data).toMatchObject({
+      email: adminUser.email,
+      role: adminUser.role,
+    });
+  });
+
+  it('should fail with wrong password', async () => {
+    const { email } = adminUser;
+    const password = 'wrong password';
+
+    try {
+      await login({ email, password });
+    } catch ({ response: { status } }) {
+      expect(status).toBe(401);
+    }
+  });
+});
+
+describe('logout', () => {
+  it('should succeed', async () => {
+    const { status } = await api.post('/logout');
+
+    expect(status).toBe(200);
+  });
+});
+
+describe('get user list', () => {
+  it('should succeed', async () => {
+    const { status, data } = await api.get('/');
+    const emails = data.data.map(user => user.email);
+
+    expect(status).toBe(200);
+    expect(emails).toEqual([adminUser.email, normalUser.email]);
+  });
+});
+
+describe('create a new user', () => {
+  const user = generateUser('new');
+
+  it('should succeed with admin user', async () => {
+    const { status, data } = await createUser(user, cookies.admin);
+
+    expect(status).toBe(200);
+    expect(data.data).toMatchObject({
+      email: user.email,
+      role: user.role,
+    });
+  });
+
+  it('should fail with normal user', async () => {
+    try {
+      await createUser(user, cookies.normal);
+    } catch ({ response: { status } }) {
+      expect(status).toBe(403);
+    }
+  });
+
+  it('should fail without login', async () => {
+    try {
+      await createUser(user);
+    } catch ({ response: { status } }) {
+      expect(status).toBe(401);
+    }
+  });
+});
+
+describe('get user by id', () => {
+  it('should succeed', async () => {
+    const { status, data } = await api.get(`/${userIds.admin}`);
+
+    expect(status).toBe(200);
+    expect(data.data).toMatchObject({
+      email: adminUser.email,
+    });
+  });
+});
+
+describe('update a user by id', () => {
+  const user = generateUser('update');
+  const attrsToBeUpdated = {
+    role: ROLES.ADMIN,
+  };
+
+  let userId = null;
+
+  beforeAll(async () => {
+    userId = (await db.User.create(user)).get('id');
+  });
+
+  afterAll(async () => {
+    await db.User.destroy({ where: { id: userId } });
+  });
+
+  it('should succeed with admin user', async () => {
+    const { status, data } = await updateUser(
+      userId,
+      attrsToBeUpdated,
+      cookies.admin
+    );
+
+    expect(status).toBe(200);
+    expect(data.data).toMatchObject({
+      role: attrsToBeUpdated.role,
+    });
+  });
+
+  it('should fail with normal user', async () => {
+    try {
+      await updateUser(userId, attrsToBeUpdated, cookies.normal);
+    } catch ({ response: { status } }) {
+      expect(status).toBe(403);
+    }
+  });
+
+  it('should fail without login', async () => {
+    try {
+      await updateUser(userId, attrsToBeUpdated);
+    } catch ({ response: { status } }) {
+      expect(status).toBe(401);
+    }
+  });
+});
+
+describe('delete a user by id', () => {
+  const user = generateUser('delete');
+  let userId = null;
+
+  beforeAll(async () => {
+    userId = (await db.User.create(user)).get('id');
+  });
+
+  it('should succeed with admin user', async () => {
+    const { status } = await api.delete(`/${userId}`, {
+      headers: {
+        Cookie: cookies.admin,
+      },
+    });
+
+    expect(status).toBe(200);
+  });
+});
diff --git a/server/api/index.js b/server/api/index.js
@@ -0,0 +1,8 @@
+const { Router } = require('express');
+const v1 = require('./v1');
+
+const router = Router();
+
+router.use('/v1', v1);
+
+module.exports = router;