Version 2.0.2

Version 2.0.2

.github/workflows/ci.yml

@@ -5,6 +5,14 @@ on:
       - opened
       - edited
       - reopened
+      - closed
+      - synchronize
+      - converted_to_draft
+      - ready_for_review
+      - locked
+      - unlocked
+      - review_requested
+      - review_request
     branches: [ master ]
   workflow_dispatch:
 jobs:
@@ -20,3 +28,9 @@ jobs:
         run: npm i
       - run: npm run lint
       - run: npm run test
+      - run: npm run docker
+      - run: npm install -g forever
+      - run: PGHOST=localhost PGUSER=test_user PGDATABASE=test_db PGPASSWORD=test_password PGPORT=5432 forever start ./src/index.js
+      - run: docker ps -a
+      - run: npm run integration
+      - run: forever stopall

CHANGELOG.md

@@ -9,6 +9,19 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [2.0.1] - 2022-09-08
 
+### Added
+
+- Integration tests for Auth module.
+
+### Changed
+
+- Fix bug when Auth.login method crashed when no user found in database.
+- Fix bug when user could change password for every another user with Auth.changePassword method.
+- Set minimum username length to 2 and minimum password length to 8 in Auth module.
+- Split tests into Unit and Integration tests.
+
+## [2.0.1] - 2022-09-08
+
 ### Changed
 
 - Fix bug when SessionService.restoreSession method pass empty token to database.
@@ -68,7 +81,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Logger service.
 - Introspection module.
 
-[unreleased]: https://github.com/web-soft-llc/web-soft-server/compare/v2.0.1...master
+[unreleased]: https://github.com/web-soft-llc/web-soft-server/compare/v2.0.2...master
+[2.0.2]: https://github.com/web-soft-llc/web-soft-server/compare/v2.0.1...v2.0.2
 [2.0.1]: https://github.com/web-soft-llc/web-soft-server/compare/v2.0.0...v2.0.1
 [2.0.0]: https://github.com/web-soft-llc/web-soft-server/compare/v.1.0.2...v2.0.0
 [1.0.2]: https://github.com/web-soft-llc/web-soft-server/compare/v.1.0.1...v.1.0.2

lib/auth-module.js

@@ -11,10 +11,12 @@ module.exports = {
         properties: {
           username: {
             type: 'string',
+            minLength: 2,
             description: 'Имя пользователя.'
           },
           password: {
             description: 'Пароль.',
+            minLength: 8,
             type: 'string'
           }
         }
@@ -103,19 +105,16 @@ module.exports = {
       public: false,
       description: 'Смена пароля текущего пользователя.',
       params: {
-        required: ['username', 'oldPassword', 'newPassword'],
+        required: ['oldPassword', 'newPassword'],
         properties: {
-          username: {
-            description: 'Имя пользователя.',
-            type: 'string'
-          },
           oldPassword: {
             description: 'Старый пароль.',
             type: 'string'
           },
           newPassword: {
             description: 'Новый пароль.',
-            type: 'string'
+            type: 'string',
+            minLength: 8
           }
         }
       },

lib/auth.js

@@ -15,7 +15,7 @@ class Auth {
     const session = context.session;
     if (session.username !== username) {
       const user = await userService.getByUsername(username);
-      if (await security.validatePassword(password, user.password)) {
+      if (user.password && (await security.validatePassword(password, user.password))) {
         await context.startSession(user);
       } else {
         throw new ConnectionError(ERRORS.AUTHENTICATION_FAILED);
@@ -33,12 +33,12 @@ class Auth {
     return { username, role, createdTime };
   }
 
-  async changePassword({ username, oldPassword, newPassword }, context) {
+  async changePassword({ oldPassword, newPassword }, context) {
     const user = await context.user;
     if (await security.validatePassword(oldPassword, user.password)) {
       const newHashPassword = await security.hashPassword(newPassword);
-      await userService.updatePassword(username, newHashPassword);
-      return { username, role: user.role, createdTime: user.createdTime };
+      await userService.updatePassword(user.username, newHashPassword);
+      return { username: user.username, role: user.role, createdTime: user.createdTime };
     } else {
       throw new ConnectionError(ERRORS.AUTHENTICATION_FAILED);
     }

package.json

@@ -4,7 +4,7 @@
     "name": "DonVietnam",
     "email": "[email protected]"
   },
-  "version": "2.0.1",
+  "version": "2.0.2",
   "description": "Server for web-soft-projects.",
   "license": "MIT",
   "keywords": [
@@ -37,16 +37,19 @@
     "start": "node index.js",
     "dev": "nodemon --signal SIGTERM --exec \"node src/index.js\"",
     "dev-docker": "docker volume create pgdata && docker compose up -d && npm run dev",
+    "docker": "docker volume create pgdata && docker compose up -d",
     "certs": "bash ./certs.sh",
     "lint": "eslint --ignore-path .eslintignore .",
     "fix": "eslint --fix --ignore-path .eslintignore .",
-    "test": "jest test"
+    "test": "jest test/unit",
+    "integration": "cross-env PGHOST=localhost PGUSER=test_user PGDATABASE=test_db PGPASSWORD=test_password PGPORT=5432 HOST=localhost PORT=8000 jest test/integration"
   },
   "engines": {
     "node": ">=16"
   },
   "devDependencies": {
     "@types/node": "^16.11.7",
+    "cross-env": "^7.0.3",
     "eslint": "^7.8.1",
     "eslint-config-prettier": "^8.3.0",
     "jest": "^27.3.1",

src/index.js

@@ -1,13 +1,9 @@
-const fs = require('fs');
 const { Server, logger, AuthModule } = require('../index');
 const modules = require('./modules');
 
-const key = fs.readFileSync('./certs/localhost.key');
-const cert = fs.readFileSync('./certs/localhost.crt');
-
 const start = async () => {
   try {
-    const server = new Server({ host: '0.0.0.0', port: 443, cors: false, key, cert, secure: true });
+    const server = new Server({ host: '0.0.0.0', port: 8000, cors: false });
     server.start({ ...modules, auth: AuthModule });
   } catch (error) {
     logger.fatal(error);