Merge branch 'develop' into bug/162

Author: YiFeiZhang2

.gitignore

@@ -60,3 +60,6 @@ node_modules
 
 #creds
 gcp_creds.json
+
+#certbot 
+certbot/

.vscode/launch.json

@@ -163,6 +163,22 @@
                 "${workspaceFolder}/tests/email.service.spec.js"
             ],
             "internalConsoleOptions": "openOnSessionStart"
+        },
+        {
+            "type": "node",
+            "request": "launch",
+            "name": "Mocha Tests - Auth",
+            "program": "${workspaceFolder}/node_modules/mocha/bin/_mocha",
+            "args": [
+                "-u",
+                "tdd",
+                "--timeout",
+                "999999",
+                "--colors",
+                "${workspaceFolder}/tests/setup.spec.js",
+                "${workspaceFolder}/tests/auth.test.js"
+            ],
+            "internalConsoleOptions": "openOnSessionStart"
         }
     ]
 }

apidoc.json

@@ -4,6 +4,6 @@
     "defaultVersion": "0.0.8",
     "description": "Documentation for the API used for mchacks",
     "title": "hackerAPI documentation",
-    "url": "https://mchacks.ca/api",
-    "sampleUrl": "https://mchacks.ca/api"
+    "url": "https://api.mchacks.ca/api",
+    "sampleUrl": "https://api.mchacks.ca/api"
 }

app.js

@@ -31,7 +31,17 @@ const volunteerRouter = require("./routes/api/volunteer");
 
 const app = express();
 Services.db.connect(app);
-app.use(cors());
+
+let corsOptions = {};
+
+if (!Services.env.isProduction()) {
+    corsOptions = { origin: ["http://localhost:1337", "http://localhost:8989"], credentials: true };
+} else {
+    // TODO: change this when necessary
+    corsOptions = { origin: ["https://mchacks.ca/"], credentials: true };
+}
+
+app.use(cors(corsOptions));
 app.use(Services.log.requestLogger);
 app.use(Services.log.errorLogger);
 app.use(express.json());

assets/email/AccountInvitation.hbs

@@ -0,0 +1,4 @@
+<b>
+    Create Your Account:
+    <a href="{{link}}">here</a>
+</b>

constants/error.constant.js

@@ -11,7 +11,7 @@ const SPONSOR_ID_409_MESSAGE = "Conflict with sponsor accountId link";
 const VOLUNTEER_ID_409_MESSAGE = "Conflict with volunteer accountId link";
 const HACKER_ID_409_MESSAGE = "Conflict with hacker accountId link";
 const TEAM_MEMBER_409_MESSAGE = "Conflict with team member being in another team";
-const HACKER_CHECKIN_409_MESSAGE = "Cannot check-in non-confirmed hacker";
+const HACKER_STATUS_409_MESSAGE = "Conflict with hacker status";
 
 const TEAM_MEMBER_422_MESSAGE = "Duplicate team member in input";
 const VALIDATION_422_MESSAGE = "Validation failed";
@@ -60,5 +60,5 @@ module.exports = {
     GENERIC_500_MESSAGE: GENERIC_500_MESSAGE,
     ACCOUNT_DUPLICATE_422_MESSAGE: ACCOUNT_DUPLICATE_422_MESSAGE,
     LOGIN_500_MESSAGE: LOGIN_500_MESSAGE,
-    HACKER_CHECKIN_409_MESSAGE: HACKER_CHECKIN_409_MESSAGE,
+    HACKER_STATUS_409_MESSAGE: HACKER_STATUS_409_MESSAGE,
 };

constants/general.constant.js

@@ -73,11 +73,12 @@ EMAIL_SUBJECTS[HACKER_STATUS_CONFIRMED] = `Thanks for confirming your attendance
 EMAIL_SUBJECTS[HACKER_STATUS_CANCELLED] = "Sorry to see you go";
 EMAIL_SUBJECTS[HACKER_STATUS_CHECKED_IN] = `Welcome to ${HACKATHON_NAME}`;
 
-const CONFIRM_ACC_EMAIL_SUBJECTS = {};
-CONFIRM_ACC_EMAIL_SUBJECTS[HACKER] = `Please complete your hacker application for ${HACKATHON_NAME}`;
-CONFIRM_ACC_EMAIL_SUBJECTS[SPONSOR] = `You've been invited to create a sponsor account for ${HACKATHON_NAME}`;
-CONFIRM_ACC_EMAIL_SUBJECTS[VOLUNTEER] = `You've been invited to create a volunteer account for ${HACKATHON_NAME}`;
-CONFIRM_ACC_EMAIL_SUBJECTS[STAFF] = `You've been invited to create a staff account for ${HACKATHON_NAME}`;
+const CONFIRM_ACC_EMAIL_SUBJECT = `Please complete your hacker application for ${HACKATHON_NAME}`;
+const CREATE_ACC_EMAIL_SUBJECTS = {};
+CREATE_ACC_EMAIL_SUBJECTS[HACKER] = `You've been invited to create a hacker account for ${HACKATHON_NAME}`;
+CREATE_ACC_EMAIL_SUBJECTS[SPONSOR] = `You've been invited to create a sponsor account for ${HACKATHON_NAME}`;
+CREATE_ACC_EMAIL_SUBJECTS[VOLUNTEER] = `You've been invited to create a volunteer account for ${HACKATHON_NAME}`;
+CREATE_ACC_EMAIL_SUBJECTS[STAFF] = `You've been invited to create a staff account for ${HACKATHON_NAME}`;
 
 module.exports = {
     HACKATHON_NAME: HACKATHON_NAME,
@@ -99,7 +100,8 @@ module.exports = {
     EXTENDED_USER_TYPES: EXTENDED_USER_TYPES,
     URL_REGEX: URL_REGEX,
     EMAIL_SUBJECTS: EMAIL_SUBJECTS,
-    CONFIRM_ACC_EMAIL_SUBJECTS: CONFIRM_ACC_EMAIL_SUBJECTS,
+    CREATE_ACC_EMAIL_SUBJECTS: CREATE_ACC_EMAIL_SUBJECTS,
+    CONFIRM_ACC_EMAIL_SUBJECT: CONFIRM_ACC_EMAIL_SUBJECT,
     HACKER: HACKER,
     SPONSOR: SPONSOR,
     VOLUNTEER: VOLUNTEER,

constants/role.constant.js

@@ -4,7 +4,19 @@ const Constants = {
     Routes: require("./routes.constant"),
 };
 const mongoose = require("mongoose");
-const Role = require("../models/role.model");
+
+const accountRole = {
+    "_id": mongoose.Types.ObjectId(),
+    "name": "account",
+    "routes": [
+        Constants.Routes.authRoutes.login,
+        Constants.Routes.authRoutes.logout,
+        Constants.Routes.authRoutes.getSelfRoleBindindings,
+        Constants.Routes.accountRoutes.getSelf,
+        Constants.Routes.accountRoutes.getSelfById,
+        Constants.Routes.accountRoutes.patchSelfById
+    ]
+};
 
 const adminRole = {
     "_id": mongoose.Types.ObjectId(),
@@ -16,10 +28,6 @@ const hackerRole = {
     "_id": mongoose.Types.ObjectId(),
     "name": Constants.General.HACKER,
     "routes": [
-        Constants.Routes.authRoutes.login,
-        Constants.Routes.authRoutes.logout,
-        Constants.Routes.authRoutes.getSelfRoleBindindings,
-
         Constants.Routes.accountRoutes.getSelf,
         Constants.Routes.accountRoutes.getSelfById,
         Constants.Routes.accountRoutes.patchSelfById,
@@ -28,17 +36,14 @@ const hackerRole = {
         Constants.Routes.hackerRoutes.getSelfById,
         Constants.Routes.hackerRoutes.getSelfResumeById,
         Constants.Routes.hackerRoutes.patchSelfById,
+        Constants.Routes.hackerRoutes.patchSelfConfirmationById
     ]
 };
 
 const volunteerRole = {
     "_id": mongoose.Types.ObjectId(),
     "name": Constants.General.VOLUNTEER,
     "routes": [
-        Constants.Routes.authRoutes.login,
-        Constants.Routes.authRoutes.logout,
-        Constants.Routes.authRoutes.getSelfRoleBindindings,
-
         Constants.Routes.volunteerRoutes.post,
 
         Constants.Routes.hackerRoutes.patchAnyCheckInById,
@@ -50,10 +55,6 @@ const sponsorT1Role = {
     "_id": mongoose.Types.ObjectId(),
     "name": Constants.General.SPONSOR_T1,
     "routes": [
-        Constants.Routes.authRoutes.login,
-        Constants.Routes.authRoutes.logout,
-        Constants.Routes.authRoutes.getSelfRoleBindindings,
-
         Constants.Routes.sponsorRoutes.post,
         Constants.Routes.sponsorRoutes.getSelfById,
     ]
@@ -63,10 +64,6 @@ const sponsorT2Role = {
     "_id": mongoose.Types.ObjectId(),
     "name": Constants.General.SPONSOR_T2,
     "routes": [
-        Constants.Routes.authRoutes.login,
-        Constants.Routes.authRoutes.logout,
-        Constants.Routes.authRoutes.getSelfRoleBindindings,
-
         Constants.Routes.sponsorRoutes.post,
         Constants.Routes.sponsorRoutes.getSelfById,
     ]
@@ -76,10 +73,6 @@ const sponsorT3Role = {
     "_id": mongoose.Types.ObjectId(),
     "name": Constants.General.SPONSOR_T3,
     "routes": [
-        Constants.Routes.authRoutes.login,
-        Constants.Routes.authRoutes.logout,
-        Constants.Routes.authRoutes.getSelfRoleBindindings,
-
         Constants.Routes.sponsorRoutes.post,
         Constants.Routes.sponsorRoutes.getSelfById,
     ]
@@ -89,10 +82,6 @@ const sponsorT4Role = {
     "_id": mongoose.Types.ObjectId(),
     "name": Constants.General.SPONSOR_T4,
     "routes": [
-        Constants.Routes.authRoutes.login,
-        Constants.Routes.authRoutes.logout,
-        Constants.Routes.authRoutes.getSelfRoleBindindings,
-
         Constants.Routes.sponsorRoutes.post,
         Constants.Routes.sponsorRoutes.getSelfById,
     ]
@@ -102,10 +91,6 @@ const sponsorT5Role = {
     "_id": mongoose.Types.ObjectId(),
     "name": Constants.General.SPONSOR_T5,
     "routes": [
-        Constants.Routes.authRoutes.login,
-        Constants.Routes.authRoutes.logout,
-        Constants.Routes.authRoutes.getSelfRoleBindindings,
-
         Constants.Routes.sponsorRoutes.post,
         Constants.Routes.sponsorRoutes.getSelfById,
     ]
@@ -154,14 +139,15 @@ function createAllSingularRoles() {
  */
 function createAllRoles() {
     let allRolesObject = {
+        accountRole: accountRole,
         adminRole: adminRole,
         hackerRole: hackerRole,
         volunteerRole: volunteerRole,
         sponsorT1Role: sponsorT1Role,
         sponsorT2Role: sponsorT2Role,
         sponsorT3Role: sponsorT3Role,
         sponsorT4Role: sponsorT4Role,
-        sponsorT5Role: sponsorT5Role
+        sponsorT5Role: sponsorT5Role,
     };
 
     const singularRoles = createAllSingularRoles();
@@ -176,6 +162,7 @@ function createAllRoles() {
 }
 
 module.exports = {
+    accountRole: accountRole,
     adminRole: adminRole,
     hackerRole: hackerRole,
     volunteerRole: volunteerRole,

constants/routes.constant.js

@@ -49,13 +49,9 @@ const accountRoutes = {
         requestType: Constants.REQUEST_TYPES.PATCH,
         uri: "/api/account/" + Constants.ROLE_CATEGORIES.ALL,
     },
-    "patchSelfConfirmationById": {
-        requestType: Constants.REQUEST_TYPES.PATCH,
-        uri: "/api/account/confirmation/" + Constants.ROLE_CATEGORIES.SELF,
-    },
-    "patchAnyConfirmationById": {
-        requestType: Constants.REQUEST_TYPES.PATCH,
-        uri: "/api/account/confirmation/" + Constants.ROLE_CATEGORIES.ALL,
+    "inviteAccount": {
+        requestType: Constants.REQUEST_TYPES.POST,
+        uri: "/api/account/invite"
     }
 };
 
@@ -112,6 +108,10 @@ const hackerRoutes = {
         requestType: Constants.REQUEST_TYPES.PATCH,
         uri: "/api/hacker/checkin/" + Constants.ROLE_CATEGORIES.ALL,
     },
+    "patchSelfConfirmationById": {
+        requestType: Constants.REQUEST_TYPES.PATCH,
+        uri: "/api/hacker/confirmation/" + Constants.ROLE_CATEGORIES.SELF,
+    },
 };
 
 const sponsorRoutes = {

controllers/account.controller.js

@@ -67,11 +67,10 @@ async function getUserById(req, res) {
  * @description Adds a user from information in req.body.accountDetails
  */
 async function addUser(req, res) {
-    const accountDetails = req.body.accountDetails;
-    delete accountDetails.password;
+    const acc = req.body.account;
     return res.status(200).json({
         message: "Account creation successful",
-        data: accountDetails
+        data: acc.toStrippedJSON()
     });
 }
 
@@ -93,12 +92,20 @@ function updatedAccount(req, res) {
     });
 }
 
+function invitedAccount(req, res) {
+    return res.status(200).json({
+        message: "Successfully invited user",
+        data: {}
+    });
+}
+
+
 module.exports = {
     getUserByEmail: Util.asyncMiddleware(getUserByEmail),
     getUserById: Util.asyncMiddleware(getUserById),
 
     // assumes all information in req.body
     addUser: Util.asyncMiddleware(addUser),
-
     updatedAccount: updatedAccount,
+    invitedAccount: invitedAccount
 };