In this assignment, you'll build an authentication system for your RESTful, database-driven, HTTP server.
- the tests assume you're using JWT to encode a token and using the cookie mechanism for the transfer of said token.
In the routes/token.js
module, add middleware to handle the following HTTP requests and send back the associated HTTP response. The information in both the request body and response body use the application/json
content type.
Request Method | Request URL | Request Body | Response Status | Response Body | Set-Cookie |
---|---|---|---|---|---|
GET |
/token |
N/A | 200 |
false |
N/A |
POST |
/token |
{ "email": "jkrowling@gmail.com", "password": "youreawizard" } |
200 |
{ id: 1, "email": "jkrowling@gmail.com", ... } |
token=eyJhbG... |
GET |
/token |
N/A | 200 |
true |
N/A |
DELETE |
/token |
N/A | 200 |
true |
token= |
NOTE: The second GET /token
request assumes a token was created by the previous POST /token
request. Also, don't send the user's password or hashed password in the response body.
Additionally, ensure the POST /token
middleware handles the following HTTP requests and sends back the associated HTTP response. The information in the request body uses the application/json
content type while the information in the response body uses the text/plain
content type.
Request Method | Request URL | Request Body | Response Status | Response Body |
---|---|---|---|---|
POST |
/token |
{ "email": "bad.email@gmail.com", "password": "youreawizard" } |
400 |
Bad email or password |
POST |
/token |
{ "email": "jkrowling@gmail.com", "password": "badpassword" } |
400 |
Bad email or password |
You can run the following test suite to verify the middleware works as expected.
NOTE The token is assumed to be stored in a cookie called token
.
npm test test/part4.routes.token.test.js
In the routes/token.js
module, update the middleware to handle the following HTTP requests and send back the associated HTTP response. The information in the request body uses the application/json
content type while the information in the response body uses the text/plain
content type.
Request Method | Request URL | Request Body | Response Status | Response Body |
---|---|---|---|---|
POST |
/token |
{ "email": "", ... } |
400 |
Email must not be blank |
POST |
/token |
{ "password": "", ... } |
400 |
Password must not be blank |
You can run the following test suite to verify the middleware works as expected.
npm test test/part4.routes.token.bonus.test.js
NOTE: Ensure the middleware handles the previous HTTP requests as before.
In the routes/users.js
module, update the middleware to handle the following HTTP requests and send back the associated HTTP response. The information in both the request body and response body use the application/json
content type.
Request Method | Request URL | Request Body | Response Status | Response Body | Set-Cookie |
---|---|---|---|---|---|
POST |
/users |
{ "firstName": "John", "lastName": "Siracusa", "email": "john.siracusa@gmail.com", "password": "ilikebigcats" } |
200 |
{ id: 2, "firstName": "John", "lastName": "Siracusa", ... } |
token=eyJhbG... |
You can run the following test suite to verify the middleware works as expected.
npm test test/part4.routes.users.bonus.test.js
NOTE: Ensure the middleware handles the previous HTTP requests as before.
Using your preferred ESLint rules, lint your project with the npm run lint .
command.
Once you're satisfied, find a classmate and see if that person would like some help.