#42 authentication login

backend/.env

@@ -1,6 +1,7 @@
 REST_API_PORT=5000
 API_DOCS_ENDPOINT_URL=/rest-api-docs
 GOOGLE_CLIENT_ID=1052788207529-fjnskiqrsm09i9kbujp3gmtasnp21su7.apps.googleusercontent.com
+JWT_SECRET_KEY=MOVE_IT_TO_GITHUB_SECRETS
 
 MONGO_REPOSITORIES=DISABLED
 #MONGO_REPOSITORIES=ENABLED

backend/package.json

@@ -26,7 +26,7 @@
   },
   "dependencies": {
     "axios": "^0.21.1",
-    "bcrypt": "^5.0.0",
+    "bcrypt": "^5.0.1",
     "body-parser": "^1.19.0",
     "class-transformer": "^0.4.0",
     "class-validator": "^0.13.1",
@@ -63,6 +63,7 @@
     "@types/cors": "^2.8.10",
     "@types/express": "^4.17.11",
     "@types/jest": "^26.0.20",
+    "@types/jsonwebtoken": "^8.5.1",
     "@types/mongoose": "^5.10.3",
     "@types/node": "^14.14.22",
     "@types/nodemailer": "^6.4.0",

backend/src/modules/authentication/core/application/AuthenticationRepository.ts

@@ -3,5 +3,7 @@ import { UserAccount } from '../domain/UserAccount';
 export interface AuthenticationRepository {
   save(userAccount: UserAccount): Promise<void>;
 
-  findByEmail(email: string): Promise<UserAccount>;
+  findById(userId: string): Promise<UserAccount>;
+
+  findByEmail(email: string): Promise<UserAccount | undefined>;
 }

backend/src/modules/authentication/core/application/command/GenerateToken.ts

@@ -0,0 +1,9 @@
+export class GenerateToken {
+  readonly email: string;
+  readonly password: string;
+
+  constructor(email: string, password: string) {
+    this.email = email;
+    this.password = password;
+  }
+}

backend/src/modules/authentication/core/application/command/GenerateTokenCommandHandler.ts

@@ -0,0 +1,22 @@
+import { CommandHandler } from '../../../../../shared/core/application/command/CommandHandler';
+import { DomainEventPublisher } from '../../../../../shared/core/application/event/DomainEventBus';
+import { CurrentTimeProvider } from '../../../../../shared/core/CurrentTimeProvider';
+import { AuthenticationRepository } from '../AuthenticationRepository';
+import { CommandResult } from '../../../../../shared/core/application/command/CommandResult';
+import { GenerateToken } from './GenerateToken';
+import { authenticateUser } from '../../domain/UserAccount';
+
+export class GenerateTokenCommandHandler implements CommandHandler<GenerateToken> {
+  constructor(
+    private readonly eventPublisher: DomainEventPublisher,
+    private readonly currentTimeProvider: CurrentTimeProvider,
+    private readonly repository: AuthenticationRepository,
+  ) {}
+
+  async execute(command: GenerateToken): Promise<CommandResult> {
+    const userAccount = await this.repository.findByEmail(command.email);
+    const { state, events } = await authenticateUser(userAccount, command, this.currentTimeProvider());
+    this.eventPublisher.publishAll(events);
+    return CommandResult.success(state);
+  }
+}

backend/src/modules/authentication/core/application/command/SetPassword.ts

@@ -1,9 +1,9 @@
 export class SetPassword {
-  readonly email: string;
+  readonly userId: string;
   readonly password: string;
 
-  constructor(email: string, password: string) {
-    this.email = email;
+  constructor(userId: string, password: string) {
+    this.userId = userId;
     this.password = password;
   }
 }

backend/src/modules/authentication/core/application/command/SetPasswordCommandHandler.ts

@@ -5,6 +5,7 @@ import { CommandResult } from '../../../../../shared/core/application/command/Co
 import { SetPassword } from './SetPassword';
 import { AuthenticationRepository } from '../AuthenticationRepository';
 import { setPasswordForUserAccount } from '../../domain/UserAccount';
+import bcrypt from 'bcrypt';
 
 export class SetPasswordCommandHandler implements CommandHandler<SetPassword> {
   constructor(
@@ -14,8 +15,8 @@ export class SetPasswordCommandHandler implements CommandHandler<SetPassword> {
   ) {}
 
   async execute(command: SetPassword): Promise<CommandResult> {
-    const userAccount = await this.repository.findByEmail(command.email);
-    const { state, events } = setPasswordForUserAccount(userAccount, command, this.currentTimeProvider());
+    const userAccount = await this.repository.findById(command.userId);
+    const { state, events } = await setPasswordForUserAccount(userAccount, command, this.currentTimeProvider());
     await this.repository.save(state);
     this.eventPublisher.publishAll(events);
     return CommandResult.success();

backend/src/modules/authentication/core/domain/UserAccount.ts

@@ -1,29 +1,36 @@
 import { DomainCommandResult } from '../../../../shared/core/domain/DomainCommandResult';
 import { PasswordWasSet } from './event/PasswordWasSet';
+import jwt from 'jsonwebtoken';
+import bcrypt from 'bcrypt';
+import { TokenGenerated } from './event/TokenGenerated';
 
 export class UserAccount {
-  readonly email: string;
-  readonly password: string;
+  readonly userId: string;
+  readonly email: string | undefined;
+  readonly password: string | undefined;
 
-  constructor(props: { email: string; password: string }) {
+  constructor(props: { userId: string; email: string | undefined; password: string | undefined }) {
+    this.userId = props.userId;
     this.email = props.email;
     this.password = props.password;
   }
 }
 
-export function setPasswordForUserAccount(
+export async function setPasswordForUserAccount(
   state: UserAccount | undefined,
-  command: { email: string; password: string },
+  command: { userId: string; password: string },
   currentTime: Date,
-): DomainCommandResult<UserAccount> {
-  if (state) {
-    throw new Error('Account with this email address already exists.');
+): Promise<DomainCommandResult<UserAccount>> {
+  if (!state) {
+    throw new Error('Account with this id does not exists.');
   }
 
+  const hashedPassword = await bcrypt.hash(command.password, 12);
+
   const passwordWasSet = new PasswordWasSet({
     occurredAt: currentTime,
-    email: command.email,
-    password: command.password,
+    userId: command.userId,
+    password: hashedPassword,
   });
 
   const accountWithPasswordSet = onPasswordWasSet(state, passwordWasSet);
@@ -34,9 +41,37 @@ export function setPasswordForUserAccount(
   };
 }
 
-function onPasswordWasSet(state: UserAccount | undefined, event: PasswordWasSet): UserAccount {
+function onPasswordWasSet(state: UserAccount, event: PasswordWasSet): UserAccount {
   return new UserAccount({
-    email: event.email,
+    userId: event.userId,
+    email: state.email,
     password: event.password,
   });
 }
+
+export async function authenticateUser(
+  state: UserAccount | undefined,
+  command: { email: string; password: string },
+  currentTime: Date,
+): Promise<DomainCommandResult<string | undefined>> {
+  if (!state) {
+    throw new Error('Such email address does not exists.');
+  }
+
+  const isPasswordCorrect = await bcrypt.compare(command.password, state.password!);
+  if (!isPasswordCorrect) {
+    throw new Error('Wrong password.');
+  }
+
+  const token: string = jwt.sign({ email: command.email, userId: state.userId }, `${process.env.JWT_SECRET_KEY}`, { expiresIn: '1h' });
+
+  const userAuthenticated: TokenGenerated = new TokenGenerated({
+    occurredAt: currentTime,
+    email: command.email,
+  });
+
+  return {
+    state: token,
+    events: [userAuthenticated],
+  };
+}

backend/src/modules/authentication/core/domain/event/PasswordWasSet.ts

@@ -2,12 +2,12 @@ import { DomainEvent } from '../../../../../shared/domain/event/DomainEvent';
 
 export class PasswordWasSet implements DomainEvent {
   readonly occurredAt: Date;
-  readonly email: string;
+  readonly userId: string;
   readonly password: string;
 
-  constructor(props: { occurredAt: Date; email: string; password: string }) {
+  constructor(props: { occurredAt: Date; userId: string; password: string }) {
     this.occurredAt = props.occurredAt;
-    this.email = props.email;
+    this.userId = props.userId;
     this.password = props.password;
   }
 }

backend/src/modules/authentication/core/domain/event/TokenGenerated.ts

@@ -0,0 +1,11 @@
+import { DomainEvent } from '../../../../../shared/domain/event/DomainEvent';
+
+export class TokenGenerated implements DomainEvent {
+  readonly occurredAt: Date;
+  readonly email: string;
+
+  constructor(props: { occurredAt: Date; email: string }) {
+    this.occurredAt = props.occurredAt;
+    this.email = props.email;
+  }
+}

backend/src/modules/authentication/core/domain/event/TokenGenerationFailed.ts

@@ -0,0 +1,11 @@
+import { DomainEvent } from '../../../../../shared/domain/event/DomainEvent';
+
+export class TokenGenerationFailed implements DomainEvent {
+  readonly occurredAt: Date;
+  readonly email: string;
+
+  constructor(props: { occurredAt: Date; email: string }) {
+    this.occurredAt = props.occurredAt;
+    this.email = props.email;
+  }
+}

backend/src/modules/authentication/infrastructure/repository/inmemory/InMemoryAuthenticationRepository.ts

@@ -0,0 +1,18 @@
+import { AuthenticationRepository } from '../../../core/application/AuthenticationRepository';
+import { UserAccount } from '../../../core/domain/UserAccount';
+
+export class InMemoryAuthenticationRepository implements AuthenticationRepository {
+  private readonly entities: { [id: string]: UserAccount } = {};
+
+  findByEmail(email: string): Promise<UserAccount | undefined> {
+    return Promise.resolve(Object.values(this.entities).find((userAccount) => userAccount.email === email));
+  }
+
+  findById(userId: string): Promise<UserAccount> {
+    return Promise.resolve(this.entities[userId]);
+  }
+
+  async save(userAccount: UserAccount): Promise<void> {
+    this.entities[userAccount.userId] = userAccount;
+  }
+}

backend/src/modules/authentication/presentation/rest-api/AuthenticationRouter.ts

@@ -3,19 +3,32 @@ import express, { Request, Response } from 'express';
 import { StatusCodes } from 'http-status-codes';
 import { PostSetPasswordRequestBody } from './request/PostSetPasswordRequestBody';
 import { SetPassword } from '../../core/application/command/SetPassword';
+import { PostAuthenticateUserRequestBody } from './request/PostAuthenticateUserRequestBody';
+import { GenerateToken } from '../../core/application/command/GenerateToken';
 
 export function authenticationRouter(commandPublisher: CommandPublisher): express.Router {
   const postSetPassword = async (request: Request, response: Response) => {
     const requestBody: PostSetPasswordRequestBody = request.body;
-    const { email, password } = requestBody;
-    const commandResult = await commandPublisher.execute(new SetPassword(email, password));
+    const { userId, password } = requestBody;
+    const commandResult = await commandPublisher.execute(new SetPassword(userId, password));
     return commandResult.process(
       () => response.status(StatusCodes.OK).send(),
       (failureReason) => response.status(StatusCodes.BAD_REQUEST).json({ message: failureReason.message }),
     );
   };
 
+  const authenticateUser = async (request: Request, response: Response) => {
+    const requestBody: PostAuthenticateUserRequestBody = request.body;
+    const { email, password } = requestBody;
+    const commandResult = await commandPublisher.execute(new GenerateToken(email, password));
+    return commandResult.process(
+      (token: string) => response.status(StatusCodes.OK).json({ token: token }).send(),
+      (failureReason) => response.status(StatusCodes.BAD_REQUEST).json({ message: failureReason.message }),
+    );
+  };
+
   const router = express.Router();
   router.post('/passwords', postSetPassword);
+  router.post('/token', authenticateUser);
   return router;
 }

backend/src/modules/authentication/presentation/rest-api/request/PostAuthenticateUserRequestBody.ts

@@ -0,0 +1,4 @@
+export class PostAuthenticateUserRequestBody {
+  email: string;
+  password: string;
+}

backend/src/modules/authentication/presentation/rest-api/request/PostSetPasswordRequestBody.ts

@@ -1,4 +1,4 @@
 export class PostSetPasswordRequestBody {
-  email: string;
+  userId: string;
   password: string;
 }

backend/src/modules/user-accounts/core/application/UserAccountsRepository.ts

@@ -0,0 +1,7 @@
+import { UserAccount } from '../domain/UserAccount';
+
+export interface UserAccountsRepository {
+  save(userAccount: UserAccount): Promise<void>;
+
+  findByEmail(email: string): Promise<UserAccount>;
+}

backend/src/modules/user-accounts/core/domain/UserAccount.ts

@@ -0,0 +1,9 @@
+export class UserAccount {
+  readonly userId: string;
+  readonly email: string;
+
+  constructor(props: { userId: string; email: string }) {
+    this.userId = props.userId;
+    this.email = props.email;
+  }
+}

backend/test/modules/authentication/infrastructure/repository/AuthenticationRepositoryTestCases.ts

@@ -0,0 +1,78 @@
+import { AuthenticationRepository } from '../../../../../src/modules/authentication/core/application/AuthenticationRepository';
+import { DatabaseTestSupport } from '../../../../test-support/shared/infrastructure/DatabaseTestSupport';
+import { EntityIdGenerator } from '../../../../../src/shared/core/application/EntityIdGenerator';
+import { UuidEntityIdGenerator } from '../../../../../src/shared/infrastructure/core/application/UuidEntityIdGenerator';
+import { UserAccount } from '../../../../../src/modules/authentication/core/domain/UserAccount';
+
+export function AuthenticationRepositoryTestCases(props: {
+  name: string;
+  repositoryFactory: () => AuthenticationRepository;
+  databaseTestSupport: DatabaseTestSupport;
+}): void {
+  return describe(props.name, () => {
+    const entityIdGenerator: EntityIdGenerator = new UuidEntityIdGenerator();
+    let repository: AuthenticationRepository;
+
+    beforeAll(async () => {
+      await props.databaseTestSupport.openConnection();
+      repository = props.repositoryFactory();
+    });
+    afterEach(async () => await props.databaseTestSupport.clearDatabase());
+    afterAll(async () => await props.databaseTestSupport.closeConnection());
+
+    test('findById returns undefined when nothing was saved', async () => {
+      const testId = entityIdGenerator.generate();
+      expect(await repository.findById(testId)).toBeUndefined();
+    });
+
+    test('findByEmail returns undefined when nothing was saved', async () => {
+      const testEmail = 'testEmail';
+      expect(await repository.findByEmail(testEmail)).toBeUndefined();
+    });
+
+    test('findById returns userAccount when such id exists in database', async () => {
+      const testId = entityIdGenerator.generate();
+      const testEmail = 'testEmail';
+      const userAccount1 = new UserAccount({
+        userId: testId,
+        email: testEmail,
+        password: 'testPassword',
+      });
+      const userAccount2 = new UserAccount({
+        userId: 'id1',
+        email: 'email1',
+        password: undefined,
+      });
+
+      await repository.save(userAccount1);
+      await repository.save(userAccount2);
+
+      expect(await repository.findById(testId)).toStrictEqual(userAccount1);
+    });
+
+    test('findByEmail returns userAccount when such email exists in database', async () => {
+      const testId = entityIdGenerator.generate();
+      const testEmail = 'testEmail';
+      const userAccount1 = new UserAccount({
+        userId: testId,
+        email: testEmail,
+        password: 'testPassword',
+      });
+      const userAccount2 = new UserAccount({
+        userId: 'id1',
+        email: 'email1',
+        password: undefined,
+      });
+
+      //TODO here we already have 2 users accounts in database, so
+      // afterEach(async () => await props.databaseTestSupport.clearDatabase());
+      // doesn't work - need t obe implemented
+      await repository.save(userAccount1);
+      await repository.save(userAccount2);
+
+      expect(await repository.findByEmail(testEmail)).toStrictEqual(userAccount1);
+    });
+
+    //TODO add test for sav()
+  });
+}

backend/test/modules/authentication/infrastructure/repository/inmemory/InMemoryAuthenticationRepository.spec.ts

@@ -0,0 +1,11 @@
+import { InMemoryTestSupport } from '../../../../../test-support/shared/infrastructure/InMemoryTestSupport';
+import { InMemoryAuthenticationRepository } from '../../../../../../src/modules/authentication/infrastructure/repository/inmemory/InMemoryAuthenticationRepository';
+import { AuthenticationRepositoryTestCases } from '../AuthenticationRepositoryTestCases';
+
+describe('AuthenticationRepository', () => {
+  AuthenticationRepositoryTestCases({
+    name: 'In Memory Implementation',
+    repositoryFactory: () => new InMemoryAuthenticationRepository(),
+    databaseTestSupport: InMemoryTestSupport,
+  });
+});