[backend] Implement JWT authentication (#34)

* [backend] Implement JWT authentication

* [backend] chore: Adding secret

* [backend] chore: Adding secret

* [backend] feat: User unit tests

* [frontend] feat: Login functionality

* [playwright] fix: Updating tests for login

* [actions] chore: Update action for env file

.github/workflows/backend-service-tests.yml

@@ -30,6 +30,9 @@ jobs:
       with:
         node-version: 18.x
 
+    - name: Create .env file
+      run: echo "JWT_SECRET=${{ secrets.JWT_SECRET }}" > .env
+
     - name: Start service in docker
       run: |
         npm run docker:up

.github/workflows/frontend-deploy.yml

@@ -12,4 +12,3 @@ jobs:
         with:
           service-id: ${{ secrets.MY_RENDER_SERVICE_ID_FE }}
           api-key: ${{ secrets.MY_RENDER_API_KEY }}
-          wait-for-success: true

.github/workflows/frontend-service-tests-deploy.yml

@@ -22,6 +22,11 @@ jobs:
       with:
         node-version: 18.x
 
+    - name: Create .env file
+      run: | 
+        cd ./backend
+        echo "JWT_SECRET=${{ secrets.JWT_SECRET }}" > .env
+
     - name: Start service in docker
       run: |
         cd ./backend

.github/workflows/frontend-service-tests.yml

@@ -20,6 +20,11 @@ jobs:
       with:
         node-version: 18.x
 
+    - name: Create .env file
+      run: | 
+        cd ./backend
+        echo "JWT_SECRET=${{ secrets.JWT_SECRET }}" > .env
+
     - name: Start service in docker
       run: |
         cd ./backend

.github/workflows/playwright-production-tests.yml

@@ -2,6 +2,8 @@ name: Playwright e2e Production Tests
 
 on:
   workflow_dispatch:
+  schedule:
+    - cron: '0 12 * * *'
 
 defaults:
   run:

backend/docker-compose.yml

@@ -7,6 +7,8 @@ services:
       POSTGRES_USER: test
       POSTGRES_PASSWORD: test
       POSTGRES_DB: test
+    env_file:
+      - .env
     ports:
       - "5432:5432"
   app:
@@ -16,4 +18,5 @@ services:
       - "5000:5000"
     environment:
       DATABASE_URL: "postgresql://test:test@postgres:5432/test"
+
     depends_on: [postgres]

backend/package.json

@@ -23,6 +23,7 @@
   "devDependencies": {
     "@types/cors": "2.8.17",
     "@types/express": "4.17.21",
+    "@types/jsonwebtoken": "^9.0.6",
     "@types/node": "20.10.6",
     "@types/supertest": "6.0.2",
     "@vitest/coverage-istanbul": "1.2.1",
@@ -41,6 +42,7 @@
     "@prisma/client": "5.7.1",
     "cors": "2.8.5",
     "dotenv": "16.3.2",
-    "express": "4.18.2"
+    "express": "4.18.2",
+    "jsonwebtoken": "^9.0.2"
   }
 }

backend/src/__mocks__/prisma.ts

@@ -2,11 +2,12 @@ import { PrismaClient } from '@prisma/client'
 import { beforeEach } from 'vitest'
 import { mockDeep, mockReset } from 'vitest-mock-extended'
 
-// 2
+
 beforeEach(() => {
   mockReset(prisma)
 })
 
+
 // 3
 const prisma = mockDeep<PrismaClient>()
 export default prisma

backend/src/authenticateToken.ts

@@ -0,0 +1,20 @@
+import jwt from "jsonwebtoken";
+
+function authenticateToken(req, res, next) {
+    const authHeader = req.headers["authorization"];
+    const token = authHeader && authHeader.split(" ")[1];
+
+    if (!token) {
+      return res.status(401).send({ error: "unauthorized" });
+    }
+
+    jwt.verify(token, process.env.JWT_SECRET, (err, user) => {
+      if (err) {
+        return res.status(403).send({ error: "forbidden" });
+      }
+      req.user = user;
+      next();
+    });
+  }
+
+  export default authenticateToken;