Skip to content
Jump to bottom

Migrate to pg promise + Basicauth #2

Merged
merged 4 commits into from Oct 4, 2020
+251 −405
Merged

Migrate to pg promise + Basicauth #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
c7b7544
code rewritten to pg-promise
prosovskyf Sep 30, 2020
c3b2720
fully migrated to pg-promise
prosovskyf Oct 1, 2020
deeeb3a
add basicAuth
prosovskyf Oct 4, 2020
4a0927e
only registered user can see article by ID(test)
prosovskyf Oct 4, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
6 auth/basic.js
View file
Open in desktop
@@ -0,0 +1,6 @@
const passport = require('koa-passport');
const basicAuth = require('../strategies/basicAuth');

passport.use(basicAuth);

module.exports = passport.authenticate(['basic'], {session:false});
2 db-cheatsheet
View file
Open in desktop
@@ -1,7 +1,7 @@
INSERT INTO users (username,password,passwordsalt,email) VALUES('usertest','testpass','testpasssalt','test@test.com');
INSERT INTO categories (name) VALUES('testCategory');

SELECT returns undefined or object
SELECT returns results.rows all rows as objects
INSERT returns array [0 = inserted data, 1 = affected rows]
Delete return object
UPDATE returns array [0 = inserted data, 1 = affected rows]
15 helpers/db-connection.js
View file
Open in desktop

This file was deleted.

15 helpers/db.js
View file
Open in desktop
@@ -0,0 +1,15 @@
require('dotenv').config();

const pgp = require('pg-promise')(/* initialization options */);

const cn = {
host: process.env.host,
port: 5432,
database: process.env.database,
user: process.env.user,
password: process.env.password
};
const db = pgp(cn); // database instance;


module.exports = db;
2 index.js
View file
Open in desktop
@@ -11,6 +11,8 @@ const likes = require('./routes/likes.js');





const app = new Koa();
const router = new Router();

86 models/articles.js
View file
Open in desktop
@@ -1,96 +1,78 @@
// DB connection specification + sequelize drive, do db.query to procees with query
const db = require('../helpers/db-connection.js')
const Sequelize = require('sequelize');
// pg DB connection from config file /helpers/db.js,, automatically converts to JSON on output with result.rows
const db = require('../helpers/db.js')

// query to list all LIKED articles for specific user
// SELECT * FROM articles INNER JOIN likes l on articles.id = l.article_id
// INNER JOIN users u on u.id = l.user_id WHERE u.id=28;

exports.getAll = async function getAll() {
let results = await db.query('SELECT *, views FROM articles, views WHERE views.id = articles.id \
ORDER BY "modifiedDate" DESC;', {
type: Sequelize.QueryTypes.SELECT,
raw: true,
returning: true,
logging: false
})
let sql = 'SELECT *, views FROM articles, views WHERE views.id = articles.id \
ORDER BY "modifiedDate" DESC;'
let results = await db.query(sql)
.then(results => {
return results
});
})
.catch(e => console.error(e.stack))
return results;
}

exports.getById = async function getById(id) {
let result = await db.query('SELECT * FROM articles INNER JOIN views ON views.id = articles.id \
WHERE articles.id=' + id + '; \
UPDATE views SET views = views + 1 WHERE id =' + id + ';', {
type: Sequelize.QueryTypes.SELECT,
raw: true,
logging: false,
returning: true
})
.then(result => {
let sql = 'SELECT * FROM articles INNER JOIN views ON views.id = articles.id \
WHERE articles.id='+id+';';
let result = await db.query(sql)
.then(async result => {
let sql='UPDATE views SET views = views + 1 WHERE id = '+id+';';
await db.query(sql)
return result
});
})
.catch(e => console.error(e.stack))
return result
}


exports.createArticle = async function createArticle(newArticle) {
let keys = Object.keys(newArticle)
let values = Object.values(newArticle)
keysQuoted = keys.map(q => `"${q}"`);
let keysQuoted = keys.map(q => `"${q}"`);
let valuesQuoted = values.map(q => `'${q}'`);
if ((keys != null) && (values != null)) {
let sql = `WITH articles AS (INSERT INTO articles (`+keysQuoted+`) VALUES(:values) RETURNING *), \
views AS (INSERT INTO views (id) SELECT id FROM articles RETURNING *) \
SELECT articles.*, views.views FROM articles, views WHERE views.id = articles.id;`;
let obj = await db.query(sql, {
raw: true,
replacements: { values: values },
returning: true,
logging: false,
type: Sequelize.QueryTypes.INSERT
})
let sql = `WITH articles AS (INSERT INTO articles(`+keysQuoted+`) VALUES(`+valuesQuoted+`) RETURNING *), \
views AS (INSERT INTO views(id) SELECT id FROM articles RETURNING *) \
SELECT articles.*, views.views FROM articles, views WHERE views.id = articles.id;`;
let obj = await db.query(sql)
.then(obj => {
return obj
});
})
.catch(e => console.error(e.stack))
return obj
}
}

exports.updateArticle = async function updateArticle(id, updatedArticle) {
let keys = Object.keys(updatedArticle)
let values = Object.values(updatedArticle)
keysQuoted = keys.map(q => `"${q}"`);
let keysQuoted = keys.map(q => `"${q}"`);
let valuesQuoted = values.map(q => `'${q}'`);
let i = 0;
for (i; i < keys.length; i++) {
let sql = `UPDATE articles SET `+keysQuoted[i]+`=:values WHERE id=`+ id +' RETURNING *;';
var obj = await db.query(sql, {
raw: true,
replacements: { values: values[i] },
returning: true,
logging: false,
type: Sequelize.QueryTypes.UPDATE
})
let sql = `UPDATE articles SET `+keysQuoted[i]+`=`+valuesQuoted[i]+` WHERE id=`+ id +' RETURNING *;';
var obj = await db.query(sql)
.then(obj => {
return obj;
});
return obj
})
.catch(e => console.error(e.stack))
}
return obj;
}

exports.deleteArticle = async function deleteArticle(id) {
let sql = 'DELETE FROM views WHERE id='+id+'; \
DELETE FROM articles WHERE id='+id+' RETURNING title;';
let obj = await db.query(sql, {
returning: true,
raw: true,
logging: false,
type: Sequelize.QueryTypes.DELETE
})
let obj = await db.query(sql)
.then(obj => {
return obj;
});
return obj
})
.catch(e => console.error(e.stack))
return obj;
}

50 models/comments.js
View file
Open in desktop
@@ -1,16 +1,10 @@
// DB connection specification + sequelize drive, do db.query to procees with query
const db = require('../helpers/db-connection.js')
const Sequelize = require('sequelize');
// pg DB connection from config file /helpers/db.js
const db = require('../helpers/db.js')


exports.getComments = async function getComments(articleId) {
let result = await db.query('SELECT comments.*, articles.id FROM comments,articles \
WHERE (comments.article_id=articles.id) AND (articles.id='+articleId+') ORDER BY comments."modifiedDate";', {
type: Sequelize.QueryTypes.SELECT,
raw: true,
logging: false,
returning: true
})
WHERE (comments.article_id=articles.id) AND (articles.id='+articleId+') ORDER BY comments."modifiedDate";')
.then(result => {
return result
});
@@ -21,16 +15,11 @@ exports.addComment = async function addComment(newComment, articleId, userId) {
let keys = Object.keys(newComment)
let values = Object.values(newComment)
keysQuoted = keys.map(q => `"${q}"`);
valuesQuoted = values.map(q => `'${q}'`);
if ((keys != null) && (values != null)) {
let sql = `INSERT INTO comments (`+keysQuoted+`, article_id, user_id) \
VALUES(:values, :article_id, :user_id) RETURNING *;`;
let obj = await db.query(sql, {
raw: true,
replacements: { values: values, article_id: articleId, user_id: userId },
returning: true,
logging: console.log,
type: Sequelize.QueryTypes.INSERT
})
VALUES(`+valuesQuoted+`, `+articleId+`, `+userId+`) RETURNING *;`;
let obj = await db.query(sql)
.then(obj => {
return obj
});
@@ -42,32 +31,22 @@ exports.updateComment = async function updateComment(commentId, userId, updatedC
let keys = Object.keys(updatedComment)
let values = Object.values(updatedComment)
keysQuoted = keys.map(q => `"${q}"`);
valuesQuoted = values.map(q => `'${q}'`);
let i = 0;
for (i; i < keys.length; i++) {
let sql = `UPDATE comments SET `+keysQuoted[i]+`=:values \
let sql = `UPDATE comments SET `+keysQuoted[i]+`=`+valuesQuoted[i]+` \
WHERE (id=`+ commentId +') AND (user_id='+userId+') RETURNING *;';
var obj = await db.query(sql, {
raw: true,
replacements: { values: values[i] },
returning: true,
logging: console.log,
type: Sequelize.QueryTypes.UPDATE
})
var obj = await db.query(sql)
.then(obj => {
return obj;
return obj
});
}
return obj;
}

exports.deleteComment = async function deleteComment(commentId,userId) {
let sql = 'DELETE FROM comments WHERE (id='+commentId+') AND (user_id='+userId+');';
let obj = await db.query(sql, {
returning: true,
raw: true,
logging: false,
type: Sequelize.QueryTypes.DELETE
})
let obj = await db.query(sql)
.then(obj => {
return obj;
});
@@ -77,12 +56,7 @@ exports.deleteComment = async function deleteComment(commentId,userId) {
exports.checkCommentOwner = async function checkCommentOwner(commentId,userId) {
let sql = 'SELECT id, user_id FROM comments \
WHERE (user_id='+userId+') AND (id='+commentId+');';
let obj = await db.query(sql, {
type: Sequelize.QueryTypes.SELECT,
raw: true,
logging: false,
returning: true
})
let obj = await db.query(sql)
.then(obj => {
return obj
});
33 models/likes.js
View file
Open in desktop
@@ -1,18 +1,12 @@
// DB connection specification + sequelize drive, do db.query to procees with query
const db = require('../helpers/db-connection.js')
const Sequelize = require('sequelize');
// pg DB connection from config file /helpers/db.js
const db = require('../helpers/db.js')

exports.addLike = async function addLike(articleId, userId) {
let sql = 'INSERT INTO likes (article_id, user_id) \
SELECT articles.id, users.id \
FROM (SELECT id FROM articles WHERE id='+articleId+') articles \
, (SELECT id FROM users WHERE id='+userId+') users;'
var obj = await db.query(sql, {
raw: true,
returning: true,
logging: console.log,
type: Sequelize.QueryTypes.INSERT
})
var obj = await db.query(sql)
.then(obj => {
return obj;
});
@@ -21,12 +15,7 @@ exports.addLike = async function addLike(articleId, userId) {

exports.checkLike = async function checkLike(articleId,userId) {
let sql = 'SELECT user_id,article_id FROM likes WHERE (article_id='+articleId+') AND user_id='+userId+';';
var obj = await db.query(sql, {
raw: true,
returning: true,
logging: console.log,
type: Sequelize.QueryTypes.SELECT
})
var obj = await db.query(sql)
.then(obj => {
return obj;
});
@@ -37,12 +26,7 @@ return obj;

exports.checkUser = async function checkUser(userId) {
let sql = 'SELECT id FROM users WHERE id='+userId+';';
var obj = await db.query(sql, {
raw: true,
returning: true,
logging: console.log,
type: Sequelize.QueryTypes.SELECT
})
var obj = await db.query(sql)
.then(obj => {
return obj;
});
@@ -51,12 +35,7 @@ return obj;

exports.removeLike = async function removeLike(articleId, userId) {
let sql = 'DELETE FROM likes WHERE article_id='+articleId+' AND user_id='+userId+' RETURNING true;'
var obj = await db.query(sql, {
raw: true,
returning: true,
logging: false,
type: Sequelize.QueryTypes.DELETE
})
var obj = await db.query(sql)
.then(obj => {
return obj;
});
20 models/login.js
View file
Open in desktop
@@ -1,16 +1,10 @@
const db = require('../helpers/db-connection.js');
const Sequelize = require('sequelize');
// pg DB connection from config file /helpers/db.js
const db = require('../helpers/db.js')
const bcrypt = require('bcrypt');


exports.getUsername = async function getUsername(login) {
let username = await db.query('SELECT username FROM users WHERE username = :login;', {
type: Sequelize.QueryTypes.SELECT,
replacements: {login: login},
raw: true,
returning: true,
logging: false
})
let username = await db.query('SELECT username FROM users WHERE username =$1;', login)
.then(username => {
return username
});
@@ -27,13 +21,7 @@ exports.compareSecret = async function compareSecret(secret, hash) { // updated


exports.getLoginData = async function getLoginData(login) {
let loginData = await db.query('SELECT username,password FROM users WHERE username = :login;', {
type: Sequelize.QueryTypes.SELECT,
replacements: {login: login},
raw: true,
returning: true,
logging: false
})
let loginData = await db.query('SELECT username,password FROM users WHERE username =$1;', login)
.then(loginData => {
return {
username: loginData[0].username,