merge in master, forgot to pull earlier

mattboutet · Mar 5, 2020 · a1924ef · a1924ef
2 parents 89ef09f + 85318ea
commit a1924ef
Show file tree

Hide file tree

Showing 17 changed files with 1,075 additions and 873 deletions.
diff --git a/README.md b/README.md
@@ -3,7 +3,7 @@
 A batteries included version of [hapi pal](https://github.com/hapipal/boilerplate/)
 
 **Features**
- - Supports hapi v18+
+ - Supports hapi v19+
  - Provides conventions for building plugins by mapping the entire hapi plugin API onto files and folders, using [haute-couture](https://github.com/hapipal/haute-couture/).
  - Integrated with [Objection ORM](https://github.com/Vincit/objection.js/) via [Schwifty](https://github.com/hapipal/schwifty/)
  - Configured to use PostgreSQL (NODE_ENV=development) (though can work with any SQL dialect supported by [knex](http://knexjs.org/))

diff --git a/lib/auth/strategies/api-user-jwt.js b/lib/auth/strategies/api-user-jwt.js
@@ -20,7 +20,7 @@ internals.validate = async function (decoded, request) {
 
     const { Tokens } = request.models();
 
-    const foundToken = await Tokens.query().findById(decoded.jti).eager('user');
+    const foundToken = await Tokens.query().findById(decoded.jti).withGraphFetched('user');
 
     if (foundToken) {
         return { isValid: true, user: foundToken.user };

diff --git a/lib/extensions/error.js b/lib/extensions/error.js
@@ -23,6 +23,7 @@ internals.mapError = (error) => {
 
     // Handle joi input validation error.
     // Info available due to default failAction in routes/helpers.
+    // $lab:coverage:off$
 
     if (error.output.payload.validation) {
 
@@ -52,6 +53,7 @@ internals.mapError = (error) => {
     if (error instanceof NotFoundError) {
         return Boom.notFound(`${error.modelName || 'Record'} Not Found`);
     }
+    // $lab:coverage:on$
 
     // Handle all other db errors with avocat
 
@@ -63,6 +65,7 @@ internals.formatError = (error) => {
     const { message } = error.output.payload;
     const payload = error.output.payload = { errors: {} };
 
+    // $lab:coverage:off$
     if (error.data && error.data.validation) {
         payload.errors = error.data.validation;
     }
@@ -72,6 +75,7 @@ internals.formatError = (error) => {
             [type]: [message]
         };
     }
+    // $lab:coverage:on$
 
     return error;
 };
diff --git a/lib/models/Tokens.js b/lib/models/Tokens.js
@@ -19,7 +19,7 @@ module.exports = class Tokens extends Model {
                 return Uuid({
                     rng: Uuid.nodeRNG
                 });
-            }, 'Uuid'),
+            }),
             createdAt: Joi.date().iso()
         });
     }

diff --git a/lib/models/Users.js b/lib/models/Users.js
@@ -20,7 +20,7 @@ module.exports = class Users extends Model {
             password: Joi.binary().allow(null),
             firstName: Joi.string(),
             lastName: Joi.string(),
-            role: Joi.string().valid(['admin', 'user']),
+            role: Joi.string().valid('admin', 'user'),
             resetToken: Joi.binary().allow(null),
             createdAt: Joi.date().iso(),
             updatedAt: Joi.date().iso()

diff --git a/lib/models/helpers/index.js b/lib/models/helpers/index.js
@@ -1,17 +1,15 @@
 'use strict';
 
-const Joi = require('@hapi/joi');
 const Schwifty = require('schwifty');
-const { DbErrors } = require('objection-db-errors');
 
-exports.Model = class extends DbErrors(Schwifty.Model) {
+exports.Model = class extends Schwifty.Model {
 
     static field(name) {
 
-        return Joi.reach(this.getJoiSchema(), name)
+        return this.getJoiSchema()
+            .extract(name)
             .optional()
-            .options({ noDefaults: true });
+            .prefs({ noDefaults: true });
     }
 
-    //todo conditionally fill in timestamps.
 };
diff --git a/lib/routes/helpers/index.js b/lib/routes/helpers/index.js
@@ -2,7 +2,7 @@
 
 const Toys = require('toys');
 
-exports.withDefaults = Toys.withRouteDefaults({//new Confidence.Store({
+exports.withDefaults = Toys.withRouteDefaults({ //new Confidence.Store({
     options: {
         cors: true,//TODO conditionalize on env.  Confidence?
         validate: {

diff --git a/lib/routes/users/change-password.js b/lib/routes/users/change-password.js
@@ -18,10 +18,10 @@ module.exports = (server, options) => {
                     authorization: Joi.string()
                         .description('JWT')
                 }).unknown(),
-                payload: {
+                payload: Joi.object({
                     password: Joi.string().required(),
                     newPassword: Joi.string().required()
-                }
+                })
             },
             auth: {
                 strategy: 'api-user-jwt'
@@ -33,7 +33,7 @@ module.exports = (server, options) => {
             const currentUserId = Helpers.currentUserId(request);
             const { password, newPassword } = request.payload;
 
-            if (password === newPassword){
+            if (password === newPassword) {
                 return Boom.badRequest('New password must be different from old password');
             }
 

diff --git a/lib/routes/users/login.js b/lib/routes/users/login.js
@@ -14,10 +14,10 @@ module.exports = (server, options) => {
             description: 'Log in',
             tags: ['api'],
             validate: {
-                payload: {
+                payload: Joi.object({
                     email: Users.field('email').required(),
                     password: Joi.string().required()
-                }
+                })
             },
             auth: false
         },

diff --git a/lib/routes/users/new-user.js b/lib/routes/users/new-user.js
@@ -13,13 +13,13 @@ module.exports = (server, options) => {
             description: 'Register new user',
             tags: ['api'],
             validate: {
-                payload: {
+                payload: Joi.object({
                     email: Joi.string().email().required(),
                     password: Joi.string().required(),
                     firstName: Joi.string().required(),
                     lastName: Joi.string().required(),
                     role: Joi.string().required()
-                }
+                })
             },
             auth: false
         },

diff --git a/lib/routes/users/request-reset.js b/lib/routes/users/request-reset.js
@@ -13,9 +13,9 @@ module.exports = (server, options) => {
             description: 'Request password reset for a user',
             tags: ['api'],
             validate: {
-                payload: {
+                payload: Joi.object({
                     email: Joi.string().email().required()
-                }
+                })
             },
             auth: false
         },

diff --git a/lib/routes/users/reset-password.js b/lib/routes/users/reset-password.js
@@ -13,11 +13,11 @@ module.exports = (server, options) => {
             description: 'Reset password for a user',
             tags: ['api'],
             validate: {
-                payload: {
+                payload: Joi.object({
                     email: Joi.string().email().required(),
                     resetToken: Joi.string().required(),
                     newPassword: Joi.string().required()
-                }
+                })
             },
             auth: false
         },

diff --git a/lib/routes/users/users.js b/lib/routes/users/users.js
@@ -21,9 +21,9 @@ module.exports = (server, options) => {
                         authorization: Joi.string()
                             .description('JWT')
                     }).unknown(),
-                    params: {
+                    params: Joi.object({
                         id: Joi.number().integer().required()
-                    }
+                    })
                 },
                 auth: {
                     strategy: 'api-user-jwt'
@@ -78,9 +78,9 @@ module.exports = (server, options) => {
                         authorization: Joi.string()
                             .description('JWT')
                     }).unknown(),
-                    params: {
+                    params: Joi.object({
                         id: Joi.number().integer().required()
-                    }
+                    })
                 },
                 auth: {
                     strategy: 'api-user-jwt',

diff --git a/lib/services/user.js b/lib/services/user.js
@@ -141,7 +141,7 @@ module.exports = class UserService extends Schmervice.Service {
         }
 
 
-        const resetUrl = this.options.siteUrl + '/password-reset/' + rawResetToken;
+        const resetUrl = this.options.siteUrl + '/password-reset?t=' + rawResetToken;
 
         await emailService.send('password-reset', patchedUser, { resetUrl });
         return null;