feat(auth): implement login and signup use case and add e2e tests

andrea-acampora · andrea-acampora · commit d029ed8be4ba · 2025-03-03T15:14:03.000+01:00
diff --git a/.env.test b/.env.test
@@ -1,4 +1,12 @@
+DATABASE_NAME=db-test-e2e
+DATABASE_HOST=127.0.0.1
+DATABASE_PORT=25432
+DATABASE_USER=postgres
+DATABASE_PASSWORD=postgres
+
 JWT_SECRET=nestjs-ddd-devops
 JWT_REFRESH_SECRET=nestjs-ddd-devops-refresh
 JWT_EXPIRES_IN=3600
 JWT_REFRESH_EXPIRES_IN=360000
+
+PORT=3000
diff --git a/.gitignore b/.gitignore
@@ -74,7 +74,6 @@ web_modules/
 
 # dotenv environment variable files
 .env
-.env.test
 .env.development.local
 .env.test.local
 .env.production.local
diff --git a/README.md b/README.md
@@ -53,7 +53,7 @@ In the following chapters you will find a description of the main choices, techn
     ```bash
      docker-compose up -d
      ```
-4. Provide a ```.env``` file with all required environment variables _(check out ```.env.dist``` example file)_
+4. Provide a ```.env``` and ```.env.test```  files with all required environment variables _(check out ```.env.dist``` example file)_
 5. Create and generate the database schema from your entities' metadata:
      ```bash
      npm run schema:update
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -7,7 +7,7 @@ services:
     ports:
       - "15432:5432/tcp"
     environment:
-      - POSTGRES_DB=db-test
+      - POSTGRES_DB=db-dev
       - POSTGRES_USER=postgres
       - POSTGRES_PASSWORD=postgres
     volumes:
@@ -17,6 +17,21 @@ services:
     networks:
       - postgres
 
+  postgresql-test-e2e:
+    container_name: postgresql-test-e2e
+    image: postgres:latest
+    restart: unless-stopped
+    ports:
+      - "25432:5432/tcp"
+    environment:
+      - POSTGRES_DB=db-test-e2e
+      - POSTGRES_USER=postgres
+      - POSTGRES_PASSWORD=postgres
+    stdin_open: true
+    tty: true
+    networks:
+      - postgres
+
 volumes:
   postgresql_volume:
 
diff --git a/src/libs/api/api-role.enum.ts b/src/libs/api/api-role.enum.ts
@@ -0,0 +1,4 @@
+export enum ApiRole {
+  ADMIN = 0,
+  USER = 1,
+}
diff --git a/src/modules/auth/api/controller/auth.controller.ts b/src/modules/auth/api/controller/auth.controller.ts
@@ -8,23 +8,26 @@ import {
 import { LoginBody } from '../presentation/body/login.body';
 import { SignupBody } from '../presentation/body/signup.body';
 import { PublicApi } from '../../../../libs/decorator/auth.decorator';
-import { CommandBus } from '@nestjs/cqrs';
 import { getOrThrowWith, Option } from 'effect/Option';
 import { JwtUser } from '../presentation/dto/jwt-user.dto';
 import { JwtAuthService } from '../../application/service/jwt-auth-service.interface';
-import { JWT_AUTHENTICATION, LOGIN_USE_CASE } from '../../auth.tokens';
+import {
+  JWT_AUTH_SERVICE,
+  LOGIN_USE_CASE,
+  SIGNUP_USE_CASE,
+} from '../../auth.tokens';
 import { UseCase } from '../../../../libs/ddd/use-case.interface';
 import { AuthUser } from '../presentation/dto/auth-user.dto';
-import { SignupCommand } from '../../application/command/signup.command';
 
 @Controller('auth')
 export class AuthController {
   constructor(
-    private readonly commandBus: CommandBus,
-    @Inject(JWT_AUTHENTICATION)
+    @Inject(JWT_AUTH_SERVICE)
     private readonly jwtAuth: JwtAuthService,
     @Inject(LOGIN_USE_CASE)
     private readonly loginUseCase: UseCase<LoginBody, Option<AuthUser>>,
+    @Inject(SIGNUP_USE_CASE)
+    private readonly signupUseCase: UseCase<SignupBody, Option<AuthUser>>,
   ) {}
 
   @PublicApi()
@@ -41,12 +44,10 @@ export class AuthController {
   @PublicApi()
   @Post('/signup')
   async signup(@Body() body: SignupBody) {
-    return await this.commandBus.execute(
-      new SignupCommand(
-        body.email,
-        body.password,
-        body.firstName,
-        body.lastName,
+    return this.jwtAuth.generateJwtUser(
+      getOrThrowWith(
+        await this.signupUseCase.execute(body),
+        () => new UnauthorizedException('Signup Error!'),
       ),
     );
   }
diff --git a/src/modules/auth/api/guard/auth.guard.ts b/src/modules/auth/api/guard/auth.guard.ts
@@ -1,11 +1,70 @@
-import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';
+import {
+  CanActivate,
+  ExecutionContext,
+  Inject,
+  Injectable,
+} from '@nestjs/common';
+import { FastifyRequest } from 'fastify';
+import { JwtService } from '../../infrastructure/jwt/jwt.service';
+import { Reflector } from '@nestjs/core';
+import { AUTH_ROLES_KEY, JWT_AUTH_SERVICE } from '../../auth.tokens';
+import { isNone, none, Option, some } from 'effect/Option';
+import { QueryBus } from '@nestjs/cqrs';
+import { CheckAuthUserByIdQuery } from '../../application/query/check-auth-user-by-id.query';
+import { IS_PUBLIC_API } from '../../../../libs/decorator/auth.decorator';
+import { ApiRole } from '../../../../libs/api/api-role.enum';
 
 @Injectable()
 export class AuthGuard implements CanActivate {
-  constructor() {}
+  private authenticationHeaders: string[] = ['Authorization', 'authorization'];
+
+  constructor(
+    private readonly reflector: Reflector,
+    @Inject(JWT_AUTH_SERVICE)
+    private readonly jwtService: JwtService,
+    private readonly queryBus: QueryBus,
+  ) {}
 
   async canActivate(context: ExecutionContext): Promise<boolean> {
-    console.log(context);
-    return true;
+    const apiRoles = this.reflector.getAllAndOverride<ApiRole[]>(
+      AUTH_ROLES_KEY,
+      [context.getHandler(), context.getClass()],
+    );
+    const isPublic = this.reflector.getAllAndOverride<boolean>(IS_PUBLIC_API, [
+      context.getHandler(),
+      context.getClass(),
+    ]);
+    if (isPublic && !apiRoles) return true;
+    const request = context.switchToHttp().getRequest<FastifyRequest>();
+    const token = this.extractToken(request);
+    if (isNone(token)) return false;
+    try {
+      const authUser = await this.jwtService.verifyToken(token.value);
+      if (isNone(authUser)) return false;
+      request['user'] = authUser.value;
+      const isActiveUser = await this.isActiveUser(authUser.value.id);
+      return isActiveUser && apiRoles.includes(authUser.value.role);
+    } catch {
+      return false;
+    }
+  }
+
+  private extractToken(request: FastifyRequest): Option<string> {
+    for (const header of this.authenticationHeaders) {
+      const tokenHeader = request.headers[header] as string;
+      if (tokenHeader) {
+        const splitted = tokenHeader.split(' ');
+        if (splitted[0] !== 'Bearer') {
+          return none();
+        } else {
+          return some(splitted[1]);
+        }
+      }
+    }
+    return none();
+  }
+
+  private async isActiveUser(userId: string): Promise<boolean> {
+    return await this.queryBus.execute(new CheckAuthUserByIdQuery(userId));
   }
 }
diff --git a/src/modules/auth/application/command/create-user.command.ts b/src/modules/auth/application/command/create-user.command.ts
@@ -1,6 +1,6 @@
 import { ICommand } from '@nestjs/cqrs';
 
-export class SignupCommand implements ICommand {
+export class CreateUserCommand implements ICommand {
   constructor(
     readonly email: string,
     readonly password: string,
diff --git a/src/modules/auth/application/query/check-auth-user-by-id.query.ts b/src/modules/auth/application/query/check-auth-user-by-id.query.ts
@@ -0,0 +1,3 @@
+export class CheckAuthUserByIdQuery {
+  constructor(readonly id: string) {}
+}
diff --git a/src/modules/auth/application/query/get-auth-user-by-email.query.ts b/src/modules/auth/application/query/get-auth-user-by-email.query.ts
@@ -1,3 +1,3 @@
-export class CheckAuthUserByEmailQuery {
+export class GetAuthUserByEmailQuery {
   constructor(readonly email: string) {}
 }
diff --git a/src/modules/auth/application/use-case/login.use-case.ts b/src/modules/auth/application/use-case/login.use-case.ts
@@ -7,19 +7,17 @@ import { Injectable, UnauthorizedException } from '@nestjs/common';
 import { UserState } from '../../../user/domain/value-object/user-state.enum';
 import { compare } from 'bcryptjs';
 import { AuthUser } from '../../api/presentation/dto/auth-user.dto';
-import { GetUserByEmailQuery } from '../query/get-user-by-email.query';
+import { GetAuthUserByEmailQuery } from '../query/get-auth-user-by-email.query';
 
 @Injectable()
 export class LoginUseCase implements UseCase<LoginBody, Option<AuthUser>> {
   constructor(private readonly queryBus: QueryBus) {}
 
   async execute(body: LoginBody): Promise<Option<AuthUser>> {
     const user: Option<User> = await this.queryBus.execute(
-      new GetUserByEmailQuery(body.email),
+      new GetAuthUserByEmailQuery(body.email),
     );
-    if (isNone(user)) return none();
-    if (user.value.state !== UserState.ACTIVE)
-      throw new UnauthorizedException('User Disabled!');
+    if (isNone(user) || user.value.state !== UserState.ACTIVE) return none();
     const match = await compare(body.password, user.value.password);
     if (!match) throw new UnauthorizedException('Invalid Credentials!');
     return fromNullable({
diff --git a/src/modules/auth/application/use-case/signup.use-case.ts b/src/modules/auth/application/use-case/signup.use-case.ts
@@ -0,0 +1,40 @@
+import { UseCase } from '../../../../libs/ddd/use-case.interface';
+import { isSome, map, Option } from 'effect/Option';
+import { CommandBus, QueryBus } from '@nestjs/cqrs';
+import { Injectable } from '@nestjs/common';
+import { AuthUser } from '../../api/presentation/dto/auth-user.dto';
+import { SignupBody } from '../../api/presentation/body/signup.body';
+import { CreateUserCommand } from '../command/create-user.command';
+import { GetAuthUserByEmailQuery } from '../query/get-auth-user-by-email.query';
+import { User } from '../../../user/domain/entity/user.entity';
+import { CustomConflictException } from '../../../../libs/exceptions/custom-conflict.exception';
+import { genSalt, hash } from 'bcryptjs';
+
+@Injectable()
+export class SignupUseCase implements UseCase<SignupBody, Option<AuthUser>> {
+  constructor(
+    private readonly queryBus: QueryBus,
+    private readonly commandBus: CommandBus,
+  ) {}
+
+  async execute(body: SignupBody): Promise<Option<AuthUser>> {
+    const found: Option<User> = await this.queryBus.execute(
+      new GetAuthUserByEmailQuery(body.email),
+    );
+    if (isSome(found)) throw new CustomConflictException(found.value.email);
+    const hashedPassword = await hash(body.password, await genSalt());
+    const createdUser: Option<User> = await this.commandBus.execute(
+      new CreateUserCommand(
+        body.email,
+        hashedPassword,
+        body.firstName,
+        body.lastName,
+      ),
+    );
+    return map(createdUser, (user: User) => ({
+      id: user.id,
+      email: user.email,
+      role: user.role,
+    }));
+  }
+}
diff --git a/src/modules/auth/auth.module.ts b/src/modules/auth/auth.module.ts
@@ -3,8 +3,13 @@ import { APP_GUARD } from '@nestjs/core';
 import { JwtService } from './infrastructure/jwt/jwt.service';
 import { AuthGuard } from './api/guard/auth.guard';
 import { AuthController } from './api/controller/auth.controller';
-import { JWT_AUTHENTICATION, LOGIN_USE_CASE } from './auth.tokens';
+import {
+  JWT_AUTH_SERVICE,
+  LOGIN_USE_CASE,
+  SIGNUP_USE_CASE,
+} from './auth.tokens';
 import { LoginUseCase } from './application/use-case/login.use-case';
+import { SignupUseCase } from './application/use-case/signup.use-case';
 
 @Module({
   imports: [],
@@ -15,13 +20,17 @@ import { LoginUseCase } from './application/use-case/login.use-case';
       useClass: AuthGuard,
     },
     {
-      provide: JWT_AUTHENTICATION,
+      provide: JWT_AUTH_SERVICE,
       useClass: JwtService,
     },
     {
       provide: LOGIN_USE_CASE,
       useClass: LoginUseCase,
     },
+    {
+      provide: SIGNUP_USE_CASE,
+      useClass: SignupUseCase,
+    },
   ],
   exports: [],
 })
diff --git a/src/modules/auth/auth.tokens.ts b/src/modules/auth/auth.tokens.ts
@@ -1,2 +1,7 @@
-export const JWT_AUTHENTICATION = 'JWT_AUTHENTICATION';
+/**
+ * Constants for NestJS Dependency Injection System.
+ */
+export const JWT_AUTH_SERVICE = 'JWT_AUTH_SERVICE';
 export const LOGIN_USE_CASE = 'LOGIN_USE_CASE';
+export const SIGNUP_USE_CASE = 'SIGNUP_USE_CASE';
+export const AUTH_ROLES_KEY = 'AUTH_ROLES_KEY';
diff --git a/src/modules/health/api/controller/health.controller.ts b/src/modules/health/api/controller/health.controller.ts
@@ -7,6 +7,7 @@ import {
   MemoryHealthIndicator,
   MikroOrmHealthIndicator,
 } from '@nestjs/terminus';
+import { PublicApi } from '../../../../libs/decorator/auth.decorator';
 
 @Controller({
   path: 'health',
@@ -20,6 +21,7 @@ export class HealthController {
     private memory: MemoryHealthIndicator,
   ) {}
 
+  @PublicApi()
   @Get()
   @HealthCheck()
   check() {
diff --git a/src/modules/health/health.module.ts b/src/modules/health/health.module.ts
@@ -1,6 +1,6 @@
 import { Module } from '@nestjs/common';
 import { TerminusModule } from '@nestjs/terminus';
-import { HealthController } from './controller/health.controller';
+import { HealthController } from './api/controller/health.controller';
 import { HttpModule } from '@nestjs/axios';
 
 @Module({
diff --git a/src/modules/user/application/handler/command/create-user.handler.ts b/src/modules/user/application/handler/command/create-user.handler.ts
@@ -0,0 +1,27 @@
+import { CommandHandler, ICommandHandler } from '@nestjs/cqrs';
+import { CreateUserCommand } from '../../../../auth/application/command/create-user.command';
+import { USER_REPOSITORY } from '../../../user.tokens';
+import { Inject } from '@nestjs/common';
+import { UserRepository } from '../../../domain/repository/user.repository.interface';
+import { Option } from 'effect/Option';
+import { User } from '../../../domain/entity/user.entity';
+import { UserRole } from '../../../domain/value-object/user-role.enum';
+import { UserState } from '../../../domain/value-object/user-state.enum';
+
+@CommandHandler(CreateUserCommand)
+export class CreateUserHandler implements ICommandHandler<CreateUserCommand> {
+  constructor(
+    @Inject(USER_REPOSITORY)
+    private readonly userRepository: UserRepository,
+  ) {}
+  async execute(command: CreateUserCommand): Promise<Option<User>> {
+    return await this.userRepository.createUser({
+      email: command.email,
+      password: command.password,
+      firstName: command.firstName,
+      lastName: command.lastName,
+      role: UserRole.USER,
+      state: UserState.ACTIVE,
+    });
+  }
+}
diff --git a/src/modules/user/application/handler/query/check-auth-user-by-id.handler.ts b/src/modules/user/application/handler/query/check-auth-user-by-id.handler.ts
@@ -0,0 +1,19 @@
+import { IQueryHandler, QueryHandler } from '@nestjs/cqrs';
+import { UserRepository } from '../../../domain/repository/user.repository.interface';
+import { Inject } from '@nestjs/common';
+import { USER_REPOSITORY } from '../../../user.tokens';
+import { CheckAuthUserByIdQuery } from '../../../../auth/application/query/check-auth-user-by-id.query';
+
+@QueryHandler(CheckAuthUserByIdQuery)
+export class CheckAuthUserByIdHandler
+  implements IQueryHandler<CheckAuthUserByIdQuery>
+{
+  constructor(
+    @Inject(USER_REPOSITORY)
+    private readonly userRepository: UserRepository,
+  ) {}
+
+  async execute(query: CheckAuthUserByIdQuery): Promise<boolean> {
+    return await this.userRepository.checkActiveUserById(query.id);
+  }
+}
diff --git a/src/modules/user/application/handler/query/get-auth-user-by-email.handler.ts b/src/modules/user/application/handler/query/get-auth-user-by-email.handler.ts
diff --git a/src/modules/user/application/query/get-user-by-email.query.ts b/src/modules/user/application/query/get-user-by-email.query.ts
diff --git a/src/modules/user/domain/data/create-user.data.ts b/src/modules/user/domain/data/create-user.data.ts
diff --git a/src/modules/user/domain/repository/user.repository.interface.ts b/src/modules/user/domain/repository/user.repository.interface.ts
diff --git a/src/modules/user/infrastructure/database/user.repository.ts b/src/modules/user/infrastructure/database/user.repository.ts
diff --git a/src/modules/user/user.module.ts b/src/modules/user/user.module.ts
diff --git a/src/modules/user/user.tokens.ts b/src/modules/user/user.tokens.ts
diff --git a/test/e2e/auth/auth.e2e-spec.ts b/test/e2e/auth/auth.e2e-spec.ts

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+export class CheckAuthUserByIdQuery {`
	`2`	`+ constructor(readonly id: string) {}`
	`3`	`+}`
Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,3 @@`
`1`		`-export class CheckAuthUserByEmailQuery {`
	`1`	`+export class GetAuthUserByEmailQuery {`
`2`	`2`	`constructor(readonly email: string) {}`
`3`	`3`	`}`