Server: Removed the need for session controller

packages/server/src/controllers/api/SessionController.ts

@@ -1,16 +0,0 @@
-import { Session } from '../../db';
-import { ErrorForbidden } from '../../utils/errors';
-import uuidgen from '../../utils/uuidgen';
-import BaseController from '../BaseController';
-
-export default class SessionController extends BaseController {
-
-	public async authenticate(email: string, password: string): Promise<Session> {
-		const userModel = this.models.user();
-		const user = await userModel.login(email, password);
-		if (!user) throw new ErrorForbidden('Invalid username or password');
-		const session: Session = { id: uuidgen(), user_id: user.id };
-		return this.models.session().save(session, { isNew: true });
-	}
-
-}

packages/server/src/controllers/factory.ts

@@ -1,6 +1,5 @@
 import { Models } from '../models/factory';
 // import OAuthController from './api/OAuthController';
-import SessionController from './api/SessionController';
 import IndexLoginController from './index/LoginController';
 import IndexHomeController from './index/HomeController';
 import IndexUserController from './index/UserController';
@@ -19,10 +18,6 @@ export class Controllers {
 	// 	return new OAuthController(this.models_);
 	// }
 
-	public apiSession() {
-		return new SessionController(this.models_);
-	}
-
 	public indexLogin() {
 		return new IndexLoginController(this.models_);
 	}

packages/server/src/models/SessionModel.ts

@@ -1,6 +1,7 @@
 import BaseModel from './BaseModel';
 import { User, Session } from '../db';
 import uuidgen from '../utils/uuidgen';
+import { ErrorForbidden } from '../utils/errors';
 
 export default class SessionModel extends BaseModel {
 
@@ -22,4 +23,10 @@ export default class SessionModel extends BaseModel {
 		}, { isNew: true });
 	}
 
+	public async authenticate(email: string, password: string): Promise<Session> {
+		const user = await this.models().user().login(email, password);
+		if (!user) throw new ErrorForbidden('Invalid username or password');
+		return this.createUserSession(user.id);
+	}
+
 }

packages/server/src/routes/index/login.test.ts

@@ -0,0 +1,74 @@
+import { Session } from '../../db';
+import routeHandler from '../../middleware/routeHandler';
+import { beforeAllDb, afterAllTests, beforeEachDb, koaAppContext, models, parseHtml, createUser } from '../../utils/testing/testUtils';
+import { AppContext } from '../../utils/types';
+
+async function doLogin(email: string, password: string): Promise<AppContext> {
+	const context = await koaAppContext({
+		request: {
+			method: 'POST',
+			url: '/login',
+			body: {
+				email: email,
+				password: password,
+			},
+		},
+	});
+
+	await routeHandler(context);
+	return context;
+}
+
+describe('index_login', function() {
+
+	beforeAll(async () => {
+		await beforeAllDb('index_login');
+	});
+
+	afterAll(async () => {
+		await afterAllTests();
+	});
+
+	beforeEach(async () => {
+		await beforeEachDb();
+	});
+
+	test('should show the login page', async function() {
+		const context = await koaAppContext({
+			request: {
+				method: 'GET',
+				url: '/login',
+			},
+		});
+
+		await routeHandler(context);
+
+		const doc = parseHtml(context.response.body);
+		expect(!!doc.querySelector('input[name=email]')).toBe(true);
+		expect(!!doc.querySelector('input[name=password]')).toBe(true);
+	});
+
+	test('should login', async function() {
+		const user = await createUser(1);
+
+		const context = await doLogin(user.email, '123456');
+		const sessionId = context.cookies.get('sessionId');
+		const session: Session = await models().session().load(sessionId);
+		expect(session.user_id).toBe(user.id);
+	});
+
+	test('should not login with invalid credentials', async function() {
+		const user = await createUser(1);
+
+		{
+			const context = await doLogin('bad', '123456');
+			expect(!context.cookies.get('sessionId')).toBe(true);
+		}
+
+		{
+			const context = await doLogin(user.email, 'bad');
+			expect(!context.cookies.get('sessionId')).toBe(true);
+		}
+	});
+
+});

packages/server/src/routes/index/login.ts

@@ -16,8 +16,8 @@ const route: Route = {
 		if (ctx.method === 'POST') {
 			try {
 				const body = await formParse(ctx.req);
-				const session = await ctx.controllers.apiSession().authenticate(body.fields.email, body.fields.password);
 
+				const session = await ctx.models.session().authenticate(body.fields.email, body.fields.password);
 				ctx.cookies.set('sessionId', session.id);
 				return redirect(ctx, `${baseUrl()}/home`);
 			} catch (error) {

packages/server/src/utils/testing/testUtils.ts

@@ -169,8 +169,6 @@ interface CreateUserAndSessionOptions {
 }
 
 export const createUserAndSession = async function(index: number = 1, isAdmin: boolean = false, options: CreateUserAndSessionOptions = null): Promise<UserAndSession> {
-	const sessionController = controllers().apiSession();
-
 	options = {
 		email: `user${index}@localhost`,
 		password: '123456',
@@ -178,7 +176,7 @@ export const createUserAndSession = async function(index: number = 1, isAdmin: b
 	};
 
 	const user = await models().user().save({ email: options.email, password: options.password, is_admin: isAdmin ? 1 : 0 }, { skipValidation: true });
-	const session = await sessionController.authenticate(options.email, options.password);
+	const session = await models().session().authenticate(options.email, options.password);
 
 	return {
 		user: user,