Pear-Trading/Foodloop-Server
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge pull request #6 from Pear-Trading/TBSliver/Basic-CORS

Browse source 
Added Basic CORS for api endpoints, as well as other fixes
This commit is contained in:
Finn 2017-04-27 13:05:06 +01:00 committed by GitHub
parent f3ec371388 56fc868786
commit 233d5d3371
13 changed files with 164 additions and 74 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
cpanfile
View file

@ -16,3 +16,4 @@ requires 'SQL::Translator';
requires 'DateTime';
requires 'DateTime::Format::Strptime', "1.73";
requires 'DateTime::Format::SQLite';
requires 'Try::Tiny';

16
lib/Pear/LocalLoop.pm
View file

@ -110,11 +110,23 @@ sub startup {
# $r->post('/register')->to('register#register');
$r->any('/admin/logout')->to('admin#auth_logout');
my $api_public_get = $r->under('/api');
my $api_public_get = $r->under('/api' => sub {
my $c = shift;
$c->res->headers->header('Access-Control-Allow-Origin'=> '*');
$c->res->headers->header('Access-Control-Allow-Credentials' => 'true');
$c->res->headers->header('Access-Control-Allow-Methods' => 'GET, OPTIONS, POST, DELETE, PUT');
$c->res->headers->header('Access-Control-Allow-Headers' => 'Content-Type, X-CSRF-Token');
$c->res->headers->header('Access-Control-Max-Age' => '1728000');
});
$api_public_get->options('*' => sub {
my $c = shift;
$c->respond_to(any => { data => '', status => 200 });
});
$api_public_get->get('/info/ages')->to('api-info#get_ages');
# Always available api routes
my $api_public = $r->under('/api')->to('api-auth#check_json');
my $api_public = $api_public_get->under('/')->to('api-auth#check_json');
$api_public->post('/login')->to('api-auth#post_login');
$api_public->post('/register')->to('api-register#post_register');

13
lib/Pear/LocalLoop/Controller/Api/Register.pm
View file

@ -11,6 +11,12 @@ has error_messages => sub {
name => {
required => { message => 'No name sent or was blank.', status => 400 },
},
display_name => {
required => { message => 'No name sent or was blank.', status => 400 },
},
full_name => {
required => { message => 'No name sent or was blank.', status => 400 },
},
email => {
required => { message => 'No email sent.', status => 400 },
email => { message => 'Email is invalid.', status => 400 },
@ -54,16 +60,18 @@ sub post_register{
$validation->required('email')->email->not_in_resultset('email', $user_rs);
$validation->required('password');
$validation->required('name');
$validation->required('postcode')->postcode;
$validation->required('usertype')->in('customer', 'organisation');
my $usertype = $validation->param('usertype') || '';
if ( $usertype eq 'customer' ) {
$validation->required('display_name');
$validation->required('full_name');
my $age_rs = $c->schema->resultset('AgeRange');
$validation->required('age_range')->number->in_resultset('id', $age_rs);
} elsif ( $usertype eq 'organisation' ) {
$validation->required('name');
$validation->required('street_name');
$validation->required('town');
}
@ -79,7 +87,8 @@ sub post_register{
})->update({ used => 1 });
$c->schema->resultset('User')->create({
customer => {
name => $validation->param('name'),
full_name => $validation->param('full_name'),
display_name => $validation->param('display_name'),
age_range_id => $validation->param('age_range'),
postcode => $validation->param('postcode'),
},

10
lib/Pear/LocalLoop/Plugin/Validators.pm
View file

@ -6,6 +6,7 @@ use Geo::UK::Postcode;
use Scalar::Util qw/ looks_like_number /;
use File::Basename qw/ fileparse /;
use DateTime::Format::Strptime;
use Try::Tiny;
sub register {
my ( $plugin, $app, $conf ) = @_;
@ -27,7 +28,14 @@ sub register {
$app->validator->add_check( postcode => sub {
my ( $validation, $name, $value ) = @_;
return Geo::UK::Postcode->new( $value )->valid ? undef : 1;
my $postcode;
try {
$postcode = Geo::UK::Postcode->new( $value );
};
return 1 unless defined( $postcode );
return 1 if $postcode->partial;
return undef if $postcode->valid;
return 1;
});
$app->validator->add_check( number => sub {

7
lib/Pear/LocalLoop/Schema/Result/Customer.pm
View file

@ -13,7 +13,12 @@ __PACKAGE__->add_columns(
is_auto_increment => 1,
is_nullable => 0,
},
"name" => {
"display_name" => {
data_type => "varchar",
size => 255,
is_nullable => 0,
},
"full_name" => {
data_type => "varchar",
size => 255,
is_nullable => 0,

6
t/admin-approve.t
View file

@ -25,7 +25,8 @@ my $passwordReno = 'turks';
my $testJson = {
'usertype' => 'customer',
'token' => shift(@account_tokens),
'name' => 'Reno',
'full_name' => 'Reno',
'display_name' => 'Reno',
'email' => $emailReno,
'postcode' => 'SA4 3FA',
'password' => $passwordReno,
@ -58,7 +59,8 @@ my $passwordAdmin = 'ethics';
$testJson = {
'usertype' => 'customer',
'token' => shift(@account_tokens),
'name' => 'admin',
'display_name' => 'admin',
'full_name' => 'admin',
'email' => $emailAdmin,
'postcode' => 'HD5 9XU',
'password' => $passwordAdmin,

6
t/admin-merge.t
View file

@ -25,7 +25,8 @@ my $passwordReno = 'turks';
my $testJson = {
'usertype' => 'customer',
'token' => shift(@account_tokens),
'name' => 'Reno',
'full_name' => 'Reno',
'display_name' => 'Reno',
'email' => $emailReno,
'postcode' => 'SA4 3FA',
'password' => $passwordReno,
@ -59,7 +60,8 @@ my $passwordAdmin = 'ethics';
$testJson = {
'usertype' => 'customer',
'token' => shift(@account_tokens),
'name' => 'admin',
'display_name' => 'admin',
'full_name' => 'admin',
'email' => $emailAdmin,
'postcode' => 'HD5 9XU',
'password' => $passwordAdmin,

3
t/api/login.t
View file

@ -19,7 +19,8 @@ $schema->resultset('AccountToken')->create({
my $test_json = {
'usertype' => 'customer',
'token' => $account_token,
'name' => 'RufusShinra',
'display_name' => 'RufusShinra',
'full_name' => 'RufusShinra',
'email' => $email,
'postcode' => 'LA1 1AA',
'password' => $password,

3
t/api/user.t
View file

@ -19,7 +19,8 @@ $schema->resultset('AccountToken')->create({
$framework->register_customer({
'token' => $account_token,
'name' => 'Test User',
'full_name' => 'Test User',
'display_name' => 'Test User',
'email' => $email,
'postcode' => 'LA1 1AA',
'password' => $password,

8
t/plugins/validators.t
View file

@ -14,20 +14,26 @@ my $valid_email = 'test@example.com';
my $invalid_email = 'test.example.com';
my $valid_postcode = 'WC1H 9EB';
my $invalid_postcode = 'AB1 2CD';
my $not_a_postcode = 'a';
my $not_a_whole_postcode = 'LA1';
$validation->input({
valid_email => $valid_email,
invalid_email => $invalid_email,
valid_postcode => $valid_postcode,
invalid_postcode => $invalid_postcode,
not_a_postcode => $not_a_postcode,
not_a_whole_postcode => $not_a_whole_postcode,
});
$validation->required('valid_email')->email;
$validation->required('invalid_email')->email;
$validation->required('valid_postcode')->postcode;
$validation->required('invalid_postcode')->postcode;
$validation->required('not_a_postcode')->postcode;
$validation->required('not_a_whole_postcode')->postcode;
ok $validation->has_error, 'Have Errors';
is_deeply $validation->failed, [ 'invalid_email', 'invalid_postcode' ], 'Correct Errors';
is_deeply $validation->failed, [ qw/ invalid_email invalid_postcode not_a_postcode not_a_whole_postcode / ], 'Correct Errors';
done_testing;

156
t/register.t
View file

@ -10,8 +10,6 @@ my $schema = $t->app->schema;
my $dump_error = sub { diag $t->tx->res->dom->at('pre[id="error"]')->text };
#Variables to be used for uniqueness when testing.
my @names = ('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z');
my @emails = ('a@a.com', 'b@a.com', 'c@a.com', 'd@a.com', 'e@a.com', 'f@a.com', 'g@a.com', 'h@a.com', 'i@a.com', 'j@a.com', 'k@a.com', 'l@a.com', 'm@a.com', 'n@a.com', 'o@a.com', 'p@a.com', 'q@a.com', 'r@a.com', 's@a.com', 't@a.com', 'u@a.com', 'v@a.com', 'w@a.com', 'x@a.com', 'y@a.com', 'z@a.com');
my @tokens = ('a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z');
$schema->resultset('AccountToken')->populate([
@ -33,8 +31,9 @@ $t->post_ok('/api/register' => json => $testJson)
#token missing JSON
$testJson = {
'usertype' => 'customer',
'name' => shift(@names),
'email' => shift(@emails),
'full_name' => 'test name',
'display_name' => 'test name',
'email' => 'a@b.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
'age_range' => 3
@ -44,13 +43,13 @@ $t->post_ok('/api/register' => json => $testJson)
->json_is('/success', Mojo::JSON->false)
->content_like(qr/no token sent/i);
#Not valid token.
$testJson = {
'usertype' => 'customer',
'token' => ' ',
'name' => shift(@names),
'email' => shift(@emails),
'token' => 'testing',
'display_name' => 'test name',
'full_name' => 'test name',
'email' => 'a@b.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
'age_range' => 3
@ -64,8 +63,23 @@ $t->post_ok('/api/register' => json => $testJson)
#name missing JSON
$testJson = {
'usertype' => 'customer',
'token' => shift(@tokens),
'email' => shift(@emails),
'token' => 'a',
'full_name' => 'test name',
'email' => 'a@b.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
'age_range' => 3
};
$t->post_ok('/api/register' => json => $testJson)
->status_is(400)
->json_is('/success', Mojo::JSON->false)
->content_like(qr/no name sent/i);
#name missing JSON
$testJson = {
'usertype' => 'customer',
'token' => 'a',
'display_name' => 'test name',
'email' => 'a@b.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
'age_range' => 3
@ -75,13 +89,29 @@ $t->post_ok('/api/register' => json => $testJson)
->json_is('/success', Mojo::JSON->false)
->content_like(qr/no name sent/i);
#Blank name
$testJson = {
'usertype' => 'customer',
'token' => shift(@tokens),
'name' => '',
'email' => shift(@emails),
'token' => 'a',
'display_name' => 'test name',
'full_name' => '',
'email' => 'a@b.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
'age_range' => 3
};
$t->post_ok('/api/register' => json => $testJson)
->status_is(400)
->json_is('/success', Mojo::JSON->false)
->content_like(qr/blank/i)
->content_like(qr/name/i);
#Blank name
$testJson = {
'usertype' => 'customer',
'token' => 'a',
'display_name' => '',
'full_name' => 'test name',
'email' => 'a@b.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
'age_range' => 3
@ -92,15 +122,14 @@ $t->post_ok('/api/register' => json => $testJson)
->content_like(qr/blank/i)
->content_like(qr/name/i);
my $nameToReuse = shift(@names);
my $emailToReuse = shift(@emails);
#Valid customer
$testJson = {
'usertype' => 'customer',
'token' => shift(@tokens),
'name' => $nameToReuse,
'email' => $emailToReuse,
'token' => 'a',
'full_name' => 'test name',
'display_name' => 'test name',
'email' => 'a@b.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
'age_range' => 3
@ -112,9 +141,10 @@ $t->post_ok('/api/register' => json => $testJson)
#Valid customer2
$testJson = {
'usertype' => 'customer',
'token' => shift(@tokens),
'name' => shift(@names),
'email' => shift(@emails),
'token' => 'b',
'full_name' => 'test name',
'display_name' => 'test name',
'email' => 'b@c.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
'age_range' => 2
@ -126,9 +156,10 @@ $t->post_ok('/api/register' => json => $testJson)
#Valid customer3
$testJson = {
'usertype' => 'customer',
'token' => shift(@tokens),
'name' => shift(@names),
'email' => shift(@emails),
'token' => 'c',
'full_name' => 'test name',
'display_name' => 'test name',
'email' => 'c@d.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
'age_range' => 1
@ -140,8 +171,9 @@ $t->post_ok('/api/register' => json => $testJson)
#email missing JSON
$testJson = {
'usertype' => 'customer',
'token' => shift(@tokens),
'name' => shift(@names),
'token' => 'd',
'full_name' => 'test name',
'display_name' => 'test name',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
'age_range' => 3
@ -154,8 +186,9 @@ $t->post_ok('/api/register' => json => $testJson)
#invalid email 1
$testJson = {
'usertype' => 'customer',
'token' => shift(@tokens),
'name' => shift(@names),
'token' => 'd',
'full_name' => 'test name',
'display_name' => 'test name',
'email' => 'dfsd@.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
@ -170,8 +203,9 @@ $t->post_ok('/api/register' => json => $testJson)
#invalid email 2
$testJson = {
'usertype' => 'customer',
'token' => shift(@tokens),
'name' => shift(@names),
'token' => 'd',
'full_name' => 'test name',
'display_name' => 'test name',
'email' => 'dfsd@com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
@ -186,9 +220,10 @@ $t->post_ok('/api/register' => json => $testJson)
#Email exists
$testJson = {
'usertype' => 'customer',
'token' => shift(@tokens),
'name' => shift(@names),
'email' => $emailToReuse,
'token' => 'd',
'full_name' => 'test name',
'display_name' => 'test name',
'email' => 'a@b.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
'age_range' => 2
@ -202,9 +237,10 @@ $t->post_ok('/api/register' => json => $testJson)
#postcode missing JSON
$testJson = {
'usertype' => 'customer',
'token' => shift(@tokens),
'name' => shift(@names),
'email' => shift(@emails),
'token' => 'd',
'full_name' => 'test name',
'display_name' => 'test name',
'email' => 'd@e.com',
'password' => 'Meh',
'age_range' => 3
};
@ -218,9 +254,10 @@ $t->post_ok('/api/register' => json => $testJson)
#password missing JSON
$testJson = {
'usertype' => 'customer',
'token' => shift(@tokens),
'name' => shift(@names),
'email' => shift(@emails),
'token' => 'd',
'full_name' => 'test name',
'display_name' => 'test name',
'email' => 'd@e.com',
'postcode' => 'LA1 1AA',
'age_range' => 3
};
@ -233,9 +270,10 @@ $t->post_ok('/api/register' => json => $testJson)
#usertype missing JSON
$testJson = {
'token' => shift(@tokens),
'name' => shift(@names),
'email' => shift(@emails),
'token' => 'f',
'full_name' => 'test name',
'display_name' => 'test name',
'email' => 'd@e.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
'age_range' => 3
@ -248,9 +286,9 @@ $t->post_ok('/api/register' => json => $testJson)
#Invalid user type
$testJson = {
'usertype' => 'organisation1',
'token' => shift(@tokens),
'name' => shift(@names),
'email' => shift(@emails),
'token' => 'f',
'name' => 'test name',
'email' => 'org@org.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
'fulladdress' => 'mary lane testing....'
@ -265,9 +303,10 @@ $t->post_ok('/api/register' => json => $testJson)
#age_range missing JSON
$testJson = {
'usertype' => 'customer',
'token' => shift(@tokens),
'name' => shift(@names),
'email' => shift(@emails),
'token' => 'f',
'display_name' => 'test name',
'full_name' => 'test name',
'email' => 'broke@example.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
};
@ -279,9 +318,10 @@ $t->post_ok('/api/register' => json => $testJson)
#Age is invalid
$testJson = {
'usertype' => 'customer',
'token' => shift(@tokens),
'name' => shift(@names),
'email' => shift(@emails),
'token' => 'f',
'full_name' => 'test name',
'display_name' => 'test name',
'email' => 'test@example.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
'age_range' => 'invalid'
@ -295,9 +335,9 @@ $t->post_ok('/api/register' => json => $testJson)
#full address missing JSON
$testJson = {
'usertype' => 'organisation',
'token' => shift(@tokens),
'name' => shift(@names),
'email' => shift(@emails),
'token' => 'f',
'name' => 'test org',
'email' => 'org@org.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
};
@ -311,9 +351,9 @@ $t->post_ok('/api/register' => json => $testJson)
#Organisation valid
$testJson = {
'usertype' => 'organisation',
'token' => shift(@tokens),
'name' => shift(@names),
'email' => shift(@emails),
'token' => 'f',
'name' => 'org name',
'email' => 'org@org.com',
'postcode' => 'LA1 1AA',
'password' => 'Meh',
'street_name' => 'mary lane testing....',

3
t/search.t
View file

@ -31,7 +31,8 @@ my $passwordRufus = 'MakoGold';
my $testJson = {
'usertype' => 'customer',
'token' => shift(@account_tokens),
'name' => 'RufusShinra',
'full_name' => 'RufusShinra',
'display_name' => 'RufusShinra',
'email' => $emailRufus,
'postcode' => 'RG26 5NU',
'password' => $passwordRufus,

6
t/upload.t
View file

@ -38,7 +38,8 @@ my $passwordRufus = 'MakoGold';
my $testJson = {
'usertype' => 'customer',
'token' => shift(@account_tokens),
'name' => 'RufusShinra',
'full_name' => 'RufusShinra',
'display_name' => 'RufusShinra',
'email' => $emailRufus,
'postcode' => 'GU10 5SA',
'password' => $passwordRufus,
@ -54,7 +55,8 @@ my $passwordHojo = 'Mako';
$testJson = {
'usertype' => 'customer',
'token' => shift(@account_tokens),
'name' => 'ProfessorHojo',
'display_name' => 'ProfessorHojo',
'full_name' => 'ProfessorHojo',
'email' => $emailHojo,
'postcode' => 'DE15 9LT',
'password' => $passwordHojo,