From a06655a686dcf06fb159486cf55a4e986b8bf54d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?B=C4=83rbu=C8=9B-Dic=C4=83=20Sami?=
 <70215066+WarriorsSami@users.noreply.github.com>
Date: Tue, 24 Sep 2024 12:06:17 +0300
Subject: [PATCH] Quetzalcoatl - Test merging strategy (#40)

* feat: add init project structure

* feat(identity): scaffold db for default identity

* docs(auth): add architecture diagram

* feat(config): add jwt config

* perf: move endpoints to separate proj than di

* feat: add migrations for default identity

* feat(infr): add new migrations for custom user

* feat(domain): add user entity and jwt config

* perf(di): add custom user to identity auth

* feat(test): scaffold integration tests

* feat(app): implement handlers required by auth

-CreateUser
-ValidateUserCredentials
-GenerateJwtToken

* refactor(test): split test proj between integration and unit

* perf(mapper): use automapper for register endpoint

* perf(app): organize handlers based on vertical slice

* feat(test): add fixture for test containers

* feat(test): create integration test for register endpoint

* perf(api): refactor endpoints to improve readability

* fix(test): remove sqlconnection error and speed up test containers

- Declare additional IServiceCollection extension methods for ensuring db created and removing already existing DbContextOptions<AppDbContext> (not AppDbContext!!)

- Use the latest MsSql Docker Image

* feat(di): add default swagger support

* test: remove unit tests proj

As Fastendpoints Commands are hard to unit test outside of an Endpoint, it is enough to have only Integration tests to cover everything

* test(login): add integration test for login

* style: rename username prop and move jwt mapper here

* docs(swagger): add swagger support

* feat(users): scaffold CRUD users api

* style(auth): move validators to separate files

* feat(users): add get all endpoint

* test(users): add integration tests for get all endpoint

* feat(users): add get user endpoint

* test(users): add integration test for get user endpoint

* style(tests): add regions to enhance readability

* style: replace local usings with global usings

* perf(user): add guid as pk for application user

* feat(update): create update user endpoint

* test(update): create integration tests for update endpoint

* misc: update .gitignore

* perf(user manager): use predefined methods instead of LINQ for finding by id

* feat(api): create delete endpoint

* style: add regions and update global usings

* test(delete): create integration tests for delete endpoint

* docs(swagger): add summaries for Identity CRUD endpoints

* style(binding): remove redundant bind from attribute for models Id

* perf(update); enable request fields to be nullable

In order to allow partial update for user profile (similar to patch), enable validation/mapping rules only when a certain request field is provided

* style: add global usings

* test(update): add integration test for partial update

* style: format code

* style: adjust namespace for jwt config

* feat(user): add support for fullname and bio fields

* test(user): update integration tests to support fullname/bio fields

* feat(image): add support for user profile image

* test(register): update integration tests to support profile image

* perf(picture): enable support for picture in login endpoint

Enable eager loading in db context for profile picture in order to be able to retrieve the image id for the download URL

* feat(build): add migrations for profile picture

* test(login): update login tests for picture

Replace register endpoint invocation with the user manager directly in order to mitigate the tight coupling between tests and the QAPI

* feat(picture): update the rest of endpoints to support profile picture

* test(picture): update the rest of tests to support profile picture

* feat(image): add get image endpoint

* test(image): add integration test for get image endpoint

* perf(image): create image repository

* style: format code

* perf: add argument null guards to ctors

* feat(logger): configure serilog

* misc: add Logs to .gitignore

* perf: add logging to endpoints

* fix(logger): replace bootstrap logger with default

Bug related to integration tests fails

* feat(update): add permission guard to endpoint

Allow users to edit only their own profile, otherwise throw unauthorized

* test: add integration test for self update permission

* perf(update): replace unauthorized with forbidden

* perf: use default identity role

* perf: set model fields as init-only

* feat: add seed data for roles and admin user

* test(get all): remove users already added by seeding

* perf(delete): restrict access to endpoint using roles from jwt

* test(delete): add test for non-admin user

* perf(image): enable profile image to be nullable

* feat(api): add support for refresh tokens

Add RefreshToken endpoint and pass access/refresh token pairs via HttpOnly cookies

* perf(update user): get user id exclusively from route

* docs: add sequence flow diagrams for different scenarios

* perf(refresh-token): reduce the no generated refresh tokens

Generate refresh tokens only for specific scenarios, not for every kind of request:
- valid refresh/access token pair provided
- refresh/access token pair not already used to generate a new access token
- refresh token not expired
- access token expired
- etc.

* build(docker): add dockerfile for quetzalcoatl microservice

* perf(refresh token): add trigger for deleting stale tokens

* perf(refresh token): replace int with timespan for token lifetimes

* perf(config): use IOptions

* feat: add health check endpoint

* build(docker): add docker-compose

* perf(docker): assure that db is started before the api

* Test merging strategy (#39)
---
 .../Domain/Entities/ApplicationRoles.cs       |  7 +++++
 quetzalcoatl-auth/docker-compose.yaml         | 28 +++++++++++++++++++
 2 files changed, 35 insertions(+)
 create mode 100644 quetzalcoatl-auth/Domain/Entities/ApplicationRoles.cs
 create mode 100644 quetzalcoatl-auth/docker-compose.yaml

diff --git a/quetzalcoatl-auth/Domain/Entities/ApplicationRoles.cs b/quetzalcoatl-auth/Domain/Entities/ApplicationRoles.cs
new file mode 100644
index 0000000..8deac91
--- /dev/null
+++ b/quetzalcoatl-auth/Domain/Entities/ApplicationRoles.cs
@@ -0,0 +1,7 @@
+namespace Domain.Entities;
+
+public enum ApplicationRoles
+{
+    Proposer,
+    Admin
+}
diff --git a/quetzalcoatl-auth/docker-compose.yaml b/quetzalcoatl-auth/docker-compose.yaml
new file mode 100644
index 0000000..53a1a56
--- /dev/null
+++ b/quetzalcoatl-auth/docker-compose.yaml
@@ -0,0 +1,28 @@
+# Define services + volumes for quetzalcoatl
+version: '3.7'
+services:
+  auth-service:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    ports:
+      - "5210:5210"
+    env_file:
+      - .env
+    depends_on:
+      mssql-db:
+        condition: service_started
+      
+  mssql-db:
+    image: mcr.microsoft.com/mssql/server:2022-latest
+    user: root
+    ports:
+      - "1434:1433"
+    env_file:
+      - .env
+    volumes:
+      - quetzalcoatl-db:/var/opt/mssql/data
+      
+volumes:
+  quetzalcoatl-db:
+      
\ No newline at end of file