path-check / safeplaces-ct-backend Goto Github PK

https://github.com/Path-Check/safeplaces-frontend/blob/dev_mvp/Safe-Places-Server.md#publish

The production environment needs:

• Migration files
• Scripts for
  • Populating initial user
  • Populating initial organisation
• Verfication tests

JWT token for auth needs to set exp field for expiration.
This setting can be added as an environment variable.

While running the npm run migrate:up

getting this below error,

(node:68645) UnhandledPromiseRejectionWarning: Error: The migration directory is corrupt, the following files are missing: 20200420011122_organizations.js, 20200420011123_users.js, 20200428174152_trails.js, 20200501174613_publications.js

Problem

In the following lines, the function done is not defined. It is called on line 23 and line 40.

When testing in development, no error occurs, so the /login endpoint still works. However, in the event that an error does occur, the middleware will not pass the error.

https://github.com/Path-Check/safeplaces-backend/blob/5fdabc658526d7727fab419f63b81034324a014a/expressjs/routes/index.js#L19-L41

Possible Solution

Change done on the two lines to next, which should be the proper, defined function to call.

The current backend does not validate if the received input is according to spec. We need to add relevant checks to the code to ensure that each API checks whether the received input is in the expected type and format.

Express JS Validator looks like a good option to validate input params.

All docs are a part of the main README folder.

We could look to separate them into the following files:

1. Dev setup
2. Auth and DB setup
3. Production setup
4. Data access

cc @aiyan @sublet

To reproduce run the /safe_paths endpoint in Postman, see example below.

Request:
POST /safe_paths HTTP/1.1
Host: https://api.express.safeplaces.extremesolution.com
Content-Type: application/json
Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6ImFkbWluIiwiaWF0IjoxNTg5MjEyNjQ3fQ.-jyAO9RQQRYBiuxgR1d77vyfWxvgP7daiQHvD50ZGIQ
Content-Type: text/plain

{
"authority_name": "PQA Testing",
"publish_date_utc": "1584924583",
"info_website": "https://www.who.int/emergencies/diseases/novel-coronavirus-2019",
"concern_points":
[
{
"time": 123,
"latitude": 51.53839304439309,
"longitude": -0.11477509793272855
},
{
"time": 456,
"latitude": 51.55987524514395,
"longitude": -0.10753902581515137
}
]
}
Response:
{
"message": {
"name": "error",
"length": 160,
"severity": "ERROR",
"code": "22007",
"file": "datetime.c",
"line": "3774",
"routine": "DateTimeParseError"
}
}

is nestjs not maintained anymore ? Also the setup README file is not up-to date.

The APIs:

• Login
• Redacted Trails GET
• Redacted Trails POST
• Safe Paths GET
• Safe Paths POST

Only have a single API test testing a positive or happy path returning status 200 with a response.

We need to write cases which test other scenarios including:

• Negative paths
• Error statuses
• Edge cases

In addition to the steps in the README, I needed to edit pg_hba.conf in the postgres (12) configuration to add a line under IPv4 local connections for my docker container, namely:

host all all 172.17.0.2/32 md5

I.e. data that is uploaded from the redaction tool. This will affect performance, but only to the degree of the time taken to save/load a single patient's data.