Add MongoDB test application

[AlexLLKong]

Test application to demonstrate rudimentary CRUD operations on locally hosted node application and node instance.

There isn't much error handling.

[nok-ko]

I've included yargs as a dependency for command-line argument parsing, and made the app automatically try to connect to the MongoDB instance at mongodb://localhost:27017, using the database called test. If it fails, it tells you about it:

cli_demo.mp4

[nok-ko]

@AlexLLKong I think it's best to only open the connection once, and close it at the end of the app's lifetime – seems like that's the best practice.

I've made that change in the latest commit.

[nok-ko]

I've added some npm scripts:

• npm start to start the server, using your local MongoDB instance
• npm prod to do the same using the instance at db.nokko.me
• npm test to run tests – currently none are defined, but I would like to use Jest for this purpose in the future.

[nok-ko]

Don't have proper tests yet, but everything works circa the latest commit:

TBD:

• Add code that initializes the database with all the collections we need, if they don't exist yet
  • (Need schema from Alex)
• Make the app log in to the Mongo instance with the shakeguard user+pass
  • Store the password secretly somehow – investigate the correct way to do this
• Make a common cleanup() function that closes any open file handles/other resources in case the process needs to exit mid-run. Not such a big concern, but would be nice to not corrupt anything when exiting "nicely."
• Make the existing Express routes respond with semantic error codes when failing – currently all responses are 200 OK and status is indicated in the response body. 👀

[AlexLLKong]

Using Insomnia to test endpoints. Postman was giving me issues and I'm too lazy to use curl.

Next up will be logout followed by signup.

[AlexLLKong]

Logout "works" but I wasn't able to work out a test for when it fails. Which probably means I'm not doing it right.

[nok-ko]

Good stuff! Are the Insomnia tests only on your local machine? Can you make them available to the rest of the team through the repo somehow?

[nok-ko]

Yep, still need to figure out how to keep secrets properly. Hng.

[nok-ko]

Going to write a proper secret-grabbing thing after #9 is merged.

[nok-ko]

Might be worth keeping a log file for this kind of thing.

[nok-ko]

Not sure what error code this should be, not sure when the error case would be hit… not sure of much of anything, but this shouldn't be a 400. Minor quibble, really – don't worry.

[AlexLLKong]

Making a user account works. No sanitization at the moment though

[nok-ko]

Shouldn't the kit be created without any involvement from the code calling into the API?

[AlexLLKong]

Is a user able to start building a kit before signing up? If not, then I guess that can be changed to a default skeleton object

[nok-ko]

What's the expected value for the kit property in a user's document? I think this might just be me being confused, I should take a look at the schema.

[nok-ko]

I guess whether we send the request data in the body or the query parameters doesn't really matter, but I thought we were going to use query parameters. 😅

If you don't want to change it, just say so.

[nok-ko]

Oh, actually, don't change this! It makes sense for this to be in a body parameter, at least from reading this blog post.

General rule seems to be:

• Path parameters for getting a specific thing out of the API
  • For example: GET /people/katy_p
• Query parameters for filtering, or otherwise limiting the output of a query for lots of things
  • For example: GET /people/katy_p/friends?limit=10&nameLike=Alex
• Body parameters for supplying data needed to fulfill a request to the endpoint
  • For example: POST /create-cat, body: {name:"Fluffy"}

[nok-ko]

Once #9 is merged, we should rebase this branch on top of main and make sure everything still works.

[nok-ko]

Mostly good, take a look at my suggestions though.

[nok-ko]

AT LAST! Latest commit should super-duper fix #8. @AlexLLKong if you could make up a random session secret on the db.nokko.me server and use my new shakeguardSecrets.js module to load it in, that'd be great. (Secrets are in /home/shakeguard/.secrets if you don't recall.)

Here:

app.use(session(
	{
	  secret: "shhhh...secret", // load it in from the secrets object instead!
	  name: "ShakeGuardSessionID",
	  resave: false,
	  // create a unique identifier for that client
	  saveUninitialized: true
	})
  );

[nok-ko]

Right, that seems to fix everything I brought up, excellent work. Maybe do a nice thing for our front-end folks and document what all the messages mean somewhere – API.md or something? Maybe there's a better way, or maybe it's a bit early to put effort into that kind of thing, but would be nice. 👍

[nok-ko]

Whoops.