Jesse.Desjardins/glossary_api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added authentication and guards to HTTP routes; updated README

Browse Source
This commit is contained in:
Jesse Desjardins
2026-02-05 18:58:18 -05:00
parent fe02210c34
commit 95ef52ed8b
8 changed files with 232 additions and 61 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
README.md
View File

@@ -13,10 +13,58 @@ $ npm install
## Running local infrastructure
To simplify development, all local infrastructure is handled with Docker. The folder `dev_infra` contains the folloeing:
To simplify development, all local infrastructure is handled with Docker. The folder `dev_infra` contains the following:
- `compose.yaml`: A Docker compose file that stands up a Postgres database and a pgAdmin instance to visualize.
To start up the local infrastructure, open a new terminal session, navigate to the `dev_infra` folder, and run the following command:
```bash
# start up the docker instances for the Postgres database and the pgAdmin interface
$ docker compose up
# use 'ctrl + c' on the keyboard to close the Docker view
```
Once finished, use the following command to tear down the local infrastructure:
```bash
# tear down the docker instances
$ docker compose down
```
### Authentication
To test authentication in development, a dev cognito pool was created. Its' important values are included in the `set-env.sh` file. The pool consists of the following users:
- email: jesse.desjardins@ccascoe.org, username: 5c6d4528-5021-704a-27fd-68342d44783b, password: DuckTester25!
An access token will be required to test the routes. A safe way of getting one is as follows:
1. Logging into the default [Cognito Login page](https://ca-central-1ea62zdmoc.auth.ca-central-1.amazoncognito.com/login/continue?client_id=7ph76km1h1v4vkt4rj9c3s4o6&redirect_uri=https%3A%2F%2Fd84l1y8p4kdic.cloudfront.net&response_type=code&scope=email+openid+phone) using that URL, as it has the `openid` scope included.
2. After logging in, the URL will have a `code` parameter appended at then end. Use that code in the following curl command:
```bash
curl -X POST \
https://ca-central-1ea62zdmoc.auth.ca-central-1.amazoncognito.com/oauth2/token \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=authorization_code" \
-d "client_id=7ph76km1h1v4vkt4rj9c3s4o6" \
-d "code=<enter code here>" \
-d "redirect_uri=https://d84l1y8p4kdic.cloudfront.net"
```
3. The curl command will return, among other things, an `access_token` value. That token will be valid for 1 hour and will work for manual tests of the API if included in all API calls.
#### Alternative ways of retrieving tokens
Using the bolow command will get a token from the AWS CLI, but it will not have the required "openId" scope and will fail authorization in the API:
```bash
aws cognito-idp admin-initiate-auth --user-pool-id "ca-central-1_ea62zDmOC" --client-id "7ph76km1h1v4vkt4rj9c3s4o6" --auth-flow "ADMIN_USER_PASSWORD_AUTH" --auth-parameters "USERNAME=5c6d4528-5021-704a-27fd-68342d44783b,PASSWORD=DuckTester25!"
```
### Database Migrations
Any time a change is made to a `.entity.ts` file, a new migration will need to be generated and added to the `appDataSource.ts` file. This ensures the API is refencing the most up-to-date (and valid!) database schema. These are the migration commands: