feat(identity): verified merged

.env-example

@@ -11,9 +11,6 @@ export GITHUB_ORG_NAME="isomerpages"
 export GITHUB_BUILD_ORG_NAME="opengovsg"
 export GITHUB_BUILD_REPO_NAME="isomer-build"
 export MUTEX_TABLE_NAME=""
-export E2E_TEST_REPO="e2e-test-repo"
-export E2E_TEST_SECRET="blahblahblah"
-export E2E_TEST_GH_TOKEN=""
 
 # Required to connect to DynamoDB
 export AWS_ACCESS_KEY_ID=""
@@ -22,4 +19,20 @@ export AWS_SECRET_ACCESS_KEY=""
 # Required to run end-to-end tests
 export E2E_TEST_REPO="e2e-test-repo"
 export E2E_TEST_SECRET=""
-export E2E_TEST_GH_TOKEN=""
+export E2E_TEST_GH_TOKEN=""
+
+# Database
+export DB_URI="postgres://isomer:password@localhost:15432/isomercms_dev"
+export DB_MIN_POOL="1"
+export DB_MAX_POOL="10"
+export DB_ENABLE_LOGGING=""
+
+export LOCAL_SITE_ACCESS_TOKEN=""
+export OTP_SECRET="dummysecret"
+export DOMAIN_WHITELIST=".gov.sg"
+
+# Email
+export POSTMAN_API_KEY=""
+
+# SMS
+export POSTMAN_SMS_CRED_NAME=""

.env.test

@@ -0,0 +1,28 @@
+export CLIENT_ID="i am a client"
+export CLIENT_SECRET="i am a secret"
+export REDIRECT_URI="http://localhost:8081/v1/auth"
+export NODE_ENV="test"
+export COOKIE_DOMAIN="localhost"
+export AUTH_TOKEN_EXPIRY_DURATION_IN_MILLISECONDS=800000000
+export JWT_SECRET="blah"
+export ENCRYPTION_SECRET="blah"
+export FRONTEND_URL="http://localhost:3000"
+export GITHUB_ORG_NAME="isomerpages"
+export GITHUB_BUILD_ORG_NAME="opengovsg"
+export GITHUB_BUILD_REPO_NAME="isomer-build"
+
+# Database
+export DB_URI="postgres://isomer:password@localhost:54321/isomercms_test"
+export DB_MIN_POOL="1"
+export DB_MAX_POOL="10"
+export DB_ENABLE_LOGGING=""
+
+export LOCAL_SITE_ACCESS_TOKEN=""
+export OTP_SECRET="dummysecret"
+export DOMAIN_WHITELIST=".gov.sg"
+
+# Email
+export POSTMAN_API_KEY="some api key"
+
+# SMS
+export POSTMAN_SMS_CRED_NAME="isomer"

.eslintrc.json

@@ -7,14 +7,18 @@
     },
     "extends": [
         "airbnb-base",
-        "prettier"
+        "prettier",
+        "plugin:import/typescript"
     ],
     "plugins": ["only-warn", "import"],
     "parserOptions": {
         "ecmaVersion": 12
     },
     "rules": {
         "no-underscore-dangle": "off",
+        "class-methods-use-this": "off",
+        "import/no-unresolved": "error",
+        "import/extensions": ["warn", "never"],
         "import/order": [
             "error",
             {
@@ -24,8 +28,7 @@
                 },
                 "newlines-between": "always",
                 "groups": ["builtin", "external", "internal", "parent", "sibling", "index", "object"],
-                "pathGroups": [
-                    {
+                "pathGroups": [{
                         "pattern": "@logger/**",
                         "group": "internal",
                         "position": "before"
@@ -56,31 +59,51 @@
                         "position": "before"
                     },
                     {
-                      "pattern": "@validators/**",
-                      "group": "internal",
-                      "position": "before"
+                        "pattern": "@validators/**",
+                        "group": "internal",
+                        "position": "before"
                     }
                 ]
             }
         ]
     },
+    "overrides": [
+        {
+          "files": ["*.ts", "*.tsx"],
+          "parser": "@typescript-eslint/parser",
+          "extends": ["plugin:@typescript-eslint/recommended"]
+        }
+      ],    
     "settings": {
+        "import/parsers": {
+            "@typescript-eslint/parser": [".ts", ".tsx"]
+          },      
         "import/resolver": {
-          "alias": [
+            "typescript": {
+                // always try to resolve types under `<root>@types` directory even it doesn't contain any source code, like `@types/unist`
+                "alwaysTryTypes": true 
+            },        
+            "node": {
+                "extensions": [".js", ".jsx", ".ts", ".tsx"]
+            },
+            "alias": [
                 ["@root", "./"],
                 ["@classes", "./classes"],
                 ["@errors", "./errors"],
                 ["@logger", "./logger"],
                 ["@middleware", "./middleware"],
                 ["@routes", "./routes"],
                 ["@utils", "./utils"],
+                ["@loaders", "./loaders"],
+                ["@database", "./database"],
                 ["@services", "./services"],
                 ["@validators", "./validators"],
-                ["@fixtures", "./fixtures"]
+                ["@fixtures", "./fixtures"],
+                ["@database", "./database"]
             ]
         }
     },
     "globals": {
         "Base64": true
     }
-}
+}

.github/workflows/ci.yml

@@ -51,6 +51,8 @@ jobs:
               ${{ runner.OS }}-
         - name: Install NPM
           run: npm ci
+        - name: Build application
+          run: npm run build
         - name: Zip application
           run: zip -r "deploy.zip" * .platform -x .env-example .gitignore package-lock.json
         - name: Get timestamp

.gitignore

@@ -1,3 +1,4 @@
 .env
 node_modules/
-.vscode/
+.vscode/
+build/

.sequelizerc

@@ -0,0 +1,8 @@
+const path = require("path")
+
+module.exports = {
+  config: path.resolve("./database", "config.js"),
+  "models-path": path.resolve("./database", "models"),
+  "seeders-path": path.resolve("./database", "seeders"),
+  "migrations-path": path.resolve("./database", "migrations"),
+}

__mocks__/@aws-sdk/client-secrets-manager.ts

@@ -0,0 +1,15 @@
+// This is a manual module mock for the AWS client.
+// This is done to prevent our internal services from pinging the actual AWS ones
+// and to ensure our tests are 1. consistent 2. reliable.
+
+export const mockSend = jest.fn()
+
+export const secretsManagerClient = {
+  send: mockSend,
+}
+
+export const SecretsManagerClient: jest.Mock<
+  typeof secretsManagerClient
+> = jest.fn().mockImplementation(() => secretsManagerClient)
+
+export const GetSecretValueCommand = jest.fn((secret) => ({ SecretId: secret }))

__mocks__/axios.ts

@@ -0,0 +1,3 @@
+import mockAxios from "jest-mock-axios"
+
+export default mockAxios

__mocks__/otplib.ts

@@ -0,0 +1,6 @@
+// eslint-disable-next-line import/prefer-default-export
+export const totp = {
+  clone: jest.fn().mockReturnThis(),
+  generate: jest.fn(),
+  verify: jest.fn(),
+}

bin/www.js

@@ -0,0 +1,91 @@
+#!/usr/bin/env node
+
+/**
+ * Module dependencies.
+ */
+require("module-alias/register")
+
+const http = require("http")
+
+const app = require("@root/server")
+
+const debug = require("debug")("isomercms:server")
+
+// Import logger
+const logger = require("@logger/logger")
+
+/**
+ * Normalize a port into a number, string, or false.
+ */
+
+function normalizePort(val) {
+  const port = parseInt(val, 10)
+
+  if (isNaN(port)) {
+    // named pipe
+    return val
+  }
+
+  if (port >= 0) {
+    // port number
+    return port
+  }
+
+  return false
+}
+
+/**
+ * Event listener for HTTP server "error" event.
+ */
+
+function onError(error) {
+  if (error.syscall !== "listen") {
+    throw error
+  }
+
+  const bind = typeof port === "string" ? `Pipe ${port}` : `Port ${port}`
+
+  // handle specific listen errors with friendly messages
+  switch (error.code) {
+    case "EACCES":
+      logger.error(`${bind} requires elevated privileges`)
+      process.exit(1)
+    case "EADDRINUSE":
+      logger.error(`${bind} is already in use`)
+      process.exit(1)
+    default:
+      throw error
+  }
+}
+
+/**
+ * Event listener for HTTP server "listening" event.
+ */
+
+function onListening() {
+  const addr = server.address()
+  const bind = typeof addr === "string" ? `pipe ${addr}` : `port ${addr.port}`
+  debug(`Listening on ${bind}`)
+  logger.info(`isomerCMS app listening on port ${port}`)
+}
+
+/**
+ * Get port from environment and store in Express.
+ */
+
+const port = normalizePort(process.env.PORT || "8081")
+app.set("port", port)
+
+/**
+ * Create HTTP server.
+ */
+
+const server = http.createServer(app)
+
+/**
+ * Listen on provided port, on all network interfaces.
+ */
+
+server.listen(port)
+server.on("error", onError)
+server.on("listening", onListening)