From f23210eef123dc77bb6cffab9953dfed5a81231d Mon Sep 17 00:00:00 2001 From: Jan Williams Date: Mon, 17 Apr 2017 14:43:32 -0400 Subject: [PATCH 1/5] Created authentication.md --- docs/authentication.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 docs/authentication.md diff --git a/docs/authentication.md b/docs/authentication.md new file mode 100644 index 00000000..3a93ecd4 --- /dev/null +++ b/docs/authentication.md @@ -0,0 +1,12 @@ +# Authentication Process +When a user enters a username and password in the `/auth` route, that information is verified against the `Users` table in the middle-layer database. This table contains the usernames and their encrypted password. Once the user is authenticated, the application sends back a token that can be used for any of the API routes. The token is valid for two hours. + +## How It Works +A separate route, `/auth`, was created to generate a token. This token-based authentication is handled using four `npm` modules: + +- `Passport`, the authentication middleware +- `passport-local` +- `bcrypt-nodejs` +- `jsonwebtoken` + +This API uses the `passport-local` strategy. This strategy authenticates users with a username and password and verifies that information against the database. When the user enters a username and password, the `bcrypt-nodejs` module verifies the submitted password against the hash in the database. Upon successful authentication, the application sends back a token using the `jsonwebtoken` module. The `jsonwebtoken` module uses a secret key, stored as an environment variable, to generate the token, which is set to be valid for 120 minutes. From 85d81179762b59fb57b1bc742c53bfdec71c5b39 Mon Sep 17 00:00:00 2001 From: Jan Williams Date: Tue, 18 Apr 2017 13:22:40 -0400 Subject: [PATCH 2/5] Created data-store.md --- docs/data-store.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 docs/data-store.md diff --git a/docs/data-store.md b/docs/data-store.md new file mode 100644 index 00000000..184c4d6b --- /dev/null +++ b/docs/data-store.md @@ -0,0 +1,13 @@ +## Data Store - AWS / S3 +To upload files for the temp-outfitters permit, create an S3 bucket in one of the AWS Regions. + +When creating a new application, the application creates a directory with the control number name within the bucket. This directory contains the user-uploaded files. + +These are the properties for AWS S3 data storage: + +- `AWS_ACCESS_KEY_ID=` +- `AWS_SECRET_ACCESS_KEY=` +- `AWS_REGION=` +- `AWS_BUCKET_NAME=` + +If the Node.js server already has a credentials file under the `.aws` directory, the server will use those AWS credentials instead of the environment variables defined on the server. From 595f105615ab19e83c20a3e43256695c1b2e3b7a Mon Sep 17 00:00:00 2001 From: Jan Williams Date: Tue, 18 Apr 2017 13:26:43 -0400 Subject: [PATCH 3/5] Create env-var.md --- docs/env-var.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 docs/env-var.md diff --git a/docs/env-var.md b/docs/env-var.md new file mode 100644 index 00000000..c749c54c --- /dev/null +++ b/docs/env-var.md @@ -0,0 +1,16 @@ +## Environment Variables +These are the environment variables that must be created on the Node.js server for the application to run: + +- `DATABASE_URL=postgres://:@:5432` +- `JWT_SECRET_KEY=` +- `ADMINROLE_USER=` +- `ADMINROLE_PWD=` +- `ADMINROLE_HASH=` +- `USERROLE_USER=` +- `USERROLE_PWD=` +- `USERROLE_HASH=` +- `AWS_ACCESS_KEY_ID=` +- `AWS_SECRET_ACCESS_KEY=` +- `AWS_REGION=` +- `AWS_BUCKET_NAME=` +- `BASICURL=` From 1acecba2b089aca7302a9d4acdb64550ce1e00c2 Mon Sep 17 00:00:00 2001 From: Jan Williams Date: Tue, 18 Apr 2017 13:38:44 -0400 Subject: [PATCH 4/5] Updated data-store.md --- docs/data-store.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/data-store.md b/docs/data-store.md index 184c4d6b..bae3ed54 100644 --- a/docs/data-store.md +++ b/docs/data-store.md @@ -10,4 +10,4 @@ These are the properties for AWS S3 data storage: - `AWS_REGION=` - `AWS_BUCKET_NAME=` -If the Node.js server already has a credentials file under the `.aws` directory, the server will use those AWS credentials instead of the environment variables defined on the server. +If the Node.js server already has a `credentials` file under the `.aws` directory, the server will use those AWS credentials instead of the environment variables defined on the server. From 74c304e116ca29f2cc3759accb1c49c122b2fcb4 Mon Sep 17 00:00:00 2001 From: Jan Williams Date: Wed, 19 Apr 2017 16:35:42 -0400 Subject: [PATCH 5/5] Create sequelize.md --- docs/sequelize.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 docs/sequelize.md diff --git a/docs/sequelize.md b/docs/sequelize.md new file mode 100644 index 00000000..3091a49d --- /dev/null +++ b/docs/sequelize.md @@ -0,0 +1,16 @@ +# Sequelize + +Sequelize is a promise-based Node.js ORM for Postgres, MySQL, SQLite and Microsoft SQL Server. It features solid transaction support, relations, read replication and more. + +## Migrations +Table creation uses the migration scripts located under `/dba/migrations`. + +1. Install `sequelize-cli` globally using the command `npm install -g sequelize-cli`. +2. Make sure the database URL is available as the environment variable, set as `DATABASE_URL`. +3. Run `sequelize db:migrate` to create the tables. + +## Seeders +Seeders, the data that will populate the database, are located under `/dba/seeders`. +To run the seeders, run `sequelize db:seed:all`. +## Models +Models are a JavaScript factory class that represents a table in the database. Models are located under `/src/models`.