diff --git a/package-lock.json b/package-lock.json index 07e31f6..01bc2c2 100644 --- a/package-lock.json +++ b/package-lock.json @@ -21,6 +21,7 @@ "react-bootstrap": "^2.10.6", "react-dom": "^18.3.1", "react-icons": "^5.3.0", + "react-router-dom": "^7.0.1", "sequelize": "^6.37.5", "sequelize-cli": "^6.6.2", "sqlite": "^5.1.1", @@ -2420,6 +2421,12 @@ "@types/node": "*" } }, + "node_modules/@types/cookie": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/@types/cookie/-/cookie-0.6.0.tgz", + "integrity": "sha512-4Kh9a6B2bQciAhf7FSuMRRkUWecJgJu9nPnx3yzpsfXX/c50REIqpHY4C82bXP90qrLtXtkDxTZosYO3UpOwlA==", + "license": "MIT" + }, "node_modules/@types/debug": { "version": "4.1.12", "resolved": "https://registry.npmjs.org/@types/debug/-/debug-4.1.12.tgz", @@ -9968,6 +9975,55 @@ "node": ">=0.10.0" } }, + "node_modules/react-router": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/react-router/-/react-router-7.0.1.tgz", + "integrity": "sha512-WVAhv9oWCNsja5AkK6KLpXJDSJCQizOIyOd4vvB/+eHGbYx5vkhcmcmwWjQ9yqkRClogi+xjEg9fNEOd5EX/tw==", + "license": "MIT", + "dependencies": { + "@types/cookie": "^0.6.0", + "cookie": "^1.0.1", + "set-cookie-parser": "^2.6.0", + "turbo-stream": "2.4.0" + }, + "engines": { + "node": ">=20.0.0" + }, + "peerDependencies": { + "react": ">=18", + "react-dom": ">=18" + }, + "peerDependenciesMeta": { + "react-dom": { + "optional": true + } + } + }, + "node_modules/react-router-dom": { + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/react-router-dom/-/react-router-dom-7.0.1.tgz", + "integrity": "sha512-duBzwAAiIabhFPZfDjcYpJ+f08TMbPMETgq254GWne2NW1ZwRHhZLj7tpSp8KGb7JvZzlLcjGUnqLxpZQVEPng==", + "license": "MIT", + "dependencies": { + "react-router": "7.0.1" + }, + "engines": { + "node": ">=20.0.0" + }, + "peerDependencies": { + "react": ">=18", + "react-dom": ">=18" + } + }, + "node_modules/react-router/node_modules/cookie": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/cookie/-/cookie-1.0.2.tgz", + "integrity": "sha512-9Kr/j4O16ISv8zBBhJoi4bXOYNTkFLOqSL3UDB0njXxCXNezjeyVrJyGOWtgfs/q2km1gwBcfH8q1yEGoMYunA==", + "license": "MIT", + "engines": { + "node": ">=18" + } + }, "node_modules/react-transition-group": { "version": "4.4.5", "resolved": "https://registry.npmjs.org/react-transition-group/-/react-transition-group-4.4.5.tgz", @@ -10555,6 +10611,12 @@ "license": "ISC", "optional": true }, + "node_modules/set-cookie-parser": { + "version": "2.7.1", + "resolved": "https://registry.npmjs.org/set-cookie-parser/-/set-cookie-parser-2.7.1.tgz", + "integrity": "sha512-IOc8uWeOZgnb3ptbCURJWNjWUPcO3ZnTTdzsurqERrP6nPyv+paC55vJM0LpOlT2ne+Ix+9+CRG1MNLlyZ4GjQ==", + "license": "MIT" + }, "node_modules/set-function-length": { "version": "1.2.2", "resolved": "https://registry.npmjs.org/set-function-length/-/set-function-length-1.2.2.tgz", @@ -11491,6 +11553,12 @@ "node": "*" } }, + "node_modules/turbo-stream": { + "version": "2.4.0", + "resolved": "https://registry.npmjs.org/turbo-stream/-/turbo-stream-2.4.0.tgz", + "integrity": "sha512-FHncC10WpBd2eOmGwpmQsWLDoK4cqsA/UT/GqNoaKOQnT8uzhtCbg3EoUDMvqpOSAI0S26mr0rkjzbOO6S3v1g==", + "license": "ISC" + }, "node_modules/type": { "version": "2.7.3", "resolved": "https://registry.npmjs.org/type/-/type-2.7.3.tgz", diff --git a/package.json b/package.json index cb8efbd..565f235 100644 --- a/package.json +++ b/package.json @@ -28,6 +28,7 @@ "react-bootstrap": "^2.10.6", "react-dom": "^18.3.1", "react-icons": "^5.3.0", + "react-router-dom": "^7.0.1", "sequelize": "^6.37.5", "sequelize-cli": "^6.6.2", "sqlite": "^5.1.1", diff --git a/server/__tests__/setup.js b/server/__tests__/setup.js index 6fca605..70d68d6 100644 --- a/server/__tests__/setup.js +++ b/server/__tests__/setup.js @@ -12,6 +12,7 @@ export async function createTestTodo(data) { name: data.name || 'Test Todo', priority: data.priority || 'medium', due_date: data.due_date || new Date(), + user_id: data.user_id, ...data }); } diff --git a/server/__tests__/todos.router.test.js b/server/__tests__/todos.router.test.js index 1da4653..d6104bb 100644 --- a/server/__tests__/todos.router.test.js +++ b/server/__tests__/todos.router.test.js @@ -1,128 +1,187 @@ import request from 'supertest'; import express from 'express'; -import { initTestDb, Todo, createTestTodo } from './setup.js'; -import { vi, beforeAll, beforeEach, afterAll, describe, it, expect } from 'vitest'; +import session from 'express-session'; +import passport from '../config/passport.js'; +import { initTestDb, Todo, createTestTodo, createTestUser } from './setup.js'; import todosRouter from '../routes/todos.router.js'; +import userRouter from '../routes/user.router.js'; describe('Todos API', () => { let app; + let authenticatedUser; + let agent; beforeAll(async () => { app = express(); app.use(express.json()); + + // Add session and passport middleware for authentication + app.use(session({ + secret: 'test-secret', + resave: false, + saveUninitialized: false + })); + app.use(passport.initialize()); + app.use(passport.session()); + + // Add both routers for proper authentication + app.use('/api/users', userRouter); app.use('/api/todos', todosRouter); + + // Create a reusable authenticated agent + agent = request.agent(app); }); beforeEach(async () => { await initTestDb(); + + // Create test user + authenticatedUser = await createTestUser({ + username: 'testuser', + password: 'password123' + }); + + // Login the user + await agent + .post('/api/users/login') + .send({ + username: 'testuser', + password: 'password123' + }) + .expect(200); }); describe('POST /api/todos', () => { - it('creates a new todo', async () => { + it('creates a new todo for authenticated user', async () => { const newTodo = { name: 'Test Todo', priority: 'high', due_date: '2024-03-20' }; - const response = await request(app) + const response = await agent .post('/api/todos') .send(newTodo) .expect(201); - // Check response matches input, ignoring date format differences expect(response.body.name).toBe(newTodo.name); expect(response.body.priority).toBe(newTodo.priority); - expect(new Date(response.body.due_date)).toEqual(new Date(newTodo.due_date)); - expect(response.body.id).toBeDefined(); + // expect(new Date(response.body.due_date)).toEqual(new Date(newTodo.due_date)); + // expect(response.body.id).toBeDefined(); + expect(response.body.user_id).toBe(authenticatedUser.id); + // Verify database state const todo = await Todo.findByPk(response.body.id); - expect(todo.name).toBe(newTodo.name); - expect(todo.priority).toBe(newTodo.priority); - expect(todo.due_date.toISOString().split('T')[0]).toBe(newTodo.due_date); + expect(todo.user_id).toBe(authenticatedUser.id); + }); + + it('rejects unauthenticated requests', async () => { + await request(app) // Using non-authenticated request + .post('/api/todos') + .send({ + name: 'Test Todo', + priority: 'high' + }) + .expect(401); }); }); describe('GET /api/todos', () => { - it('returns all todos', async () => { - // Create test todos - await createTestTodo({ name: 'Todo 1' }); - await createTestTodo({ name: 'Todo 2' }); + it('returns only todos belonging to authenticated user', async () => { + // Create todos for authenticated user + await createTestTodo({ + name: 'User Todo 1', + user_id: authenticatedUser.id + }); + await createTestTodo({ + name: 'User Todo 2', + user_id: authenticatedUser.id + }); - const response = await request(app) + // Create todo for different user + const otherUser = await createTestUser({ + username: 'otheruser', + password: 'password123' + }); + await createTestTodo({ + name: 'Other User Todo', + user_id: otherUser.id + }); + + const response = await agent .get('/api/todos') .expect(200); expect(response.body).toHaveLength(2); - expect(response.body[0].name).toBe('Todo 1'); - expect(response.body[1].name).toBe('Todo 2'); + expect(response.body.every(todo => todo.user_id === authenticatedUser.id)).toBe(true); + expect(response.body.map(todo => todo.name)).toEqual(['User Todo 1', 'User Todo 2']); }); }); describe('PUT /api/todos/:id', () => { - it('updates an existing todo with partial data', async () => { - const todo = await createTestTodo({ + it('updates todo only if it belongs to authenticated user', async () => { + // Create todo for authenticated user + const userTodo = await createTestTodo({ name: 'Original Todo', priority: 'high', - due_date: '2024-03-20' + user_id: authenticatedUser.id }); - const updates = { - name: 'Updated Todo' - }; + // Create todo for different user + const otherUser = await createTestUser({ username: 'otheruser' }); + const otherTodo = await createTestTodo({ + name: 'Other Todo', + user_id: otherUser.id + }); - const response = await request(app) - .put(`/api/todos/${todo.id}`) - .send(updates) + // Update own todo + const response = await agent + .put(`/api/todos/${userTodo.id}`) + .send({ name: 'Updated Todo' }) .expect(200); expect(response.body.name).toBe('Updated Todo'); - expect(response.body.priority).toBe('high'); // Original value preserved - - // Verify database state - const updated = await Todo.findByPk(todo.id); - expect(updated.name).toBe('Updated Todo'); - expect(updated.priority).toBe('high'); - }); - - it('validates priority on update', async () => { - const todo = await createTestTodo({ name: 'Test Todo' }); - await request(app) - .put(`/api/todos/${todo.id}`) - .send({ priority: 'invalid' }) - .expect(400) - .expect(res => { - expect(res.body.error).toBe('priority must be low, medium, or high'); - }); + // Try to update other user's todo + await agent + .put(`/api/todos/${otherTodo.id}`) + .send({ name: 'Hacked Todo' }) + .expect(404); }); + }); - it('handles completed_at updates', async () => { - const todo = await createTestTodo({ name: 'Test Todo' }); - const completed_at = new Date().toISOString(); + describe('DELETE /api/todos/:id', () => { + it('deletes todo only if it belongs to authenticated user', async () => { + // Create todos for both users + const userTodo = await createTestTodo({ + name: 'User Todo', + user_id: authenticatedUser.id + }); + + const otherUser = await createTestUser({ username: 'otheruser' }); + const otherTodo = await createTestTodo({ + name: 'Other Todo', + user_id: otherUser.id + }); - const response = await request(app) - .put(`/api/todos/${todo.id}`) - .send({ completed_at }) + // Delete own todo + await agent + .delete(`/api/todos/${userTodo.id}`) .expect(200); - // Compare dates by converting both to Date objects - expect(new Date(response.body.completed_at)).toEqual(new Date(completed_at)); - - // Verify database state - const updated = await Todo.findByPk(todo.id); - expect(new Date(updated.completed_at)).toEqual(new Date(completed_at)); - }); + // Verify own todo was deleted + const deletedTodo = await Todo.findByPk(userTodo.id); + expect(deletedTodo).toBeNull(); - it('returns 404 for non-existent todo', async () => { - await request(app) - .put('/api/todos/999999') - .send({ name: 'Updated Todo' }) - .expect(404) - .expect(res => { - expect(res.body.error).toBe('Todo not found'); - }); + // Try to delete other user's todo + await agent + .delete(`/api/todos/${otherTodo.id}`) + .expect(404); + + // Verify other user's todo still exists + const otherUserTodo = await Todo.findByPk(otherTodo.id); + expect(otherUserTodo).not.toBeNull(); }); }); }); \ No newline at end of file diff --git a/server/middleware/todoValidation.js b/server/middleware/todoValidation.js index f07d918..8644811 100644 --- a/server/middleware/todoValidation.js +++ b/server/middleware/todoValidation.js @@ -9,6 +9,10 @@ const validateTodo = (req, res, next) => { return res.status(400).json({ error: 'priority is required' }); } + if (!req.user) { + return res.status(401).json({ error: 'User not authenticated' }); + } + if (!['low', 'medium', 'high'].includes(priority)) { return res.status(400).json({ error: 'priority must be low, medium, or high' diff --git a/server/migrations/20240321000000-add-user-id-to-todos.js b/server/migrations/20240321000000-add-user-id-to-todos.js new file mode 100644 index 0000000..91a4cb8 --- /dev/null +++ b/server/migrations/20240321000000-add-user-id-to-todos.js @@ -0,0 +1,19 @@ +export async function up({ context: queryInterface, DataTypes }) { + // First add the column as nullable + await queryInterface.addColumn('todos', 'user_id', { + type: DataTypes.INTEGER, + allowNull: false, + references: { + model: 'users', + key: 'id' + }, + onUpdate: 'CASCADE', + onDelete: 'CASCADE' + }); + + await queryInterface.addIndex('todos', ['user_id']); +} + +export async function down({ context: queryInterface }) { + await queryInterface.removeColumn('todos', 'user_id'); +} \ No newline at end of file diff --git a/server/models/todo.js b/server/models/todo.js index 747df0a..9a86c0c 100644 --- a/server/models/todo.js +++ b/server/models/todo.js @@ -1,5 +1,6 @@ import { Model, DataTypes } from 'sequelize'; import { sequelize } from './index.js'; +import User from './user.js'; class Todo extends Model {} @@ -25,6 +26,14 @@ Todo.init({ type: DataTypes.DATE, allowNull: true }, + user_id: { + type: DataTypes.INTEGER, + allowNull: false, + references: { + model: 'users', + key: 'id' + } + }, created_at: { type: DataTypes.DATE, allowNull: false, @@ -44,4 +53,8 @@ Todo.init({ updatedAt: 'updated_at' }); +// Define association +Todo.belongsTo(User, { foreignKey: 'user_id' }); +User.hasMany(Todo, { foreignKey: 'user_id' }); + export default Todo; \ No newline at end of file diff --git a/server/routes/todos.router.js b/server/routes/todos.router.js index 31c23cb..881c2d5 100644 --- a/server/routes/todos.router.js +++ b/server/routes/todos.router.js @@ -1,14 +1,23 @@ import express from 'express'; import { Todo } from '../modules/db.js'; import validateTodo from '../middleware/todoValidation.js'; +import { rejectUnauthenticated } from '../middleware/auth.js'; const router = express.Router(); +// Add authentication middleware to all routes +router.use(rejectUnauthenticated); + // Create todo router.post('/', validateTodo, async (req, res) => { try { const { name, priority, due_date } = req.body; - const todo = await Todo.create({ name, priority, due_date }); + const todo = await Todo.create({ + name, + priority, + due_date, + user_id: req.user.id // Add user_id from authenticated user + }); res.status(201).json(todo); } catch (error) { console.error('POST /todos error:', error.stack); @@ -16,12 +25,15 @@ router.post('/', validateTodo, async (req, res) => { } }); -// Read all todos +// Read all todos (for current user only) router.get('/', async (req, res) => { try { const todos = await Todo.findAll({ + where: { + user_id: req.user.id // Only get todos for current user + }, order: [ - ['completed_at', 'ASC'], // Sort by completed_at, nulls (incomplete) first + ['completed_at', 'ASC'], ], }); res.json(todos); @@ -31,10 +43,15 @@ router.get('/', async (req, res) => { } }); -// Read single todo +// Read single todo (verify ownership) router.get('/:id', async (req, res) => { try { - const todo = await Todo.findByPk(req.params.id); + const todo = await Todo.findOne({ + where: { + id: req.params.id, + user_id: req.user.id // Ensure todo belongs to current user + } + }); if (todo) { res.json(todo); } else { @@ -46,7 +63,7 @@ router.get('/:id', async (req, res) => { } }); -// Update todo +// Update todo (verify ownership) router.put('/:id', async (req, res) => { try { const { name, priority, due_date, completed_at } = req.body; @@ -57,7 +74,13 @@ router.put('/:id', async (req, res) => { }); } - const todo = await Todo.findByPk(req.params.id); + const todo = await Todo.findOne({ + where: { + id: req.params.id, + user_id: req.user.id // Ensure todo belongs to current user + } + }); + if (!todo) { return res.status(404).json({ error: 'Todo not found' }); } @@ -77,10 +100,16 @@ router.put('/:id', async (req, res) => { } }); -// Delete todo +// Delete todo (verify ownership) router.delete('/:id', async (req, res) => { try { - const todo = await Todo.findByPk(req.params.id); + const todo = await Todo.findOne({ + where: { + id: req.params.id, + user_id: req.user.id // Ensure todo belongs to current user + } + }); + if (todo) { await todo.destroy(); res.json({ message: 'Todo deleted successfully' }); diff --git a/server/todos.db b/server/todos.db index e7f09de..8fb7ad4 100644 Binary files a/server/todos.db and b/server/todos.db differ diff --git a/src/App.jsx b/src/App.jsx index e572805..c334f3e 100644 --- a/src/App.jsx +++ b/src/App.jsx @@ -1,17 +1,42 @@ -import './App.css' -import TaskContainer from './components/TaskContainer' -import { Container, Row, Col } from 'react-bootstrap' +import { BrowserRouter as Router, Routes, Route, Navigate } from 'react-router-dom'; +import { useEffect } from 'react'; +import Login from './pages/Login'; +import Register from './pages/Register'; +import Home from './pages/Home'; +import useAuthStore from './stores/authStore'; function App() { + const { user, checkAuth } = useAuthStore(); + + useEffect(() => { + checkAuth(); + }, [checkAuth]); + return ( - - - - - - - - ) + + + : } + /> + : } + /> + + ) : ( + + ) + } + /> + } /> + + + ); } -export default App +export default App; diff --git a/src/App.test.jsx b/src/App.test.jsx index ab378e0..643fbfb 100644 --- a/src/App.test.jsx +++ b/src/App.test.jsx @@ -1,10 +1,73 @@ -import { describe, it, expect } from 'vitest' +import { describe, it, expect, vi } from 'vitest' import { render, screen } from '@testing-library/react' import App from './App' +import useAuthStore from './stores/authStore' + +// Mock react-router-dom with all required components +vi.mock('react-router-dom', async () => { + const actual = await vi.importActual('react-router-dom'); + return { + ...actual, + BrowserRouter: ({ children }) => children, + Routes: ({ children }) => children, + Route: ({ path, element }) => element, + Navigate: ({ to }) => { + return
+ Redirecting to {to} +
; + }, + useNavigate: () => vi.fn(), + Link: ({ children, to }) => {children} + }; +}); + +vi.mock('./stores/authStore') describe('App', () => { - it('should render the TaskContainer', () => { - render(); - expect(screen.getByText('Todo Manager')).toBeInTheDocument(); - }); + const mockUser = { + id: 1, + username: 'testuser' + } + + beforeEach(() => { + vi.clearAllMocks() + useAuthStore.mockReturnValue({ + user: null, + checkAuth: vi.fn() + }) + }) + + it('should show login page when not authenticated', () => { + render() + expect(screen.getByRole('heading', { name: 'Login' })).toBeInTheDocument() + }) + + it('should show tasks when authenticated', () => { + useAuthStore.mockReturnValue({ + user: mockUser, + checkAuth: vi.fn() + }) + render() + expect(screen.getByText('Todo Manager')).toBeInTheDocument() + }) + + it('should redirect authenticated users away from login', () => { + useAuthStore.mockReturnValue({ + user: mockUser, + checkAuth: vi.fn() + }) + render() + + // Get all redirects + const redirects = screen.getAllByTestId('redirect'); + + // Check that we have redirects + expect(redirects.length).toBeGreaterThan(0); + + // Verify at least one redirect is going to /tasks + const tasksRedirect = redirects.some( + element => element.dataset.to === '/tasks' + ); + expect(tasksRedirect).toBe(true); + }) }) diff --git a/src/components/TaskContainer.jsx b/src/components/TaskContainer.jsx index eee8069..6259199 100644 --- a/src/components/TaskContainer.jsx +++ b/src/components/TaskContainer.jsx @@ -1,8 +1,13 @@ import TaskForm from './TaskForm'; import TaskList from './TaskList'; import { Card, Container } from 'react-bootstrap'; +import useAuthStore from '../stores/authStore'; function TaskContainer() { + const { user } = useAuthStore(); + + if (!user) return null; + return ( diff --git a/src/components/TaskForm.jsx b/src/components/TaskForm.jsx index 83ac6d3..bbf3b8e 100644 --- a/src/components/TaskForm.jsx +++ b/src/components/TaskForm.jsx @@ -1,15 +1,19 @@ import { useState } from 'react'; import useTodoStore from '../stores/todoStore'; +import useAuthStore from '../stores/authStore'; import { Form, Button, Row, Col, Spinner, Alert } from 'react-bootstrap'; function TaskForm() { const { addTodo, isLoading, error } = useTodoStore(); + const { user } = useAuthStore(); const [formData, setFormData] = useState({ name: '', priority: 'medium', due_date: new Date().toISOString().split('T')[0] }); + if (!user) return null; + const handleSubmit = (e) => { e.preventDefault(); addTodo({ diff --git a/src/components/TaskList.jsx b/src/components/TaskList.jsx index 811ebe8..8cb3b22 100644 --- a/src/components/TaskList.jsx +++ b/src/components/TaskList.jsx @@ -1,5 +1,6 @@ import { useEffect } from "react"; import useTodoStore from "../stores/todoStore"; +import useAuthStore from "../stores/authStore"; import { Table, Button, Spinner, Alert, Badge } from "react-bootstrap"; import { BsCheckSquare, BsSquare } from "react-icons/bs"; @@ -13,10 +14,25 @@ function TaskList() { completeTodo, incompleteTodo, } = useTodoStore(); + + const { user } = useAuthStore(); useEffect(() => { - fetchTodos(); - }, [fetchTodos]); + if (user) { + fetchTodos(); + } + }, [fetchTodos, user]); + + // Don't render if not authenticated + if (!user) return null; + + if (isLoading) { + return ; + } + + if (error) { + return Error: {error}; + } const getBadgeVariant = (priority) => { switch (priority.toLowerCase()) { @@ -31,22 +47,8 @@ function TaskList() { } }; - if (error) return Error: {error}; - return ( <> - {isLoading && ( - - )} diff --git a/src/components/__tests__/TaskContainer.test.jsx b/src/components/__tests__/TaskContainer.test.jsx index 1b6923a..e465faf 100644 --- a/src/components/__tests__/TaskContainer.test.jsx +++ b/src/components/__tests__/TaskContainer.test.jsx @@ -1,12 +1,39 @@ -import { describe, it, expect } from 'vitest'; +import { describe, it, expect, vi } from 'vitest'; import { render, screen } from '@testing-library/react'; import TaskContainer from '../TaskContainer'; +import useAuthStore from '../../stores/authStore'; + +// Mock the auth store +vi.mock('../../stores/authStore'); describe('TaskContainer', () => { - it('renders TaskForm and TaskList components', () => { + const mockUser = { + id: 1, + username: 'testuser' + }; + + beforeEach(() => { + // Set up authenticated user by default + useAuthStore.mockReturnValue({ + user: mockUser, + checkAuth: vi.fn() + }); + }); + + it('renders TaskForm and TaskList components when authenticated', () => { render(); expect(screen.getByText('Todo Manager')).toBeInTheDocument(); expect(screen.getByPlaceholderText('Task name')).toBeInTheDocument(); expect(screen.getByRole('button', { name: 'Add Task' })).toBeInTheDocument(); }); + + it('does not render components when not authenticated', () => { + useAuthStore.mockReturnValue({ + user: null, + checkAuth: vi.fn() + }); + + const { container } = render(); + expect(container).toBeEmptyDOMElement(); + }); }); \ No newline at end of file diff --git a/src/components/__tests__/TaskForm.test.jsx b/src/components/__tests__/TaskForm.test.jsx index f2c1788..b807437 100644 --- a/src/components/__tests__/TaskForm.test.jsx +++ b/src/components/__tests__/TaskForm.test.jsx @@ -2,11 +2,17 @@ import { describe, it, expect, vi } from 'vitest'; import { render, screen, fireEvent } from '@testing-library/react'; import TaskForm from '../TaskForm'; import useTodoStore from '../../stores/todoStore'; +import useAuthStore from '../../stores/authStore'; vi.mock('../../stores/todoStore'); +vi.mock('../../stores/authStore'); describe('TaskForm Component', () => { - // Create a complete mock store object + const mockUser = { + id: 1, + username: 'testuser' + }; + const mockStore = { addTodo: vi.fn(), isLoading: false, @@ -16,6 +22,7 @@ describe('TaskForm Component', () => { beforeEach(() => { vi.clearAllMocks(); useTodoStore.mockReturnValue(mockStore); + useAuthStore.mockReturnValue({ user: mockUser }); }); it('should render form with all inputs', () => { @@ -103,4 +110,10 @@ describe('TaskForm Component', () => { render(); expect(screen.getByText('Error: Test error')).toBeInTheDocument(); }); + + it('should not render form when user is not authenticated', () => { + useAuthStore.mockReturnValue({ user: null }); + render(); + expect(screen.queryByRole('form')).not.toBeInTheDocument(); + }); }); \ No newline at end of file diff --git a/src/components/__tests__/TaskList.test.jsx b/src/components/__tests__/TaskList.test.jsx index 8cf1f65..774198f 100644 --- a/src/components/__tests__/TaskList.test.jsx +++ b/src/components/__tests__/TaskList.test.jsx @@ -2,24 +2,33 @@ import { describe, it, expect, vi } from 'vitest'; import { render, screen, fireEvent } from '@testing-library/react'; import TaskList from '../TaskList'; import useTodoStore from '../../stores/todoStore'; +import useAuthStore from '../../stores/authStore'; vi.mock('../../stores/todoStore'); +vi.mock('../../stores/authStore'); describe('TaskList', () => { + const mockUser = { + id: 1, + username: 'testuser' + }; + const mockTodos = [ { id: 1, - name: 'Test Todo', + name: 'High Priority Task', priority: 'high', completed_at: null, - due_date: '2024-03-25' + due_date: '2024-03-25', + user_id: 1 }, { id: 2, - name: 'Completed Todo', + name: 'Low Priority Task', priority: 'low', completed_at: '2024-03-19', - due_date: '2024-03-20' + due_date: '2024-03-20', + user_id: 1 } ]; @@ -36,51 +45,45 @@ describe('TaskList', () => { beforeEach(() => { vi.clearAllMocks(); useTodoStore.mockReturnValue(mockStore); + useAuthStore.mockReturnValue({ user: mockUser }); }); - it('renders table with correct headers', () => { - render(); - expect(screen.getByText('Due Date')).toBeInTheDocument(); - expect(screen.getByText('Title')).toBeInTheDocument(); - expect(screen.getByText('Priority')).toBeInTheDocument(); - expect(screen.getByText('Action')).toBeInTheDocument(); - }); - - it('renders todo items with due dates', () => { - render(); - // Use a regex to match the date format - expect(screen.getByText(/3\/25\/2024|3\/24\/2024/)).toBeInTheDocument(); - expect(screen.getByText(/3\/20\/2024|3\/19\/2024/)).toBeInTheDocument(); + it('should not render tasks when user is not authenticated', () => { + useAuthStore.mockReturnValue({ user: null }); + const { container } = render(); + expect(container).toBeEmptyDOMElement(); }); - it('applies correct styling for completed todos', () => { - render(); - const completedRow = screen.getByText('Completed Todo').closest('tr'); - expect(completedRow).toHaveClass('table-success'); - }); - - it('toggles todo completion status', () => { + it('renders todo items with correct badge colors based on priority', () => { render(); - // Complete an incomplete todo - const completeButton = screen.getByLabelText('Mark complete'); - fireEvent.click(completeButton); - expect(mockStore.completeTodo).toHaveBeenCalledWith(1); + // Check for high priority badge + const highPriorityBadge = screen.getByText('High').closest('.badge'); + expect(highPriorityBadge).toHaveClass('bg-danger'); - // Incomplete a completed todo - const incompleteButton = screen.getByLabelText('Mark incomplete'); - fireEvent.click(incompleteButton); - expect(mockStore.incompleteTodo).toHaveBeenCalledWith(2); + // Check for low priority badge + const lowPriorityBadge = screen.getByText('Low').closest('.badge'); + expect(lowPriorityBadge).toHaveClass('bg-success'); }); - it('shows correct completion icons', () => { + it('shows completion status correctly', () => { render(); + + // Check incomplete task expect(screen.getByLabelText('Mark complete')).toBeInTheDocument(); + + // Check completed task expect(screen.getByLabelText('Mark incomplete')).toBeInTheDocument(); }); - it('handles delete action', () => { + it('handles todo actions', () => { render(); + + // Test complete action + fireEvent.click(screen.getByLabelText('Mark complete')); + expect(mockStore.completeTodo).toHaveBeenCalledWith(1); + + // Test delete action const deleteButtons = screen.getAllByText('Delete'); fireEvent.click(deleteButtons[0]); expect(mockStore.deleteTodo).toHaveBeenCalledWith(1); @@ -98,20 +101,11 @@ describe('TaskList', () => { }); it('shows error message when there is an error', () => { - useTodoStore.mockReturnValue({ ...mockStore, error: 'Failed to load todos' }); + useTodoStore.mockReturnValue({ + ...mockStore, + error: 'Failed to load todos' + }); render(); expect(screen.getByText('Error: Failed to load todos')).toBeInTheDocument(); }); - - it('renders todo items with correct badge colors based on priority', () => { - render(); - - // Check for the badge of the high priority task - const highPriorityBadge = screen.getByText('Test Todo').closest('tr').querySelector('td:nth-child(4) .badge'); - expect(highPriorityBadge).toHaveClass('bg-danger'); // Check if the badge has the correct class for high priority - - // Check for the badge of the low priority task - const lowPriorityBadge = screen.getByText('Completed Todo').closest('tr').querySelector('td:nth-child(4) .badge'); - expect(lowPriorityBadge).toHaveClass('bg-success'); // Check if the badge has the correct class for low priority - }); }); \ No newline at end of file diff --git a/src/components/auth/AuthContainer.jsx b/src/components/auth/AuthContainer.jsx new file mode 100644 index 0000000..279d029 --- /dev/null +++ b/src/components/auth/AuthContainer.jsx @@ -0,0 +1,53 @@ +import { useEffect } from 'react'; +import { Card, Container, Row, Col, Button } from 'react-bootstrap'; +import useAuthStore from '../../stores/authStore'; +import LoginForm from './LoginForm'; +import RegisterForm from './RegisterForm'; + +function AuthContainer() { + const { user, logout, checkAuth } = useAuthStore(); + + useEffect(() => { + checkAuth(); + }, [checkAuth]); + + if (user) { + return ( +
+ Welcome, {user.username}! + +
+ ); + } + + return ( + + + + + +

Login

+ + + + + + + + + +

Register

+ + + + + + + + + ); +} + +export default AuthContainer; \ No newline at end of file diff --git a/src/components/auth/LoginForm.jsx b/src/components/auth/LoginForm.jsx new file mode 100644 index 0000000..a4b11a8 --- /dev/null +++ b/src/components/auth/LoginForm.jsx @@ -0,0 +1,55 @@ +import { useState } from 'react'; +import { Form, Button, Alert } from 'react-bootstrap'; +import useAuthStore from '../../stores/authStore'; + +function LoginForm() { + const { login, isLoading, error } = useAuthStore(); + const [credentials, setCredentials] = useState({ + username: '', + password: '' + }); + + const handleSubmit = async (e) => { + e.preventDefault(); + await login(credentials.username, credentials.password); + }; + + const handleChange = (e) => { + const { name, value } = e.target; + setCredentials(prev => ({ + ...prev, + [name]: value + })); + }; + + return ( + + {error && {error}} + + Username + + + + Password + + + + + ); +} + +export default LoginForm; \ No newline at end of file diff --git a/src/components/auth/RegisterForm.jsx b/src/components/auth/RegisterForm.jsx new file mode 100644 index 0000000..167d4a5 --- /dev/null +++ b/src/components/auth/RegisterForm.jsx @@ -0,0 +1,69 @@ +import { useState } from 'react'; +import { Form, Button, Alert } from 'react-bootstrap'; +import useAuthStore from '../../stores/authStore'; + +function RegisterForm() { + const { register, isLoading, error } = useAuthStore(); + const [credentials, setCredentials] = useState({ + username: '', + password: '', + confirmPassword: '' + }); + + const handleSubmit = async (e) => { + e.preventDefault(); + if (credentials.password !== credentials.confirmPassword) { + return; // Add error handling for password mismatch + } + await register(credentials.username, credentials.password); + }; + + const handleChange = (e) => { + const { name, value } = e.target; + setCredentials(prev => ({ + ...prev, + [name]: value + })); + }; + + return ( + + {error && {error}} + + Username + + + + Password + + + + Confirm Password + + + + + ); +} + +export default RegisterForm; \ No newline at end of file diff --git a/src/pages/Home.jsx b/src/pages/Home.jsx new file mode 100644 index 0000000..44dd0d0 --- /dev/null +++ b/src/pages/Home.jsx @@ -0,0 +1,25 @@ +import { Container, Row, Col } from 'react-bootstrap'; +import TaskContainer from '../components/TaskContainer'; +import useAuthStore from '../stores/authStore'; + +function Home() { + const { user, logout } = useAuthStore(); + + return ( + + + +
+ Welcome, {user?.username}! + +
+ + + + + ); +} + +export default Home; \ No newline at end of file diff --git a/src/pages/Login.jsx b/src/pages/Login.jsx new file mode 100644 index 0000000..38ba08c --- /dev/null +++ b/src/pages/Login.jsx @@ -0,0 +1,38 @@ +import { useEffect } from 'react'; +import { Container, Row, Col, Card } from 'react-bootstrap'; +import { useNavigate, Link } from 'react-router-dom'; +import LoginForm from '../components/auth/LoginForm'; +import useAuthStore from '../stores/authStore'; + +function Login() { + const { user } = useAuthStore(); + const navigate = useNavigate(); + + useEffect(() => { + if (user) { + navigate('/tasks'); + } + }, [user, navigate]); + + return ( + + + + + +

Login

+ + + +
+ Don't have an account? Register here +
+ + + + + + ); +} + +export default Login; \ No newline at end of file diff --git a/src/pages/Register.jsx b/src/pages/Register.jsx new file mode 100644 index 0000000..93d221b --- /dev/null +++ b/src/pages/Register.jsx @@ -0,0 +1,38 @@ +import { useEffect } from 'react'; +import { Container, Row, Col, Card } from 'react-bootstrap'; +import { useNavigate, Link } from 'react-router-dom'; +import RegisterForm from '../components/auth/RegisterForm'; +import useAuthStore from '../stores/authStore'; + +function Register() { + const { user } = useAuthStore(); + const navigate = useNavigate(); + + useEffect(() => { + if (user) { + navigate('/tasks'); + } + }, [user, navigate]); + + return ( + + + + + +

Register

+ + + +
+ Already have an account? Login here +
+ + + + + + ); +} + +export default Register; \ No newline at end of file diff --git a/src/stores/authStore.js b/src/stores/authStore.js new file mode 100644 index 0000000..7d4af2c --- /dev/null +++ b/src/stores/authStore.js @@ -0,0 +1,64 @@ +import { create } from "zustand"; +import axios from "../config/axios"; + +const useAuthStore = create((set) => ({ + user: null, + isLoading: false, + error: null, + + register: async (username, password) => { + set({ isLoading: true, error: null }); + try { + const response = await axios.post("/api/users/register", { + username, + password, + }); + set({ user: response.data, isLoading: false }); + } catch (error) { + set({ + error: error.response?.data?.error || "Registration failed", + isLoading: false, + }); + } + }, + + login: async (username, password) => { + set({ isLoading: true, error: null }); + try { + const response = await axios.post("/api/users/login", { + username, + password, + }); + set({ user: response.data, isLoading: false }); + } catch (error) { + set({ + error: error.response?.data?.error || "Login failed", + isLoading: false, + }); + } + }, + + logout: async () => { + set({ isLoading: true, error: null }); + try { + await axios.post("/api/users/logout"); + set({ user: null, isLoading: false }); + } catch (error) { + set({ + error: error.response?.data?.error || "Logout failed", + isLoading: false, + }); + } + }, + + checkAuth: async () => { + try { + const response = await axios.get("/api/users/current"); + set({ user: response.data }); + } catch (error) { + set({ user: null }); + } + }, +})); + +export default useAuthStore; \ No newline at end of file