Bumped node to version 16 LTS

This should make it easier to set time zones and enable database logging.

Related to krgamestudios/MERN-template#16

.dockerignore

@@ -0,0 +1,10 @@
+.git*
+
+tools*
+mysql*
+letsencrypt*
+test*
+
+.env*
+.github*
+LICENSE*

.envdev

@@ -3,9 +3,16 @@ WEB_PORT=3100
 DB_HOSTNAME=database
 DB_DATABASE=news
 DB_USERNAME=news
-DB_PASSWORD=charizard
+DB_PASSWORD=venusaur
+
+# Select a "TZ database name" that suits your needs: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
 DB_TIMEZONE=Australia/Sydney
 
-QUERY_LIMIT=10
+# Give this any value to enable database logging (such as "true")
+DB_LOGGING=
 
-SECRET_ACCESS=access
+# Make sure this value matches the system that you connect to
+SECRET_ACCESS=access
+
+# Select the default number of articles returned by a GET request
+QUERY_LIMIT=10

Dockerfile

@@ -1,19 +1,10 @@
-FROM node:15
 
-# Change working directory
+FROM node:16
 WORKDIR "/app"
-
-# Copy package.json and package-lock.json
 COPY package*.json ./
-
-# Install npm production packages 
 RUN npm install --production
-
 COPY . /app
-
 EXPOSE 3100
-
 USER node
-
 ENTRYPOINT ["bash", "-c"]
 CMD ["sleep 10 && npm start"]

README.md

@@ -4,12 +4,12 @@ An API centric news server. Uses Sequelize and mariaDB by default.
 
 # Setup
 
-There are multiple ways to run this app - it can run on it's own via `npm start` (for production) or `npm run dev` (for development). it can also run inside docker using `docker-compose up --build` - run `node configure-script.js` to generate docker-compose.yml.
+There are multiple ways to run this app - it can run on it's own via `npm start` (for production) or `npm run dev` (for development). it can also run inside docker using `docker-compose up --build` - run `node configure-script.js` to generate docker-compose.yml and startup.sql.
 
-To generate an authorization token, use [auth-server](https://github.com/krgamestudios/auth-server). A public-facing development auth-server is available here (tokens are 10 minutes):
+To generate an authorization token, use [auth-server](https://github.com/krgamestudios/auth-server). A public-facing development auth-server is available here (tokens are valid for 10 minutes):
 
 ```
-POST https://dev-auth.eggtrainer.com/auth/login HTTP/1.1
+POST https://dev-auth.krgamestudios.com/auth/login HTTP/1.1
 Content-Type: application/json
 
 {
@@ -25,13 +25,21 @@ Content-Type: application/json
 //NOTE: you can add a "limit" query parameter to change the default limit
 GET /news?limit=10
 
-//get latest news, up to a default limit, or specify the index "id"
+
+###
+
+
+//DOCS: get latest news, up to a default limit, or specify the index "id"
 GET /news/:id
 
-//get the news starting from the beginning, up to a default limit, or specify the index "id"
+
+###
+
+
+//DOCS: get the news starting from the beginning, up to a default limit, or specify the index "id"
 GET /news/archive/:id
 
-//result (if only a single article is specified, returns just that article rather than an array):
+//DOCS: result (if only a single article is specified, returns just that article rather than an array):
 [
 	{
 		"index": index,			//absolute index of the result
@@ -45,13 +53,21 @@ GET /news/archive/:id
 	...
 ]
 
-//get the latest metadata, up to a default limit, or specify the index "id"
+
+###
+
+
+//DOCS: get the latest metadata, up to a default limit, or specify the index "id"
 GET /news/metadata/:id
 
-//get the metadata starting from the beginning, up to a default limit, or specify the index "id"
+
+###
+
+
+//DOCS: get the metadata starting from the beginning, up to a default limit, or specify the index "id"
 GET /news/archive/metadata/:id
 
-//result (if only a single article is specified, returns just that article rather than an array):
+//DOCS: result (if only a single article is specified, returns just that article rather than an array):
 [
 	{
 		"index": index,			//absolute index of the result
@@ -64,38 +80,51 @@ GET /news/archive/metadata/:id
 	...
 ]
 
-//send a formatted JSON object, returns new index on success, or error on failure
+
+###
+
+
+//DOCS: send a formatted JSON object, returns new index on success, or error on failure
 POST /news
 Authorization: Bearer XXX
 
-//arguments:
 {
 	"title": title		//title of the article
 	"author": author	//author of the article
 	"body": body		//body of the article
 }
 
-//result (status 200 on success, otherwise an error status):
+//DOCS: result (status 200 on success, otherwise an error status):
 {
 	"index": index		//new index of the article
 }
 
-//similar to `POST /news`, but allows overwriting an existing article
+
+###
+
+
+//DOCS: similar to `POST /news`, but allows overwriting an existing article
 PATCH /news/:id
 Authorization: Bearer XXX
 
-//arguments:
 {
 	"title": title		//title of the article, optional
 	"author": author	//author of the article, optional
 	"body": body		//body of the article, optional
 }
 
-status 200 on success, otherwise an error status
+//DOCS: result: status 200 on success, otherwise an error status
 
-//remove an article from the news feed
+
+###
+
+
+//DOCS: remove an article from the news feed
 DELETE /news/:id
 Authorization: Bearer XXX
 
-status 200 on success, otherwise an error status
+//DOCS: result: status 200 on success, otherwise an error status
+
+
+###
 ```

configure-script.js

@@ -109,7 +109,7 @@ networks:
 `;
 
 	const dockerfile = `
-FROM node:15
+FROM node:16
 WORKDIR "/app"
 COPY package*.json ./
 RUN npm install --production
@@ -123,7 +123,7 @@ CMD ["sleep 10 && npm start"]
 	const sqlfile = `
 CREATE DATABASE IF NOT EXISTS ${appName};
 CREATE USER IF NOT EXISTS '${appDBUser}'@'%' IDENTIFIED BY '${appDBPass}';
-GRANT ALL PRIVILEGES ON ${appName}.* TO '${appDBUser}'@'%';	
+GRANT ALL PRIVILEGES ON ${appName}.* TO '${appDBUser}'@'%';
 `;
 
 	fs.writeFileSync('docker-compose.yml', ymlfile);

package.json

@@ -1,6 +1,6 @@
 {
   "name": "news-server",
-  "version": "1.0.0",
+  "version": "1.2.3",
   "description": "An API centric news server. Uses Sequelize and mariaDB by default.",
   "main": "server/server.js",
   "scripts": {
@@ -19,15 +19,14 @@
   },
   "homepage": "https://github.com/krgamestudios/news-server#readme",
   "dependencies": {
-    "body-parser": "^1.19.0",
     "cors": "^2.8.5",
-    "dotenv": "^8.2.0",
+    "dotenv": "^8.6.0",
     "express": "^4.17.1",
     "jsonwebtoken": "^8.5.1",
-    "mariadb": "^2.5.2",
-    "sequelize": "^6.5.0"
+    "mariadb": "^2.5.4",
+    "sequelize": "^6.6.5"
   },
   "devDependencies": {
-    "nodemon": "^2.0.7"
+    "nodemon": "^2.0.12"
   }
 }

server/database/index.js

@@ -4,7 +4,7 @@ const sequelize = new Sequelize(process.env.DB_DATABASE, process.env.DB_USERNAME
 	host: process.env.DB_HOSTNAME,
 	dialect: 'mariadb',
 	timezone: process.env.DB_TIMEZONE,
-	logging: false
+	logging: process.env.DB_LOGGING ? console.log : false
 });
 
 module.exports = sequelize;

server/news/edit.js

@@ -25,9 +25,9 @@ const route = async (req, res) => {
 
 	//update the data
 	await articles.update({
-		title: req.body.title,
-		author: req.body.author,
-		body: req.body.body,
+		title: req.body.title || record.title,
+		author: req.body.author || record.author,
+		body: req.body.body || record.body,
 		edits: record.edits + 1
 	}, {
 		where: {

server/news/index.js

@@ -23,7 +23,7 @@ router.get('/archive/metadata/:id(\\d+)', query(true, true));
 //use middleware to authenticate the rest of the routes
 router.use(authToken);
 router.use((req, res, next) => {
-	if (req.user.privilege == 'administrator') {
+	if (req.user.admin) {
 		next();
 	} else {
 		res.status(403).end();

server/news/publish.js

@@ -1,6 +1,19 @@
 const { articles } = require('../database/models');
 
 const route = async (req, res) => {
+	//check for missing data
+	if (!req.body.title) {
+		return res.status(401).end("Missing title");
+	}
+
+	if (!req.body.author) {
+		return res.status(401).end("Missing author");
+	}
+
+	if (!req.body.body) {
+		return res.status(401).end("Missing body");
+	}
+
 	//upsert the data
 	const [instance, created] = await articles.upsert({
 		title: req.body.title,

server/server.js

@@ -5,11 +5,10 @@ require('dotenv').config();
 const express = require('express');
 const app = express();
 const server = require('http').Server(app);
-const bodyParser = require('body-parser');
 const cors = require('cors');
 
 //config
-app.use(bodyParser.json());
+app.use(express.json());
 app.use(cors());
 
 //database connection

test/dev-news-requests.rest

@@ -0,0 +1,33 @@
+#Query
+GET https://dev-news.eggtrainer.com/news HTTP/1.1
+
+###
+
+#Publish
+POST https://dev-news.eggtrainer.com/news HTTP/1.1
+Content-Type: application/json
+Authorization: Bearer
+
+{
+	"title": "Hello World",
+	"author": "Kayne Ruse",
+	"body": "Lorem ipsum."
+}
+
+###
+
+#Edit
+PATCH https://dev-news.eggtrainer.com/news/1 HTTP/1.1
+Content-Type: application/json
+Authorization: Bearer
+
+{
+	"title": "Goodnight World"
+}
+
+###
+
+#Delete
+DELETE https://dev-news.eggtrainer.com/news/1 HTTP/1.1
+Content-Type: application/json
+Authorization: Bearer