/movies-service-with-auth

Repository for Node.js department's recruitment process.

Primary LanguageTypeScript

movies service with auth

Recruitment assignment for the NodeJS Developer in Netguru.

Prerequisites

You need to have docker and docker-compose installed on your computer to run the service

Run locally

  1. Clone this repository
  2. Build images from root dir
JWT_SECRET= DB_PASSWORD= DB_USER= DB_NAME= OMDB_API_URL= OMDB_API_KEY= docker-compose build
  1. Run containers from root dir
JWT_SECRET= DB_PASSWORD= DB_USER= DB_NAME= OMDB_API_URL= OMDB_API_KEY= docker-compose up

Example of environments variables are presented below. Please note, that the api keys may not work in the future.

JWT_SECRET=secret DB_PASSWORD=password DB_USER=user DB_NAME=movies OMDB_API_URL=http://www.omdbapi.com/ OMDB_API_KEY=21c79936 docker-compose build

JWT_SECRET=secret DB_PASSWORD=password DB_USER=user DB_NAME=movies OMDB_API_URL=http://www.omdbapi.com/ OMDB_API_KEY=21c79936 docker-compose up

Optionally you can pass -d param to run services in the background.

By default the movies service will start on port 3000 and auth service will start on port 3001.

To stop the authorization service, press ctrl + c or run

docker-compose down

if docker is running in the background.

Users

The auth service defines two user accounts that you should use

  1. Basic user
 username: 'basic-thomas'
 password: 'sR-_pcoow-27-6PAwCD8'
  1. Premium user
username: 'premium-jim'
password: 'GBLtTyq3E_UNjFnpo9m6'

Example request to auth service

To authorize user call the auth service using for example curl. The auth service is running on port 3001 by default.

Request

curl --location --request POST '0.0.0.0:3001/auth' \
--header 'Content-Type: application/json' \
--data-raw '{
    "username": "basic-thomas",
    "password": "sR-_pcoow-27-6PAwCD8"
}'

Response

{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjEyMywibmFtZSI6IkJhc2ljIFRob21hcyIsInJvbGUiOiJiYXNpYyIsImlhdCI6MTYwNjIyMTgzOCwiZXhwIjoxNjA2MjIzNjM4LCJpc3MiOiJodHRwczovL3d3dy5uZXRndXJ1LmNvbS8iLCJzdWIiOiIxMjMifQ.KjZ3zZM1lZa1SB8U-W65oQApSiC70ePdkQ7LbAhpUQg"
}

Example requests to movies service

To create a new movie call the movies service with POST /movies request:

curl --location --request POST '0.0.0.0:3000/movies' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjEyMywibmFtZSI6IkJhc2ljIFRob21hcyIsInJvbGUiOiJiYXNpYyIsImlhdCI6MTYwNjIyMTgzOCwiZXhwIjoxNjA2MjIzNjM4LCJpc3MiOiJodHRwczovL3d3dy5uZXRndXJ1LmNvbS8iLCJzdWIiOiIxMjMifQ.KjZ3zZM1lZa1SB8U-W65oQApSiC70ePdkQ7LbAhpUQg' \
--data-raw '{
    "title": "Godfather",
}'

Response:

{
  "id": 1,
  "title": "The Godfather",
  "released": "24 Mar 1972",
  "genre": "Crime, Drama",
  "directory": "Francis Ford Coppola",
  "createdAt": "2021-03-16T16:11:23.071Z",
  "modifiedAt": null
}

Basic users can only create up to 5 movies per month. After using up the limit, the API returns 403 response:

{ "status": 403, "error": "Credit limit has been used up" }

To get all of the movies created by user call the movies service with GET /movies request:

curl --location --request GET '0.0.0.0:3000/movies' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjEyMywibmFtZSI6IkJhc2ljIFRob21hcyIsInJvbGUiOiJiYXNpYyIsImlhdCI6MTYwNjIyMTgzOCwiZXhwIjoxNjA2MjIzNjM4LCJpc3MiOiJodHRwczovL3d3dy5uZXRndXJ1LmNvbS8iLCJzdWIiOiIxMjMifQ.KjZ3zZM1lZa1SB8U-W65oQApSiC70ePdkQ7LbAhpUQg'

Response:

[
  {
    "id": 1,
    "title": "The Godfather",
    "released": "24 Mar 1972",
    "genre": "Crime, Drama",
    "directory": "Francis Ford Coppola",
    "createdAt": "2021-03-16T16:11:23.071Z",
    "modifiedAt": null
  }
]

Please note that creating and fetching movies data is protected and Authorization token is required.

Documentation

The documentation is autogenerated with Swagger and it is available under the http://localhost:3000/api endpoint.

Swagger Docs

Architecture

The auth service and the movies service are two different applications stored in the monorepo. The communicate with each other by HTTP protocol. They can have different deployments, release cycles etc.

Architecture

Stack

Technologies used for the movies service:

  • NestJS
  • Prisma
  • Postgresql
  • Typescript
  • Docker
  • Jest (unit testing) and Supertest (e2e testing)

Things I would have done differently if that was real production project

  • Share typings between services (for example interface for User)
  • Create docker environment for development which autodetects changes in files
  • Write more tests which would cover negative responses
  • Create some cron task for deleting old record from credits table (only if we would not care for the usage statistcs from previous periods)
  • Executing e2e test on CI workflow - the database is needed for that, not sure how to end docker-compose in workflow so it won't run the database service forever