Lots of updates! Working in local dev... not sure about staging yet...

Reviewed-on: #3

.drone.yml

@@ -60,6 +60,7 @@ steps:
 trigger:
   branch:
   - main
+  - develop
   event:
   - pull_request
 
@@ -155,6 +156,9 @@ name: Deploy Pipeline
 workspace:
   path: /drone/grow
 
+clone:
+  disable: true
+
 steps:
 - name: Deploy Container
   image: docker
@@ -165,10 +169,10 @@ steps:
     ROUTE_PREFIX: /auth
     PORT: 9001
   commands:
-    - docker compose -f docker-compose.staging.yml pull
+    - docker compose -f docker-compose.staging-image.yml pull
-    - docker compose -f docker-compose.staging.yml build --no-cache
+    - docker compose -f docker-compose.staging-image.yml build --no-cache
-    - docker compose -f docker-compose.staging.yml rm --stop
+    - docker compose -f docker-compose.staging-image.yml rm --stop
-    - docker compose -f docker-compose.staging.yml up --wait
+    - docker compose -f docker-compose.staging-image.yml up --wait
   volumes:
   - name: env-secrets
     path: /drone/grow/staging.env

.env.dev

@@ -27,3 +27,5 @@ RESET_VALID_MINUTES=15
 DEFAULT_TOKEN_DAYS=1
 
 CONTAINER_PREFIX=dev
+SERVICE_NAME=auth-service
+ENV=development

Dockerfile

@@ -1,4 +1,5 @@
 FROM node:20-alpine AS build
+ENV NODE_ENV development
 WORKDIR /home/node/app
 COPY package*.json ./
 COPY tsconfig.json ./
@@ -14,5 +15,5 @@ WORKDIR /home/node/app
 COPY package*.json ./
 RUN yarn install --frozen-lockfile --production
 COPY --from=0 /home/node/app/dist .
-EXPOSE ${PORT}
+EXPOSE ${PORT:-9001}
 CMD ["node","server/index.js"]

docker-compose.dev.yml

@@ -3,16 +3,13 @@ version: '3.8'
 services:
     auth-service_mongo:
         env_file: .env.dev
-        build:
-            args:
-              - CONTAINER_PREFIX=${CONTAINER_PREFIX}
         container_name: ${CONTAINER_PREFIX:-dev}-auth-service_mongo
         ports:
             - 27017:27017
         networks:
-            - labs-net
+            - backend
         volumes:
-            - /var/tmp/labs:/data/db
+            - auth-db:/data
             - ./mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
         restart: unless-stopped
         image: mongo:latest
@@ -21,10 +18,8 @@ services:
         build:
             context: .
             args:
-              - HOST=${HOST}
+              - PORT
-              - PORT=${PORT}
+              - ENV
-              - ROUTE_PREFIX=${ROUTE_PREFIX}
-              - CONTAINER_PREFIX=${CONTAINER_PREFIX}
         container_name: ${CONTAINER_PREFIX:-dev}-auth-service
         ports:
             - 9001:9001
@@ -32,6 +27,7 @@ services:
             - DB_HOST=${CONTAINER_PREFIX:-dev}-auth-service_mongo
         networks:
             - labs-net
+            - backend
         restart: unless-stopped
         image: node:20-alpine
         depends_on:
@@ -39,3 +35,7 @@ services:
 networks:
     labs-net:
         name: labs-net
+
+volumes:
+    auth-db:
+        external: true

docker-compose.staging-build.yml

@@ -0,0 +1,47 @@
+version: '3.8'
+
+services:
+    auth-service_mongo:
+        container_name: ${CONTAINER_PREFIX:-staging}-auth-service_mongo
+        env_file:
+            - staging.env
+        networks:
+            - docknet
+        volumes:
+            - 'auth-db:/data'
+            - './mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro'
+        restart: unless-stopped
+        image: mongo:latest
+    auth-service:
+        env_file:
+            - staging.env
+        build:
+            context: .
+            args:
+              - PORT
+              - ENV
+        container_name: ${CONTAINER_PREFIX:-staging}-auth-service
+        environment:
+            - DB_HOST=${CONTAINER_PREFIX:-staging}-auth-service_mongo
+        labels:
+            - 'traefik.enable=true'
+            - 'traefik.http.routers.grow.rule=Host(`${HOST}`) && Path(`${ROUTE_PREFIX}`)'
+            - 'traefik.http.routers.grow.entrypoints=websecure'
+            - 'traefik.http.routers.grow.tls=true'
+            - 'traefik.http.routers.grow.tls.certresolver=letsencrypt'
+            - 'traefik.http.routers.grow.service=grow-service'
+            - 'traefik.http.services.grow-service.loadbalancer.server.port=${PORT}'
+        networks:
+            - docknet
+        restart: unless-stopped
+        image: node:20-alpine
+        depends_on:
+            - auth-service_mongo
+networks:
+    docknet:
+        name: docknet
+        external: true
+
+volumes:
+    auth-db:
+        external: false

docker-compose.staging-image.yml

@@ -2,23 +2,22 @@ version: '3.8'
 
 services:
     auth-service_mongo:
-        container_name: ${CONTAINER_PREFIX}-auth-service_mongo
+        container_name: ${CONTAINER_PREFIX:-staging}-auth-service_mongo
         env_file:
             - staging.env
         networks:
             - docknet
         volumes:
-            - '/volume1/docker/labs/auth/mongo:/data/db'
+            - auth-db:/data
-            # - ./mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
+            - ./mongo-init.js:/docker-entrypoint-initdb.d/mongo-init.js:ro
         restart: unless-stopped
         image: mongo:latest
     auth-service:
         env_file:
             - staging.env
-        build: .
+        container_name: ${CONTAINER_PREFIX:-staging}-auth-service
-        container_name: ${CONTAINER_PREFIX}-auth-service
         environment:
-            - DB_HOST=${CONTAINER_PREFIX}-auth-service_mongo
+            - DB_HOST=${CONTAINER_PREFIX:-staging}-auth-service_mongo
         labels:
             - 'traefik.enable=true'
             - 'traefik.http.routers.grow.rule=Host(`${HOST}`) && Path(`${ROUTE_PREFIX}`)'
@@ -30,10 +29,15 @@ services:
         networks:
             - docknet
         restart: unless-stopped
-        image: node:20-alpine
+        image: git.mifi.dev/mifi/mifi/auth:latest
         depends_on:
             - auth-service_mongo
+
 networks:
     docknet:
         name: docknet
-        external: true
+        external: true
+
+volumes:
+    auth-db:
+        external: false

lib/constants/db.ts

@@ -1,5 +1,5 @@
-export const DB_HOST = process.env.DB_HOST || 'not_set';
+export const DB_HOST = process.env.DB_HOST;
 export const DB_PORT = process.env.DB_PORT || 27017;
-export const DB_USERNAME = process.env.DB_USERNAME || 'not_set';
+export const DB_USERNAME = process.env.DB_USERNAME;
-export const DB_PASSWORD = process.env.DB_PASSWORD || 'not_set';
+export const DB_PASSWORD = process.env.DB_PASSWORD;
-export const DB_NAME = process.env.DB_NAME || 'not_set';
+export const DB_NAME = process.env.DB_NAME;

lib/server/controllers/auth.ts

@@ -7,6 +7,7 @@ import Auth from '../../db/model/auth';
 import { sign } from '../../utils/jwt';
 import passport from '../passport';
 import { ErrorCodes, getErrorBody } from '../../constants/errors';
+import { authenticated } from '../middleware/authenication';
 
 const routerOpts: Router.IRouterOptions = { prefix };
 const router: Router = new Router(routerOpts);
@@ -43,7 +44,10 @@ router.post(process.env.RESET_ROUTE || RESET_ROUTE, async (ctx, next) => {
     ctx.body = { success: false, ...getErrorBody(ErrorCodes.RESET_REQUEST_DATA) };
 });
 
-router.patch('/:record', (ctx: Koa.Context) => {
+router.patch('/:record', authenticated(), (ctx: Koa.Context) => {
+    if (ctx.user !== ctx.param.record) {
+        ctx.throw(StatusCodes.UNAUTHORIZED);
+    }
     const data = Auth.findOneAndUpdate({ record: ctx.params.record });
     if (!data) {
         ctx.throw(StatusCodes.NOT_FOUND);

lib/server/index.ts

@@ -5,7 +5,7 @@ import { PORT } from '../constants/env';
 connection.then(
     () => {
         app.listen(PORT);
-        console.log('LISTENING', process.env);
+        console.debug('Server up and listening', { env: process.env });
     },
-    (err) => console.error('SERVER ERROR!', { err, env: process.env }),
+    (err) => console.error('Could not reach database', { err, env: process.env }),
 );

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mifi/auth",
-  "version": "0.0.36",
+  "version": "0.0.38",
   "author": "mifi (Mike Fitzpatrick)",
   "license": "MIT",
   "scripts": {