Move LoginRoutes from /app to /api

packages/server/src/application/Application.ts

@@ -12,7 +12,7 @@ import {ILogger} from '../logger/ILogger'
 import {IRoutes} from '@rondo/common'
 import {ITransactionManager} from '../database/ITransactionManager'
 import {loggerFactory, LoggerFactory} from '../logger/LoggerFactory'
-import {urlencoded, json} from 'body-parser'
+import {json} from 'body-parser'
 
 export class Application implements IApplication {
   readonly transactionManager: ITransactionManager
@@ -63,32 +63,29 @@ export class Application implements IApplication {
     const {transactionManager} = this
     const apiLogger = this.getApiLogger()
 
-    router.use('/app', urlencoded({ extended: false }))
-
     router.use(new middleware.SessionMiddleware({
       transactionManager,
       baseUrl: this.config.app.baseUrl,
       sessionName: this.config.app.session.name,
       sessionSecret: this.config.app.session.secret,
     }).handle)
+    router.use(new middleware.RequestLogger(apiLogger).handle)
+    router.use(json())
     router.use(middleware.csrf)
     router.use(new middleware.Transaction(this.database.namespace).handle)
-    router.use(new middleware.RequestLogger(apiLogger).handle)
 
     router.use(this.authenticator.handle)
   }
 
   protected configureRouter(router: express.Router) {
     // TODO use /api for LoginRoutes
-    router.use('/app', new routes.LoginRoutes(
+    router.use('/app', routes.application)
+
+    router.use('/api', new routes.LoginRoutes(
       this.userService,
       this.authenticator,
       this.createTransactionalRouter(),
     ).handle)
-    router.use('/app', routes.application)
-
-    router.use('/api', json())
-
     router.use('/api', new routes.UserRoutes(
       this.userService,
       this.createTransactionalRouter(),

packages/server/src/routes/LoginRoutes.test.ts

@@ -30,11 +30,11 @@ describe('login', () => {
     })
 
     it('should log out the user', async () => {
-      await test.request('/app')
+      await test.request('/api')
       .get('/auth/logout')
       .set('cookie', cookie)
       .expect(302)
-      .expect('location', `${test.context}/app/auth/login`)
+      .expect('location', `${test.context}/api/auth/login`)
     })
   })
 

packages/server/src/test-utils/TestUtils.ts

@@ -91,7 +91,7 @@ export class TestUtils<T extends IRoutes> {
 
   getLoginBody(csrfToken: string) {
     const {username, password} = this
-    return `username=${username}&password=${password}&_csrf=${csrfToken}`
+    return {username, password, _csrf: csrfToken}
   }
 
   async registerAccount() {
@@ -99,7 +99,7 @@ export class TestUtils<T extends IRoutes> {
     const {cookie, token} = await this.getCsrf()
 
     const response = await supertest(this.app)
-    .post(`${context}/app/auth/register`)
+    .post(`${context}/api/auth/register`)
     .set('cookie', cookie)
     .send(this.getLoginBody(token))
     .expect(200)
@@ -111,14 +111,14 @@ export class TestUtils<T extends IRoutes> {
     }
   }
 
-  async login(_username = this.username, _password = this.password) {
+  async login(username = this.username, password = this.password) {
     const {context} = this
     const {cookie, token} = await this.getCsrf()
 
     const response = await supertest(this.app)
-    .post(`${context}/app/auth/login`)
+    .post(`${context}/api/auth/login`)
     .set('cookie', cookie)
-    .send(`username=${_username}&password=${_password}&_csrf=${token}`)
+    .send({username, password, _csrf: token})
     .expect(200)
 
     return {cookie: response.header['set-cookie'] as string, token}