Jon Garrett

Email
LinkedIn
GitHub

Database Setup

Okay. This one was pretty nice. I asked copilot to build my endpoints and fix any errors that the originally generated code had and it all went pretty smoothly. Copilot even gave me curl commands to check the endpoint was working as expected. And all before my gum lost its flavor!

  1. add user entity
  2. add hunt-step-answer entity to hunst-step
  3. add user module with nestjs cli
  4. ERROR [ExceptionHandler] Entity metadata for Hunt#steps was not found. Check if you specified a correct entity object and if it's connected in the connection options.
  5. ERROR [ExceptionHandler] column "userId" of relation "hunt" contains null values
    • we had previously created a hunt without a user so when making columns required we ran into errors
  6. add test user to user table
  7. update user POST to exist
  8. add delete hunt endpoint

I used inline copilot fix command to resolve type errors and other warnings and didn't get any hallucinations.

Commit ada39425df6b6d5ba36ef910a56211e7e9b0d3be

Copilot, "what is best way add authentication to this?"

I had an error because Copilot didn't include type definitions package, but pasting error into chat and voila. Pretty easy.

We're adding auth so we should probably read up on auth best practices a little bit directly, but this is a test project that isn't deployed anywhere yet so I'm not making that too big of a priority.

Commit 1a1642b6d0de9762fca6e59c5f42f52f3a8c7f61

Copilot, "protect endpoints with auth"

Looks like we just need to apply @UseGuards(JwtAuthGuard) above my protected routes and we'll get a 401

example curl to GET a protected route

Let's do a little cleanup...

Commit 4981d49f475f2e4122b39a8c0455fbb9763c212a

Copilot, "update my auth register to use bcrypt on passwords"

Not too much to say other than that it looks like we were throwing plain text passwords all over willy-nilly. That should be cleaned up. At this point we could add tests here or move back to the front and start building these routes there.

Commit 42a94ee9d7f6fa02967713db409a2ddbd6a75c79

Copilot, "protect route with superuser"

Okay, we have to create a bunch of new user role related stuff and we don't want to let someone through in a role argument and magically become a super user... aaaaaand now it looks like my validation pipe isn't working for auth.

After painstaking debugging... I needed to update my useGlobalPipes in main.ts to

new ValidationPipe({
    // forbidNonWhiteListed REQUIRES whitelist to be true
    forbidNonWhitelisted: true,
    transform: true,
    whitelist: true,
}),

I had a bit of a gotcha. I left off whitelist: true which meant there was no whitelist to forbid non whitelisted!

That should protect my validation from passing unwanted values on to the db.

After updating my DTOs and entities and routes and config we're left with:

Commit 84adba670b3711f5844a44c5668530aa75d93e61

What was I saying about moving to the front before I found a bunch of problems? Yeah, this is probably a good argument to add tests now so we don't run into MORE problems when we try to use this...

<-- Previous Post

Action!

Blog Home

Next Post -->

Server Tests