Implement Express middleware exercise with custom and off-the-shelf middleware versions

Author: RahwaZeslusHaile

README.md

@@ -1,3 +1,55 @@
 # Coursework
 
 Exercises to practice and solidify your understanding of the Decomposition module of the Software Development Course.
+
+## Overview
+
+This repo contains two small Express apps that both implement the same `/subjects` POST endpoint, but in different ways:
+
+- `custom-middlewares/` uses custom middleware for header extraction and JSON array parsing.
+- `off-the-shelf-middleware/` uses Express built-in JSON parsing plus a custom validator.
+
+Both apps respond with an authentication message based on the `X-Username` request header and validate that the request body is a JSON array of strings.
+
+## Custom middlewares app
+
+Location: `custom-middlewares/`
+
+Middleware:
+
+- `extractUsername` reads `X-Username` and sets `req.username`.
+- `parseJsonArrayBody` manually parses the JSON body and ensures it is an array of strings.
+
+Run tests:
+
+```bash
+cd custom-middlewares
+npm install
+npm test
+```
+
+## Off-the-shelf middleware app
+
+Location: `off-the-shelf-middleware/`
+
+Middleware:
+
+- `express.json()` parses JSON bodies.
+- `extractUsername` reads `X-Username` and sets `req.username`.
+- `validateJsonArray` checks the parsed body is an array of strings.
+
+Run tests:
+
+```bash
+cd off-the-shelf-middleware
+npm install
+npm test
+```
+
+## Endpoint behavior
+
+`POST /subjects`
+
+- Body must be a JSON array of strings.
+- If `X-Username` is present: responds with `You are authenticated as <name>.`
+- If `X-Username` is missing: responds with `You are not authenticated.`

custom-middlewares/.gitignore

@@ -0,0 +1 @@
+node_modules/

custom-middlewares/app.js

@@ -0,0 +1,17 @@
+const express = require("express");
+const extractUsername = require("./middleware/extractUsername");
+const parseJsonArrayBody = require("./middleware/parseJsonArrayBody");
+const app = express();
+
+app.post("/subjects",extractUsername,parseJsonArrayBody,
+  (req, res) => {
+
+    const auth = req.username
+      ? `You are authenticated as ${req.username}.`
+      : `You are not authenticated.`;
+
+    res.send(auth);
+  }
+);
+
+module.exports = app;

custom-middlewares/app.test.js

@@ -0,0 +1,41 @@
+const request = require("supertest");
+const app = require("./app");
+
+describe("POST /subjects", () => {
+
+  test("responds with authenticated message", async () => {
+    const response = await request(app)
+      .post("/subjects")
+      .set("X-Username", "Ahmed")
+      .send(["Birds", "Bats"]);
+
+    expect(response.statusCode).toBe(200);
+    expect(response.text).toContain("You are authenticated as Ahmed.");
+  });
+
+  test("responds with not authenticated when header missing", async () => {
+    const response = await request(app)
+      .post("/subjects")
+      .send(["Bees"]);
+
+    expect(response.statusCode).toBe(200);
+    expect(response.text).toContain("You are not authenticated.");
+  });
+
+  test("rejects non-array body", async () => {
+    const response = await request(app)
+      .post("/subjects")
+      .send({ wrong: "format" });
+
+    expect(response.statusCode).toBe(400);
+  });
+
+  test("rejects array with non-strings", async () => {
+    const response = await request(app)
+      .post("/subjects")
+      .send([1, 2, 3]);
+
+    expect(response.statusCode).toBe(400);
+  });
+
+});

custom-middlewares/middleware/extractUsername.js

@@ -0,0 +1,6 @@
+function extractUsername(req, res, next) {
+  const username = req.get("X-Username");
+  req.username = username || null;
+  next();
+}
+module.exports = extractUsername;

custom-middlewares/middleware/parseJsonArrayBody.js

@@ -0,0 +1,33 @@
+
+function parseJsonArrayBody(req, res, next) {
+  let data = "";
+
+  req.on("data", (chunk) => {
+    data += chunk;
+  });
+
+  req.on("end", () => {
+    try {
+      const parsed = JSON.parse(data);
+
+      if (!Array.isArray(parsed)) {
+        return res.status(400).send("Body must be array");
+      }
+
+      const allStrings = parsed.every(
+        (item) => typeof item === "string"
+      );
+
+      if (!allStrings) {
+        return res.status(400).send("Must contain strings");
+      }
+
+      req.body = parsed;
+      next();
+
+    } catch {
+      res.status(400).send("Invalid JSON");
+    }
+  });
+}
+module.exports = parseJsonArrayBody;