Changes based on PR comments

Author: Paul Scott

http4k-example/src/main/kotlin/za/co/ee/learning/domain/users/UserRepository.kt

@@ -1,11 +1,10 @@
 package za.co.ee.learning.domain.users
 
-import arrow.core.Either
-import za.co.ee.learning.domain.DomainError
+import arrow.core.Option
 import za.co.ee.learning.domain.DomainResult
 
 interface UserRepository {
-    fun findByEmail(email: String): DomainResult<User>
+    fun findByEmail(email: String): DomainResult<Option<User>>
 
     fun findAll(): DomainResult<List<User>>
 }

http4k-example/src/main/kotlin/za/co/ee/learning/domain/users/usecases/Authenticate.kt

@@ -30,10 +30,11 @@ class Authenticate(
     operator fun invoke(request: AuthenticateRequest): DomainResult<AuthenticateResponse> =
         either {
             val validatedRequest = validate(request).bind()
-            val user = userRepository.findByEmail(validatedRequest.email).bind()
+            val userOption = userRepository.findByEmail(validatedRequest.email).bind()
+            val user = userOption.toEither { DomainError.InvalidCredentials }.bind()
             val pwdHashString = user.passwordHash.bind()
-            checkPassword(pwdHashString, validatedRequest).bind()
-            createToken(user).bind()
+            val authenticatedUser = authenticateUser(user, pwdHashString, validatedRequest).bind()
+            createToken(authenticatedUser).bind()
         }
 
     private fun validate(request: AuthenticateRequest): DomainResult<AuthenticateRequest> {
@@ -56,14 +57,14 @@ class Authenticate(
         return request.right()
     }
 
-    private fun checkPassword(
+    private fun authenticateUser(
+        user: User,
         passwordHash: String,
         validatedRequest: AuthenticateRequest,
-    ): DomainResult<Boolean> {
+    ): DomainResult<User> {
         if (passwordProvider.matches(validatedRequest.password, passwordHash)) {
-            return true.right()
+            return user.right()
         }
-
         return DomainError.InvalidCredentials.left()
     }
 

http4k-example/src/main/kotlin/za/co/ee/learning/infrastructure/database/InMemoryUserRepository.kt

@@ -18,10 +18,10 @@ class InMemoryUserRepository : UserRepository {
     }
 
     // Find the first user in the list that has the matching email, wrap it in an option and return a Either.right()
-    override fun findByEmail(email: String): DomainResult<User> =
+    override fun findByEmail(email: String): DomainResult<Option<User>> =
         Option
             .fromNullable(users.firstOrNull { it.email == email })
-            .toEither { DomainError.InvalidCredentials }
+            .right()
 
     override fun findAll(): DomainResult<List<User>> = users.toList().right()
 }

http4k-example/src/test/kotlin/za/co/ee/learning/domain/users/usecases/AuthenticateTest.kt

@@ -29,18 +29,20 @@ class AuthenticateTest :
 
         val validEmail = "[email protected]"
         val validPassword = "SecurePass123"
-        val passwordHash = Either.Right("hashed_password")
+        val passwordHash = "hashed_password"
         val testUser =
             User(
                 id = UUID.randomUUID(),
                 email = validEmail,
-                passwordHash = passwordHash,
+                passwordHash = Either.Right(passwordHash),
             )
+        val testToken = "jwt.token.here"
+        val testExpires = 1234567890L
         val tokenInfo =
             Either.Right(
                 TokenInfo(
-                    token = "jwt.token.here",
-                    expires = 1234567890L,
+                    token = testToken,
+                    expires = testExpires,
                 )
             )
 
@@ -52,21 +54,21 @@ class AuthenticateTest :
             test("should return token when credentials are valid") {
                 val request = AuthenticateRequest(email = validEmail, password = validPassword)
 
-                every { userRepository.findByEmail(validEmail) } returns testUser.right()
-                every { passwordProvider.matches(validPassword, passwordHash.getOrNull()!!) } returns true
+                every { userRepository.findByEmail(validEmail) } returns testUser.some().right()
+                every { passwordProvider.matches(validPassword, passwordHash) } returns true
                 every { jwtProvider.generate(testUser) } returns tokenInfo
 
                 val result = authenticate(request)
 
                 val value = result.shouldBeRight()
                 value shouldBe
                         AuthenticateResponse(
-                            token = tokenInfo.getOrNull()!!.token,
-                            expires = tokenInfo.getOrNull()!!.expires,
+                            token = testToken,
+                            expires = testExpires,
                         )
 
                 verify { userRepository.findByEmail(validEmail) }
-                verify { passwordProvider.matches(validPassword, passwordHash.getOrNull()!!) }
+                verify { passwordProvider.matches(validPassword, passwordHash) }
                 verify { jwtProvider.generate(testUser) }
             }
         }
@@ -116,7 +118,7 @@ class AuthenticateTest :
             test("should return InvalidCredentials when user does not exist") {
                 val request = AuthenticateRequest(email = "[email protected]", password = validPassword)
 
-                every { userRepository.findByEmail("[email protected]") } returns Either.Left(DomainError.InvalidCredentials)
+                every { userRepository.findByEmail("[email protected]") } returns arrow.core.none<User>().right()
 
                 val result = authenticate(request)
 
@@ -129,7 +131,7 @@ class AuthenticateTest :
             test("should return InvalidCredentials when repository returns None") {
                 val request = AuthenticateRequest(email = validEmail, password = validPassword)
 
-                every { userRepository.findByEmail(validEmail) } returns Either.Left(DomainError.InvalidCredentials)
+                every { userRepository.findByEmail(validEmail) } returns arrow.core.none<User>().right()
 
                 val result = authenticate(request)
 
@@ -142,16 +144,16 @@ class AuthenticateTest :
             test("should return InvalidCredentials when password does not match") {
                 val request = AuthenticateRequest(email = validEmail, password = "WrongPassword123")
 
-                every { userRepository.findByEmail(validEmail) } returns testUser.right()
-                every { passwordProvider.matches("WrongPassword123", passwordHash.getOrNull()!!) } returns false
+                every { userRepository.findByEmail(validEmail) } returns testUser.some().right()
+                every { passwordProvider.matches("WrongPassword123", passwordHash) } returns false
 
                 val result = authenticate(request)
 
                 val error = result.shouldBeLeft()
                 error shouldBe DomainError.InvalidCredentials
 
                 verify { userRepository.findByEmail(validEmail) }
-                verify { passwordProvider.matches("WrongPassword123", passwordHash.getOrNull()!!) }
+                verify { passwordProvider.matches("WrongPassword123", passwordHash) }
             }
         }
 

http4k-example/src/test/kotlin/za/co/ee/learning/infrastructure/api/AuthenticateEndpointTest.kt

@@ -32,18 +32,20 @@ class AuthenticateEndpointTest :
 
         val validEmail = "[email protected]"
         val validPassword = "SecurePass123"
-        val passwordHash = Either.Right("hashed_password")
+        val passwordHash = "hashed_password"
         val testUser =
             User(
                 id = UUID.randomUUID(),
                 email = validEmail,
-                passwordHash = passwordHash,
+                passwordHash = Either.Right(passwordHash),
             )
+        val testToken = "jwt.token.here"
+        val testExpires = 1234567890L
         val tokenInfo =
             Either.Right(
                 TokenInfo(
-                    token = "jwt.token.here",
-                    expires = 1234567890L,
+                    token = testToken,
+                    expires = testExpires,
                 )
             )
         beforeTest {
@@ -55,18 +57,18 @@ class AuthenticateEndpointTest :
                 val requestBody = """{"email":"$validEmail","password":"$validPassword"}"""
                 val request = Request(Method.POST, "/auth/login").body(requestBody)
 
-                every { userRepository.findByEmail(validEmail) } returns testUser.right()
-                every { passwordProvider.matches(validPassword, passwordHash.getOrNull()!!) } returns true
+                every { userRepository.findByEmail(validEmail) } returns testUser.some().right()
+                every { passwordProvider.matches(validPassword, passwordHash) } returns true
                 every { jwtProvider.generate(testUser) } returns tokenInfo
 
                 val response = endpoint.handler(request)
 
                 response.status shouldBe Status.OK
-                response.bodyString() shouldContain "\"token\":\"${tokenInfo.getOrNull()!!.token}\""
-                response.bodyString() shouldContain "\"expires\":${tokenInfo.getOrNull()!!.expires}"
+                response.bodyString() shouldContain "\"token\":\"$testToken\""
+                response.bodyString() shouldContain "\"expires\":$testExpires"
 
                 verify { userRepository.findByEmail(validEmail) }
-                verify { passwordProvider.matches(validPassword, passwordHash.getOrNull()!!) }
+                verify { passwordProvider.matches(validPassword, passwordHash) }
                 verify { jwtProvider.generate(testUser) }
             }
         }
@@ -118,7 +120,7 @@ class AuthenticateEndpointTest :
                 val requestBody = """{"email":"[email protected]","password":"$validPassword"}"""
                 val request = Request(Method.POST, "/auth/login").body(requestBody)
 
-                every { userRepository.findByEmail("[email protected]") } returns Either.Left(DomainError.InvalidCredentials)
+                every { userRepository.findByEmail("[email protected]") } returns arrow.core.none<User>().right()
 
                 val response = endpoint.handler(request)
 
@@ -132,16 +134,16 @@ class AuthenticateEndpointTest :
                 val requestBody = """{"email":"$validEmail","password":"WrongPassword123"}"""
                 val request = Request(Method.POST, "/auth/login").body(requestBody)
 
-                every { userRepository.findByEmail(validEmail) } returns testUser.right()
-                every { passwordProvider.matches("WrongPassword123", passwordHash.getOrNull()!!) } returns false
+                every { userRepository.findByEmail(validEmail) } returns testUser.some().right()
+                every { passwordProvider.matches("WrongPassword123", passwordHash) } returns false
 
                 val response = endpoint.handler(request)
 
                 response.status shouldBe Status.BAD_REQUEST
                 response.bodyString() shouldContain "Invalid email or password"
 
                 verify { userRepository.findByEmail(validEmail) }
-                verify { passwordProvider.matches("WrongPassword123", passwordHash.getOrNull()!!) }
+                verify { passwordProvider.matches("WrongPassword123", passwordHash) }
             }
         }
 
@@ -167,8 +169,8 @@ class AuthenticateEndpointTest :
                 val requestBody = """{"email":"$validEmail","password":"$validPassword"}"""
                 val request = Request(Method.POST, "/auth/login").body(requestBody)
 
-                every { userRepository.findByEmail(validEmail) } returns testUser.right()
-                every { passwordProvider.matches(validPassword, passwordHash.getOrNull()!!) } returns true
+                every { userRepository.findByEmail(validEmail) } returns testUser.some().right()
+                every { passwordProvider.matches(validPassword, passwordHash) } returns true
                 every { jwtProvider.generate(testUser) } returns tokenInfo
 
                 val response = endpoint.handler(request)

http4k-example/src/test/kotlin/za/co/ee/learning/infrastructure/database/InMemoryUserRepositoryTest.kt

@@ -1,13 +1,10 @@
 package za.co.ee.learning.infrastructure.database
 
-import io.kotest.assertions.arrow.core.shouldBeLeft
 import io.kotest.assertions.arrow.core.shouldBeRight
 import io.kotest.assertions.arrow.core.shouldBeSome
 import io.kotest.core.spec.style.FunSpec
 import io.kotest.matchers.collections.shouldHaveAtLeastSize
 import io.kotest.matchers.shouldBe
-import io.kotest.matchers.types.shouldBeSameInstanceAs
-import za.co.ee.learning.domain.DomainError
 
 class InMemoryUserRepositoryTest :
     FunSpec({
@@ -27,22 +24,25 @@ class InMemoryUserRepositoryTest :
             test("should return Some when user exists") {
                 val result = repository.findByEmail("[email protected]")
 
-                val user = result.shouldBeRight()
+                val option = result.shouldBeRight()
+                val user = option.shouldBeSome()
                 user.email shouldBe "[email protected]"
             }
 
             test("should have password hash for existing user") {
                 val result = repository.findByEmail("[email protected]")
 
-                val user = result.shouldBeRight()
-                user.passwordHash.getOrNull()!!.isNotEmpty() shouldBe true
+                val option = result.shouldBeRight()
+                val user = option.shouldBeSome()
+                val pwdHash = user.passwordHash.shouldBeRight()
+                pwdHash.isNotEmpty() shouldBe true
             }
 
             test("should return None for non-existent user") {
                 val result = repository.findByEmail("[email protected]")
 
-                val err = result.shouldBeLeft()
-                err shouldBeSameInstanceAs DomainError.InvalidCredentials
+                val option = result.shouldBeRight()
+                option.isNone() shouldBe true
             }
         }
 

http4k-example/src/test/kotlin/za/co/ee/learning/infrastructure/security/BCryptPasswordProviderTest.kt

@@ -1,5 +1,6 @@
 package za.co.ee.learning.infrastructure.security
 
+import io.kotest.assertions.arrow.core.shouldBeRight
 import io.kotest.core.spec.style.FunSpec
 import io.kotest.matchers.shouldBe
 import io.kotest.matchers.shouldNotBe
@@ -15,8 +16,9 @@ class BCryptPasswordProviderTest :
 
                 val hash = passwordProvider.encode(password)
 
-                hash.getOrNull()!! shouldStartWith "\$2a\$"
-                hash.getOrNull()!!.length shouldBe 60
+                val hashResult = hash.shouldBeRight()
+                hashResult shouldStartWith "\$2a\$"
+                hashResult.length shouldBe 60
             }
 
             test("should generate different hashes for the same password") {
@@ -42,54 +44,54 @@ class BCryptPasswordProviderTest :
                 val password = ""
 
                 val hash = passwordProvider.encode(password)
-
-                hash.getOrNull()!! shouldStartWith "\$2a\$"
+                val hashResult = hash.shouldBeRight()
+                hashResult shouldStartWith "\$2a\$"
             }
         }
 
         context("matches") {
             test("should return true when password matches hash") {
                 val password = "correctPassword123"
-                val hash = passwordProvider.encode(password)
+                val hash = passwordProvider.encode(password).shouldBeRight()
 
-                val result = passwordProvider.matches(password, hash.getOrNull()!!)
+                val result = passwordProvider.matches(password, hash)
 
                 result shouldBe true
             }
 
             test("should return false when password does not match hash") {
                 val correctPassword = "correctPassword123"
                 val wrongPassword = "wrongPassword456"
-                val hash = passwordProvider.encode(correctPassword)
+                val hash = passwordProvider.encode(correctPassword).shouldBeRight()
 
-                val result = passwordProvider.matches(wrongPassword, hash.getOrNull()!!)
+                val result = passwordProvider.matches(wrongPassword, hash)
 
                 result shouldBe false
             }
 
             test("should return false for empty password when hash is for non-empty password") {
                 val password = "actualPassword"
-                val hash = passwordProvider.encode(password)
+                val hash = passwordProvider.encode(password).shouldBeRight()
 
-                val result = passwordProvider.matches("", hash.getOrNull()!!)
+                val result = passwordProvider.matches("", hash)
 
                 result shouldBe false
             }
 
             test("should be case sensitive") {
                 val password = "Password123"
-                val hash = passwordProvider.encode(password)
+                val hash = passwordProvider.encode(password).shouldBeRight()
 
-                val result = passwordProvider.matches("password123", hash.getOrNull()!!)
+                val result = passwordProvider.matches("password123", hash)
 
                 result shouldBe false
             }
 
             test("should handle special characters in password") {
                 val password = "P@ssw0rd!#\$%^&*()"
-                val hash = passwordProvider.encode(password)
+                val hash = passwordProvider.encode(password).shouldBeRight()
 
-                val result = passwordProvider.matches(password, hash.getOrNull()!!)
+                val result = passwordProvider.matches(password, hash)
 
                 result shouldBe true
             }