Desired Changes

• Add authentication for user
• https://github.com/trenpixster/addict

Walking away from JWTs because they're harder to revoke and easy to mess up. Current implementation is insecure given that the JWTs are stored in LocalStorage. And ultimately, we don't benefit from a lot of the advantages with our simple architecture. To keep things simple, let's migrate to standard authentication so we can revoke a token if necessary.

Changes

• Remove JWT authentication
• Implement session authentication
• Return session in a cookie
• Implement CSRF

Issue

• When running the Register Attach Config tests, many errors appear.

    when the provided environment does not have a corresponding config file
      ✓ should throw
(node:27872) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1): Error: No config file available at "/home/ebukacek/projects/monarch/api/config/This file has lost it's way...json".

Error:
ENOENT: no such file or directory, stat '/home/ebukacek/projects/monarch/api/config/This file has lost it's way...json'
(node:27872) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

Notes

• Looks like it may be related to this: chaijs/chai-as-promised#173

Purpose

• For V1, I would like to encrypt messages for the users.
• Post V1, implementing end to end encryption would be swell.

Questions

• If a user is reported, we may need to retrieve those messages to determine punishment. Do we ask for the reporter's discretion on showing us messages? Or do they specify specific messages or times?
• How do we want to implement E2E? Is E2E worth it yet?

So yeah, how are we storing user data? Maybe this? https://github.com/kleinernik/elixir-aes-cmac
How would we do E2E? Signal's protocol looks awesome, but it looks like it's only natively implemented in Java and C. We could use Ports to run it in Elixir for a V1, but a long-term solution would probably be preferable in code that could run on the BEAM VM. Anyway, all discussion is super appreciated; I'm very green in this area.

Desired Changes

• Setup basic Elm skeleton underneath /app directory.
• Add any Elm tests to .travis.yml

Desired Changes

• Add elm-css package to app

Desired Changes

• Integrate with AWS
• Integrate with CircleCI

Desired Change

• Bring BDD to our frontend.
• This library looks promising: https://github.com/rogeriochaves/elm-test-bdd-style

Desired Changes

• Add helper methods for form elements for the styleguide.
  • Input field
  • Text Area
  • Button
  • Password
• Ideally, each form element would encapsulate a single function which allows reusability with error
  handling or with higher level form handlers.

Desired Changes

• Add profile page
• See #14 for fields.

As a developer,
I want to automate my dependency management,
So I don't want to manually remember to update dependencies,

Changes

• Implement Renovate with service
• Implement Renovate with ui

Additional

• Find install details here: https://renovatebot.com/

Issue

No reason to have these separated, honestly. It's misdirection.

Suggested Fix

• Consolidate components/identity/login and containers/identity/login

Desired Changes

• Add GET /listeners
• Aggregate possible listeners by zip code and gender identity.

Desired Changes

• Add login page.
  • Fields:
    • Email
    • Password
  • Enter Button
  • Responsive

Issue

Lost contact with my friend and need help.

Suggested Fix

Please email me at [email protected]

Issue

• The following components and containers need stories:
  • Inline Notification
  • Login (Container and component)

As a systems engineer,
I want to use environment variables to configure Knex,
So I can keep my configuration separate from my code.

• Add nodeenv as a dependency
• Remove knexfile.js
  • Use single monarch database for everything; no need for separate dev / test environments.
  • Use nodeenv to load in the rest
  • Update docker-compose.yml to use these shared dependencies
  • Update attach_knex.js plugin to use nodenv
  • Initialize nodeenv in server.js

Desired Changes

• Add User resource
• Use /users for endpoint

Useful Resources

• This may be a good approach to get some cheap functionality, fast.
  • https://github.com/trenpixster/addict

Desired Changes

• Add API setup instructions to README under ##Setup

Desired Changes

• Add .travis.yml and hookup Travis build
• Add Travis badge to README

Desired Changes

• Create seed for zip codes within 50 miles and state indexed by zip code
• Create seed for zip codes within state indexed by zip code
• Create seed for zip codes within 750 miles indexed by zip code

https://stackoverflow.com/questions/3983325/calculate-distance-between-zip-codes-and-users

Issue

• Ensure that all API responses utilize standard security headers

Suggested Fix

• https://hapijs.com/api#-routeoptionssecurity

Desired Changes

• Bring in the Espec library for Elixir and convert User tests to use BDD as a POC.
• Promising option: https://github.com/antonmi/espec_phoenix

Issue

• Code coverage is only based off of unit tests in the API, not all tests across both the API and the app.

Suggested Fix

• Using something like https://github.com/jamestalmage/istanbul-combine, combine all istanbul coverage results into a single metric.
• Use single metric for coveralls

Desired Changes

• Add profile options to user.
• Example fields:
  • genderIdentity
    • Required.
  • bio
    • Not required.
  • zipcode
    • Used to assist pairing options and by the location module
    • Not required.
  • requestDescription
    • "What I want in a listener?"
    • Not required.
  • requests: []
    • Either "TO_LISTEN," or "TO_TALK"
    • Required.

Desired Changes

• Add conversation table
  • user_accounts - {array of foreign user_account_ids} User ids present in the room
  • messages - {array of foreign message_ids}
• Add messages table
  • id - {uuid, primary}
  • author_id - {foreign user_account_id}
  • content - {string}
  • create_date - {date}
  • modify_date - {date}
• Add functionality to send messages and receive messages using websockets.