From 57fc93a3a07d1b1e982ec316c2b205f25c136268 Mon Sep 17 00:00:00 2001
From: reganoneill <rkrotho@gmail.com>
Date: Mon, 6 Mar 2017 16:47:46 -0800
Subject: [PATCH 1/7] basic functionality and two passing tests

---
 lab-regan/.env                         |   3 +
 lab-regan/.eslintrc                    |  19 ++++
 lab-regan/.gitignore                   | 132 +++++++++++++++++++++++++
 lab-regan/gulpfile.js                  |  13 +++
 lab-regan/lib/basic-auth-middleware.js |  38 +++++++
 lab-regan/lib/error-middleware.js      |  28 ++++++
 lab-regan/model/user.js                |  69 +++++++++++++
 lab-regan/package.json                 |  34 +++++++
 lab-regan/route/auth-router.js         |  42 ++++++++
 lab-regan/server.js                    |  29 ++++++
 lab-regan/test/auth-route-test.js      |  77 +++++++++++++++
 11 files changed, 484 insertions(+)
 create mode 100644 lab-regan/.env
 create mode 100644 lab-regan/.eslintrc
 create mode 100644 lab-regan/.gitignore
 create mode 100644 lab-regan/gulpfile.js
 create mode 100644 lab-regan/lib/basic-auth-middleware.js
 create mode 100644 lab-regan/lib/error-middleware.js
 create mode 100644 lab-regan/model/user.js
 create mode 100644 lab-regan/package.json
 create mode 100644 lab-regan/route/auth-router.js
 create mode 100644 lab-regan/server.js
 create mode 100644 lab-regan/test/auth-route-test.js

diff --git a/lab-regan/.env b/lab-regan/.env
new file mode 100644
index 0000000..fdb9a4b
--- /dev/null
+++ b/lab-regan/.env
@@ -0,0 +1,3 @@
+
+MONGODB_URI='mongodb://localhost/cfgrammy'
+APP_SECRET='bestappsecret'
diff --git a/lab-regan/.eslintrc b/lab-regan/.eslintrc
new file mode 100644
index 0000000..f4ed946
--- /dev/null
+++ b/lab-regan/.eslintrc
@@ -0,0 +1,19 @@
+{
+  "rules": {
+    "no-console": "off",
+    "indent": [ "error", 2 ],
+    "quotes": [ "error", "single" ],
+    "semi": ["error", "always"],
+    "linebreak-style": [ "error", "unix" ]
+  },
+  "env": {
+    "es6": true,
+    "node": true,
+  },
+  "ecmaFeatures": {
+    "modules": true,
+    "experimentalObjectRestSpread": true,
+    "impliedStrict": true
+  },
+  "extends": "eslint:recommended"
+}
diff --git a/lab-regan/.gitignore b/lab-regan/.gitignore
new file mode 100644
index 0000000..5ed0369
--- /dev/null
+++ b/lab-regan/.gitignore
@@ -0,0 +1,132 @@
+
+# Created by https://www.gitignore.io/api/osx,node,linux,windows
+
+### Linux ###
+*~
+
+# temporary files which can be created if a process still has a handle open of a deleted file
+.fuse_hidden*
+
+# KDE directory preferences
+.directory
+
+# Linux trash folder which might appear on any partition or disk
+.Trash-*
+
+# .nfs files are created when an open file is removed but is still being accessed
+.nfs*
+
+###Local Files###
+data/
+
+### Node ###
+# Logs
+logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+
+# Runtime data
+pids
+*.pid
+*.seed
+*.pid.lock
+
+# Directory for instrumented libs generated by jscoverage/JSCover
+lib-cov
+
+# Coverage directory used by tools like istanbul
+coverage
+
+# nyc test coverage
+.nyc_output
+
+# Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
+.grunt
+
+# Bower dependency directory (https://bower.io/)
+bower_components
+
+# node-waf configuration
+.lock-wscript
+
+# Compiled binary addons (http://nodejs.org/api/addons.html)
+build/Release
+
+# Dependency directories
+node_modules/
+jspm_packages/
+
+# Typescript v1 declaration files
+typings/
+
+# Optional npm cache directory
+.npm
+
+# Optional eslint cache
+.eslintcache
+
+# Optional REPL history
+.node_repl_history
+
+# Output of 'npm pack'
+*.tgz
+
+# Yarn Integrity file
+.yarn-integrity
+
+# dotenv environment variables file
+
+
+
+### OSX ###
+*.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+.com.apple.timemachine.donotpresent
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+
+### Windows ###
+# Windows thumbnail cache files
+Thumbs.db
+ehthumbs.db
+ehthumbs_vista.db
+
+# Folder config file
+Desktop.ini
+
+# Recycle Bin used on file shares
+$RECYCLE.BIN/
+
+# Windows Installer files
+*.cab
+*.msi
+*.msm
+*.msp
+
+# Windows shortcuts
+*.lnk
+
+# End of https://www.gitignore.io/api/osx,node,linux,windows
diff --git a/lab-regan/gulpfile.js b/lab-regan/gulpfile.js
new file mode 100644
index 0000000..c36afa2
--- /dev/null
+++ b/lab-regan/gulpfile.js
@@ -0,0 +1,13 @@
+'use strict';
+
+const gulp = require('gulp');
+const eslint = require('gulp-eslint');
+
+gulp.task('lint', function(){
+  return gulp.src(['**/*.js', '!node_modules'])
+  .pipe(eslint())
+  .pipe(eslint.format())
+  .pipe(eslint.failAfterError());
+});
+
+gulp.task('default', ['lint']);
diff --git a/lab-regan/lib/basic-auth-middleware.js b/lab-regan/lib/basic-auth-middleware.js
new file mode 100644
index 0000000..b62ae59
--- /dev/null
+++ b/lab-regan/lib/basic-auth-middleware.js
@@ -0,0 +1,38 @@
+'use strict';
+
+const createError = require('http-errors');
+const debug = require('debug')('cfgram:basic-auth-middleware');
+
+module.exports = function(req, res, next){
+  debug('basic auth');
+
+  var authHeader = req.headers.authorization;
+
+  if(!authHeader){
+    return next(createError(401, 'authorization header required'));
+  };
+
+  var base64str = authHeader.split('Basic ')[1];
+  if(!base64str){
+    return next(createError(401, 'username and password required'));
+  };
+
+  var utf8str = new Buffer(base64str, 'base64').toString();
+  var authArr = utf8str.split(':');
+
+  req.auth = {
+    username: authArr[0],
+    password: authArr[1]
+  };
+
+  if(!req.auth.username){
+    return next(createError(401, 'username required'));
+  };
+
+  if(!req.auth.password){
+    return next(createError(401, 'password required'));
+  };
+
+  next();
+
+};
diff --git a/lab-regan/lib/error-middleware.js b/lab-regan/lib/error-middleware.js
new file mode 100644
index 0000000..0ba072a
--- /dev/null
+++ b/lab-regan/lib/error-middleware.js
@@ -0,0 +1,28 @@
+'use strict';
+
+const createError = require('http-errors');
+const debug = require('debug')('cfgram:error-middleware');
+
+module.exports = function(err, req, res, next){
+  debug('error-middleware');
+
+  console.error('msg:', err.message);
+  console.error('name:', err.name);
+
+  if(err.status){
+    res.status(err.status).send(err.name);
+    next();
+    return;
+  };
+
+  if(err.name === 'ValidationError'){
+    err = createError(400, err.message);
+    res.status(err.status).send(err.name);
+    next();
+    return;
+  };
+
+  err = createError(500, err.message);
+  res.status(err.status).send(err.name);
+  next();
+};
diff --git a/lab-regan/model/user.js b/lab-regan/model/user.js
new file mode 100644
index 0000000..1c93e82
--- /dev/null
+++ b/lab-regan/model/user.js
@@ -0,0 +1,69 @@
+'use strict';
+
+const mongoose = require('mongoose');
+const debug = require('debug')('cfgram:user');
+const Promise = require('bluebird');
+const createError = require('http-errors');
+const crypto = require('crypto');
+const bcrypt = require('bcrypt');
+const jwt = require('jsonwebtoken');
+
+const Schema = mongoose.Schema;
+
+const userSchema = Schema({
+  username: {type: String, required: true, unique: true},
+  password: {type: String, required: true},
+  email: {type: String, required: true, unique: true},
+  findHash: {type: String, unique: true}
+});
+
+userSchema.methods.generatePasswordHash = function(password){
+  debug('generatePasswordHash');
+  return new Promise((resolve, reject) => {
+    bcrypt.hash(password, 10, (err, hash) => {
+      if(err) return reject(err);
+      this.password = hash;
+      resolve(this);
+    });
+  });
+};
+
+userSchema.methods.comparePasswordHash = function(password){
+  debug('comparePasswordHash');
+  return new Promise((resolve, reject) => {
+    bcrypt.compare(password, this.password, (err, valid) => {
+        if(err) return reject(err);
+        if(!valid) return reject(createError(401, 'wrong password'));
+        resolve(this);
+    });
+  });
+};
+
+userSchema.methods.generateFindHash = function(){
+  debug('generateFindHash');
+  return new Promise((resolve, reject) => {
+    let tries = 0;
+    _generateFindHash.call(this);
+    function _generateFindHash(){
+      this.findHash = crypto.randomBytes(32).toString('hex');
+      this.save()
+      .then( () => resolve(this.findHash))
+      .catch( err => {
+        if(tries > 3) return reject(err);
+        tries++;
+        _generateFindHash.call(this);
+      });
+    };
+  });
+};
+
+userSchema.methods.generateToken = function(){
+  debug('generateToken');
+  return new Promise((resolve, reject) => {
+    this.generateFindHash()
+    .then( findHash => resolve(jwt.sign({token: findHash}, process.env.APP_SECRET )))
+    .catch( err => reject(err));
+  });
+};
+
+module.exports = mongoose.model('user', userSchema);
diff --git a/lab-regan/package.json b/lab-regan/package.json
new file mode 100644
index 0000000..c04b2ee
--- /dev/null
+++ b/lab-regan/package.json
@@ -0,0 +1,34 @@
+{
+  "name": "lab-regan",
+  "version": "1.0.0",
+  "description": "",
+  "main": "server.js",
+  "directories": {
+    "test": "test"
+  },
+  "scripts": {
+    "test": "DEBUG='cfgram*' mocha",
+    "start": "DEBUG='cfgram*' node server.js"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "bcrypt": "^1.0.2",
+    "bluebird": "^3.5.0",
+    "body-parser": "^1.17.1",
+    "cors": "^2.8.1",
+    "debug": "^2.6.1",
+    "dotenv": "^4.0.0",
+    "express": "^4.15.2",
+    "http-errors": "^1.6.1",
+    "jsonwebtoken": "^7.3.0",
+    "mongoose": "^4.8.6",
+    "morgan": "^1.8.1"
+  },
+  "devDependencies": {
+    "chai": "^3.5.0",
+    "mocha": "^3.2.0",
+    "superagent": "^3.5.0"
+  }
+}
diff --git a/lab-regan/route/auth-router.js b/lab-regan/route/auth-router.js
new file mode 100644
index 0000000..27aafc9
--- /dev/null
+++ b/lab-regan/route/auth-router.js
@@ -0,0 +1,42 @@
+'use strict';
+
+const jsonParser = require('body-parser').json();
+const debug = require('debug')('cfgram:auth-router');
+const Router = require('express').Router;
+
+const User = require('../model/user.js');
+const basicAuth = require('../lib/basic-auth-middleware.js');
+
+const authRouter = module.exports = Router();
+
+authRouter.post('/api/signup', jsonParser, function(req, res, next){
+  debug('POST: /api/signup');
+
+  //i added this
+  // if(!req.body){
+  //   return next(createError(400,'Bad Request'));
+  // };
+  //done
+
+  let password = req.body.password;
+  delete req.body.password;
+
+  let user = new User(req.body);
+
+  user.generatePasswordHash(password)
+  .then( user => user.save())
+  .then(user => user.generateToken())
+  .then(token => res.send(token))
+  .catch(next);
+});
+
+
+authRouter.get('/api/signin', basicAuth, function(req, res, next){
+  debug('GET: /api/signin');
+
+  User.findOne({username: req.auth.username})
+  .then( user => user.comparePasswordHash(req.auth.password))
+  .then( user => user.generateToken())
+  .then( token => res.send(token))
+  .catch(next);
+});
diff --git a/lab-regan/server.js b/lab-regan/server.js
new file mode 100644
index 0000000..02163c5
--- /dev/null
+++ b/lab-regan/server.js
@@ -0,0 +1,29 @@
+'use strict';
+
+const express = require('express');
+const Promise = require('bluebird');
+const debug = require('debug')('cfgram:server');
+const morgan = require('morgan');
+const mongoose = require('mongoose');
+const cors = require('cors');
+const dotenv = require('dotenv');
+
+const authRouter = require('./route/auth-router.js');
+const errors = require('./lib/error-middleware.js');
+
+dotenv.load();
+
+const PORT = process.env.PORT || 3000;
+const app = express();
+
+mongoose.connect(process.env.MONGODB_URI);
+
+app.use(cors());
+app.use(morgan('dev'));
+
+app.use(authRouter);
+app.use(errors);
+
+app.listen(PORT,  () => {
+  debug(`server up on port ${PORT}`);
+});
diff --git a/lab-regan/test/auth-route-test.js b/lab-regan/test/auth-route-test.js
new file mode 100644
index 0000000..ab732bd
--- /dev/null
+++ b/lab-regan/test/auth-route-test.js
@@ -0,0 +1,77 @@
+'use script';
+
+const debug = require('debug')('cfgram:auth-route-test');
+const expect = require('chai').expect;
+const request = require('superagent');
+// const mongoose = require('mongoose');
+// const Promise = require('bluebird');
+const User = require('../model/user.js');
+
+require('../server.js');
+
+const url = `http://localhost:${process.env.PORT}`;
+const exampleUser = {
+  username: 'exampleuser',
+  password: '9876',
+  email: 'example@example.com'
+};
+
+describe('Auth Routes', function(){
+  describe('POST: /api/signup', function(){
+    describe('with a valid body', function(){
+      after( done => {
+        User.remove({})
+        .then( () => done())
+        .catch(done);
+      });
+      it('should return a token', done => {
+        debug('in heeeeeeere!');
+        request.post(`${url}/api/signup`)
+        .send(exampleUser)
+        .end((err, res) => {
+          if(err) return done(err);
+          expect(res.status).to.equal(200);
+          // expect(res.text).to.be.a('string');
+          done();
+        });
+      });
+    });
+  });//end post test
+
+
+  describe('GET: /api/signin', function(){
+      describe('with a valid body', function(){
+        before( done => {
+          let user = new User(exampleUser);
+          user.generatePasswordHash(exampleUser.password)
+          .then( user => user.save())
+          .then( user => {
+            this.tempUser = user;
+            done();
+          })
+          .catch(done);
+        });
+        after( done => {
+          User.remove({})
+          .then( () => done())
+          .catch(done);
+        });
+        it('should a token', done => {
+          request.get(`${url}/api/signin`)
+          .auth('exampleuser', '9876')
+          .end((err, res) => {
+            if(err) return done(err);
+            console.log('temporary user: ', this.tempUser);
+            console.log('GET: /apl/signin token ', res.text);
+            expect(res.status).to.equal(200);
+            done();
+          });
+        });
+      });
+    });
+
+
+
+
+
+});

From ffa5d33ee2ee979d15388d15bfc53c2bd549efed Mon Sep 17 00:00:00 2001
From: reganoneill <rkrotho@gmail.com>
Date: Mon, 6 Mar 2017 19:05:01 -0800
Subject: [PATCH 2/7] debugged test to add 400 error with post

---
 lab-regan/lib/basic-auth-middleware.js |  1 +
 lab-regan/lib/error-middleware.js      |  8 ++++++++
 lab-regan/route/auth-router.js         |  7 ++++---
 lab-regan/test/auth-route-test.js      | 26 ++++++++++++++++----------
 4 files changed, 29 insertions(+), 13 deletions(-)

diff --git a/lab-regan/lib/basic-auth-middleware.js b/lab-regan/lib/basic-auth-middleware.js
index b62ae59..3abd199 100644
--- a/lab-regan/lib/basic-auth-middleware.js
+++ b/lab-regan/lib/basic-auth-middleware.js
@@ -6,6 +6,7 @@ const debug = require('debug')('cfgram:basic-auth-middleware');
 module.exports = function(req, res, next){
   debug('basic auth');
 
+
   var authHeader = req.headers.authorization;
 
   if(!authHeader){
diff --git a/lab-regan/lib/error-middleware.js b/lab-regan/lib/error-middleware.js
index 0ba072a..3a09a8f 100644
--- a/lab-regan/lib/error-middleware.js
+++ b/lab-regan/lib/error-middleware.js
@@ -9,6 +9,14 @@ module.exports = function(err, req, res, next){
   console.error('msg:', err.message);
   console.error('name:', err.name);
 
+//400 solution
+  if(err.message === 'data and salt arguments required'){
+    err = createError(400, 'so bad');
+    res.status(err.status).send(err.name);
+    next();
+    return;
+  };
+
   if(err.status){
     res.status(err.status).send(err.name);
     next();
diff --git a/lab-regan/route/auth-router.js b/lab-regan/route/auth-router.js
index 27aafc9..387b96e 100644
--- a/lab-regan/route/auth-router.js
+++ b/lab-regan/route/auth-router.js
@@ -13,9 +13,10 @@ authRouter.post('/api/signup', jsonParser, function(req, res, next){
   debug('POST: /api/signup');
 
   //i added this
-  // if(!req.body){
-  //   return next(createError(400,'Bad Request'));
-  // };
+  if(!req.body){
+    debug('test!');
+    return next(createError(400,'Bad Request'));
+  };
   //done
 
   let password = req.body.password;
diff --git a/lab-regan/test/auth-route-test.js b/lab-regan/test/auth-route-test.js
index ab732bd..47c56b1 100644
--- a/lab-regan/test/auth-route-test.js
+++ b/lab-regan/test/auth-route-test.js
@@ -3,8 +3,6 @@
 const debug = require('debug')('cfgram:auth-route-test');
 const expect = require('chai').expect;
 const request = require('superagent');
-// const mongoose = require('mongoose');
-// const Promise = require('bluebird');
 const User = require('../model/user.js');
 
 require('../server.js');
@@ -25,7 +23,6 @@ describe('Auth Routes', function(){
         .catch(done);
       });
       it('should return a token', done => {
-        debug('in heeeeeeere!');
         request.post(`${url}/api/signup`)
         .send(exampleUser)
         .end((err, res) => {
@@ -36,8 +33,22 @@ describe('Auth Routes', function(){
         });
       });
     });
-  });//end post test
 
+    describe('with an invalid body', function(){
+      it('should return a 400', done => {
+        request.post(`${url}/api/signup`)
+        .send()
+        .end((err, res) => {
+          // if(err) return done(err);
+          debug(err.name);
+          debug(err.status);
+          debug(err.message);
+          expect(err.status).to.equal(400);
+          done();
+        });
+      });
+    });
+  });//end post test
 
   describe('GET: /api/signin', function(){
       describe('with a valid body', function(){
@@ -68,10 +79,5 @@ describe('Auth Routes', function(){
           });
         });
       });
-    });
-
-
-
-
-
+    });//end GET /api/signin
 });

From c646407def9a45870306f58f705fc243e65a7e68 Mon Sep 17 00:00:00 2001
From: reganoneill <rkrotho@gmail.com>
Date: Mon, 6 Mar 2017 20:24:04 -0800
Subject: [PATCH 3/7] assignment complete

---
 lab-regan/lib/error-middleware.js |  2 +-
 lab-regan/route/auth-router.js    |  7 ----
 lab-regan/test/auth-route-test.js | 60 ++++++++++++++++++++++++++++---
 3 files changed, 56 insertions(+), 13 deletions(-)

diff --git a/lab-regan/lib/error-middleware.js b/lab-regan/lib/error-middleware.js
index 3a09a8f..6d0bd8b 100644
--- a/lab-regan/lib/error-middleware.js
+++ b/lab-regan/lib/error-middleware.js
@@ -30,7 +30,7 @@ module.exports = function(err, req, res, next){
     return;
   };
 
-  err = createError(500, err.message);
+  err = createError(404, err.message);
   res.status(err.status).send(err.name);
   next();
 };
diff --git a/lab-regan/route/auth-router.js b/lab-regan/route/auth-router.js
index 387b96e..497e87b 100644
--- a/lab-regan/route/auth-router.js
+++ b/lab-regan/route/auth-router.js
@@ -12,13 +12,6 @@ const authRouter = module.exports = Router();
 authRouter.post('/api/signup', jsonParser, function(req, res, next){
   debug('POST: /api/signup');
 
-  //i added this
-  if(!req.body){
-    debug('test!');
-    return next(createError(400,'Bad Request'));
-  };
-  //done
-
   let password = req.body.password;
   delete req.body.password;
 
diff --git a/lab-regan/test/auth-route-test.js b/lab-regan/test/auth-route-test.js
index 47c56b1..b5cf57c 100644
--- a/lab-regan/test/auth-route-test.js
+++ b/lab-regan/test/auth-route-test.js
@@ -28,7 +28,7 @@ describe('Auth Routes', function(){
         .end((err, res) => {
           if(err) return done(err);
           expect(res.status).to.equal(200);
-          // expect(res.text).to.be.a('string');
+          expect(res.text).to.be.a('string');
           done();
         });
       });
@@ -39,18 +39,40 @@ describe('Auth Routes', function(){
         request.post(`${url}/api/signup`)
         .send()
         .end((err, res) => {
-          // if(err) return done(err);
-          debug(err.name);
-          debug(err.status);
-          debug(err.message);
+          expect(err).to.be.an('error');
           expect(err.status).to.equal(400);
           done();
         });
       });
     });
+
+    describe('with an invalid path', function(){
+      it('should return a 404', done => {
+        request.post(`${url}/apr`)
+        .send()
+        .end((err, res) => {
+          debug(err.status);
+          expect(err.status).to.equal(404);
+          done();
+        });
+      });
+    });
   });//end post test
 
   describe('GET: /api/signin', function(){
+
+    describe('with an invalid request', function(){
+      it('should return a 404', done => {
+        request.get(`${url}/api/test`)
+        .send()
+        .end((err, res) => {
+          expect(err).to.be.an('error');
+          expect(res.status).to.equal(404);
+          done();
+        });
+      });
+    });
+
       describe('with a valid body', function(){
         before( done => {
           let user = new User(exampleUser);
@@ -78,6 +100,34 @@ describe('Auth Routes', function(){
             done();
           });
         });
+      });//get
+
+      describe('with an invalid credentials (password)', function(){
+        before( done => {
+          let user = new User(exampleUser);
+          user.generatePasswordHash(exampleUser.password)
+          .then( user => user.save())
+          .then( user => {
+            this.tempUser = user;
+            done();
+          })
+          .catch(done);
+        });
+        after( done => {
+          User.remove({})
+          .then( () => done())
+          .catch(done);
+        });
+        it('should return a 401', done => {
+          request.get(`${url}/api/signin`)
+          .auth('exampleuser', '0000')
+          .end((err, res) => {
+            expect(err).to.be.an('error');
+            expect(res.status).to.equal(401);
+            done();
+          });
+        });
       });
+
     });//end GET /api/signin
 });

From f61bfcb821501efe018e9151142ba1848595872f Mon Sep 17 00:00:00 2001
From: reganoneill <rkrotho@gmail.com>
Date: Mon, 6 Mar 2017 20:36:34 -0800
Subject: [PATCH 4/7] complete

---
 lab-regan/README.md | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 lab-regan/README.md

diff --git a/lab-regan/README.md b/lab-regan/README.md
new file mode 100644
index 0000000..b5674f8
--- /dev/null
+++ b/lab-regan/README.md
@@ -0,0 +1,5 @@
+Basic Authorization
+
+This program contains uses bcrypt in conjunction with node.js's native module crypto to securely save users login credentials.
+
+For Grading purposes it contains a .env file which houses a couple environment variables we need to communicate with our MongoDB database and generate tokens.

From 380e878c6bccec0b3305c3406d93b0612d43d66a Mon Sep 17 00:00:00 2001
From: reganoneill <rkrotho@gmail.com>
Date: Tue, 7 Mar 2017 23:04:47 -0800
Subject: [PATCH 5/7] lab complete

---
 lab-regan/lib/bearer-auth-middleware.js |  33 ++
 lab-regan/lib/error-middleware.js       |   1 +
 lab-regan/model/gallery.js              |  13 +
 lab-regan/route/gallery-router.js       |  54 +++
 lab-regan/server.js                     |  13 +-
 lab-regan/test/gallery-route-test.js    | 545 ++++++++++++++++++++++++
 6 files changed, 654 insertions(+), 5 deletions(-)
 create mode 100644 lab-regan/lib/bearer-auth-middleware.js
 create mode 100644 lab-regan/model/gallery.js
 create mode 100644 lab-regan/route/gallery-router.js
 create mode 100644 lab-regan/test/gallery-route-test.js

diff --git a/lab-regan/lib/bearer-auth-middleware.js b/lab-regan/lib/bearer-auth-middleware.js
new file mode 100644
index 0000000..0d84ae2
--- /dev/null
+++ b/lab-regan/lib/bearer-auth-middleware.js
@@ -0,0 +1,33 @@
+'use strict';
+
+const debug = require('debug')('cfgram:bearer-auth-middleware');
+const createError = require('http-errors');
+const jwt = require('jsonwebtoken');
+
+const User = require('../model/user.js');
+
+module.exports = function(req, res, next){
+  debug('bearer auth middleware');
+
+  var authHeader = req.headers.authorization;
+  if(!authHeader){
+    return next(createError(401, 'not fun'));
+  };
+  var token = authHeader.split('Bearer ')[1];
+  if(!token){
+    return next(createError(401, 'not good very bad'));
+  };
+
+  jwt.verify(token, process.env.APP_SECRET, (err, decoded) => {
+    if(err) return next(err);
+    User.findOne({ findHash: decoded.token })
+    .then( user => {
+      req.user = user;
+      next();
+    })
+    .catch(err => {
+      next(createError(401, err.message));
+    });
+  });
+
+};
diff --git a/lab-regan/lib/error-middleware.js b/lab-regan/lib/error-middleware.js
index 6d0bd8b..d2563f7 100644
--- a/lab-regan/lib/error-middleware.js
+++ b/lab-regan/lib/error-middleware.js
@@ -12,6 +12,7 @@ module.exports = function(err, req, res, next){
 //400 solution
   if(err.message === 'data and salt arguments required'){
     err = createError(400, 'so bad');
+    debug(err.status);
     res.status(err.status).send(err.name);
     next();
     return;
diff --git a/lab-regan/model/gallery.js b/lab-regan/model/gallery.js
new file mode 100644
index 0000000..8e3011e
--- /dev/null
+++ b/lab-regan/model/gallery.js
@@ -0,0 +1,13 @@
+'use strict';
+
+const mongoose = require('mongoose');
+const Schema = mongoose.Schema;
+
+const gallerySchema = Schema({
+  name: {type: String, required: true},
+  description: {type: String, required: true},
+  created: {type: Date, required: true, default: Date.now },
+  userID: { type: Schema.Types.ObjectId, required: true }
+});
+
+module.exports = mongoose.model('gallery', gallerySchema);
diff --git a/lab-regan/route/gallery-router.js b/lab-regan/route/gallery-router.js
new file mode 100644
index 0000000..b5a030f
--- /dev/null
+++ b/lab-regan/route/gallery-router.js
@@ -0,0 +1,54 @@
+'use strict';
+
+const debug = require('debug')('cfgram:gallery-router');
+const Router = require('express').Router;
+const jsonParser = require('body-parser').json();
+const createError = require('http-errors');
+
+const Gallery = require('../model/gallery.js');
+const bearerAuth = require('../lib/bearer-auth-middleware.js');
+
+const galleryRouter = module.exports = Router();
+
+galleryRouter.delete('/api/gallery/:id', bearerAuth, function(req, res, next){
+  debug('DELETE: /api/gallery/:id');
+  Gallery.findByIdAndRemove(req.params.id)
+  .then( removed => res.json(removed))
+  .catch(next);
+});
+
+galleryRouter.post('/api/gallery', bearerAuth, jsonParser, function(req, res, next){
+  debug('POST: /api/gallery');
+  req.body.userID = req.user._id;
+  new Gallery(req.body).save()
+  .then( gallery => {
+    res.json(gallery);
+  })
+  .catch(next);
+});
+
+galleryRouter.get('/api/gallery/:id', bearerAuth, function(req, res, next){
+  debug('GET: /api/gallery');
+  Gallery.findById(req.params.id)
+  .then( gallery => {
+    if(gallery.userID.toString() !== req.user._id.toString()){
+      return next(createError(401, 'bad user name'));
+    };
+    res.json(gallery);
+  })
+  .catch(next);
+});
+
+galleryRouter.put('/api/gallery/:id', bearerAuth, jsonParser, function(req, res, next){
+  debug('PUT: /api/gallery/:id');
+  if(!req.body.name){
+    return next(createError(400, 'Invalid body'));
+  };
+
+  if(!req.body.description){
+    return next(createError(400, 'Invalid description'));
+  };
+  Gallery.findByIdAndUpdate(req.params.id, {$set: req.body }, {new: true})
+  .then( updatedGallery => res.json(updatedGallery))
+  .catch(next);
+});
diff --git a/lab-regan/server.js b/lab-regan/server.js
index 02163c5..8fc25e4 100644
--- a/lab-regan/server.js
+++ b/lab-regan/server.js
@@ -1,15 +1,17 @@
 'use strict';
 
 const express = require('express');
-const Promise = require('bluebird');
-const debug = require('debug')('cfgram:server');
-const morgan = require('morgan');
-const mongoose = require('mongoose');
 const cors = require('cors');
 const dotenv = require('dotenv');
+const morgan = require('morgan');
+const mongoose = require('mongoose');
+const Promise = require('bluebird');
+const debug = require('debug')('cfgram:server');
 
-const authRouter = require('./route/auth-router.js');
 const errors = require('./lib/error-middleware.js');
+const authRouter = require('./route/auth-router.js');
+const galleryRouter = require('./route/gallery-router.js');
+
 
 dotenv.load();
 
@@ -22,6 +24,7 @@ app.use(cors());
 app.use(morgan('dev'));
 
 app.use(authRouter);
+app.use(galleryRouter);
 app.use(errors);
 
 app.listen(PORT,  () => {
diff --git a/lab-regan/test/gallery-route-test.js b/lab-regan/test/gallery-route-test.js
new file mode 100644
index 0000000..ca75bb2
--- /dev/null
+++ b/lab-regan/test/gallery-route-test.js
@@ -0,0 +1,545 @@
+'use strict';
+
+const expect = require('chai').expect;
+const request = require('superagent');
+const debug = require('debug')('cfgram:gallery-route-test');
+const mongoose = require('mongoose');
+const Promise = require('bluebird');
+
+const Gallery = require('../model/gallery.js');
+const User = require('../model/user.js');
+
+const url = `http://localhost:${process.env.PORT}`;
+
+const exampleUser = {
+  username: 'tester name',
+  password: 'tester password',
+  email: 'test@test.com'
+};
+const exampleGallery = {
+  name: 'test gallery',
+  description: 'descriptive test'
+};
+const exampleUpdatedGallery = {
+  name: 'updated test gallery',
+  description: 'updated descriptive test'
+};
+const exampleBadUpdatedGallery = {
+  description: 'updated descriptive test'
+};
+const badID = 6666666666666;
+
+describe('Gallery Routes', function(){
+
+  afterEach( done => {
+      Promise.all([
+        User.remove({}),
+        Gallery.remove({})
+      ])
+      .then( () => done())
+      .catch(done);
+  });
+
+  describe('POST: /api/gallery', () => {
+    describe('a valid request', function(){
+      before( done => {
+        new User(exampleUser)
+        .generatePasswordHash(exampleUser.password)
+        .then( user => user.save())
+        .then( user => {
+          this.tempUser = user;
+          return user.generateToken();
+        })
+        .then( token => {
+          this.tempToken = token;
+          done();
+        })
+        .catch(done);
+      });
+      it('should return a gallery (post request)', done => {
+        request.post(`${url}/api/gallery`)
+        .send(exampleGallery)
+        .set({
+          Authorization: `Bearer ${this.tempToken}`
+        })
+        .end((err, res) => {
+          if(err) return done(err);
+          let date = new Date(res.body.created).toString();
+          expect(res.body.name).to.equal(exampleGallery.name);
+          expect(res.body.description).to.equal(exampleGallery.description);
+          expect(res.body.userID).to.equal(this.tempUser._id.toString());
+          expect(date).to.not.equal('invalid');
+          expect(res.status).to.equal(200);
+          done();
+        });
+      });
+   });
+
+   describe('a request with no token', function(){
+     before( done => {
+       new User(exampleUser)
+       .generatePasswordHash(exampleUser.password)
+       .then( user => user.save())
+       .then( user => {
+         this.tempUser = user;
+         return user.generateToken();
+       })
+       .then( token => {
+         this.tempToken = token;
+         done();
+       })
+       .catch(done);
+     });
+     it('should return a 401 because of no token', done => {
+       request.post(`${url}/api/gallery`)
+       .send(exampleGallery)
+       .end((err, res) => {
+         expect(res.status).to.equal(401);
+         done();
+       });
+     });
+  });
+
+  describe('no request body or invalid request body returns 400', function(){
+    before( done => {
+      new User(exampleUser)
+      .generatePasswordHash(exampleUser.password)
+      .then( user => user.save())
+      .then( user => {
+        this.tempUser = user;
+        return user.generateToken();
+      })
+      .then( token => {
+        this.tempToken = token;
+        done();
+      })
+      .catch(done);
+    });
+    it('should return a 400 because of no token', done => {
+      request.post(`${url}/api/gallery`)
+      .send(exampleBadUpdatedGallery)
+      .set({
+        Authorization: `Bearer ${this.tempToken}`
+      })
+      .end((err, res) => {
+        expect(res.status).to.equal(400);
+        done();
+      });
+    });
+ });
+});//end post
+
+
+    describe('GET: /api/gallery/:id', () => {
+
+      describe('with a valid request', function(){
+      before( done => {
+        new User(exampleUser)
+        .generatePasswordHash(exampleUser.password)
+        .then( user => user.save())
+        .then(user => {
+          this.tempUser = user;
+          return user.generateToken()
+        })
+        .then( token => {
+          this.tempToken = token;
+          done();
+        })
+        .catch(done);
+      });
+      before( done => {
+        exampleGallery.userID = this.tempUser._id.toString();
+        new Gallery(exampleGallery).save()
+        .then( gallery => {
+          this.tempGallery = gallery;
+          done();
+        })
+        .catch(done);
+      });
+      after( () => {
+        delete exampleGallery.userID;
+      });
+      it('should GET return a gallery', done => {
+        request.get(`${url}/api/gallery/${this.tempGallery._id}`)
+        .set({
+          Authorization: `Bearer ${this.tempToken}`
+        })
+        .end((err, res) => {
+          if(err) return done(err);
+          let date = new Date(res.body.created.toString());
+          expect(res.body.name).to.equal(exampleGallery.name);
+          expect(res.body.description).to.equal(exampleGallery.description);
+          expect(res.body.userID).to.equal(this.tempUser._id.toString());
+          expect(date).to.not.equal('invalid date');
+          expect(res.status).to.equal(200);
+          done();
+        });
+      });
+     });
+
+     describe('with an invalid request', function(){
+     before( done => {
+       new User(exampleUser)
+       .generatePasswordHash(exampleUser.password)
+       .then( user => user.save())
+       .then(user => {
+         this.tempUser = user;
+         return user.generateToken()
+       })
+       .then( token => {
+         this.tempToken = token;
+         done();
+       })
+       .catch(done);
+     });
+     before( done => {
+       exampleGallery.userID = this.tempUser._id.toString();
+       new Gallery(exampleGallery).save()
+       .then( gallery => {
+         this.tempGallery = gallery;
+         done();
+       })
+       .catch(done);
+     });
+     after( () => {
+       delete exampleGallery.userID;
+     });
+     it('should return a 401 for no token', done => {
+       request.get(`${url}/api/gallery/${this.tempGallery._id}`)
+       .end((err, res) => {
+         expect(res.status).to.equal(401);
+         done();
+       });
+     });
+     });
+
+     describe('with a valid request and no id foud', function(){
+     before( done => {
+       new User(exampleUser)
+       .generatePasswordHash(exampleUser.password)
+       .then( user => user.save())
+       .then(user => {
+         this.tempUser = user;
+         return user.generateToken()
+       })
+       .then( token => {
+         this.tempToken = token;
+         done();
+       })
+       .catch(done);
+     });
+     before( done => {
+       exampleGallery.userID = this.tempUser._id.toString();
+       new Gallery(exampleGallery).save()
+       .then( gallery => {
+         this.tempGallery = gallery;
+         done();
+       })
+       .catch(done);
+     });
+     after( () => {
+       delete exampleGallery.userID;
+     });
+     it('should return a 404 for no id found', done => {
+       request.get(`${url}/api/gallery/${badID}`)
+       .set({
+         Authorization: `Bearer ${this.tempToken}`
+       })
+       .end((err, res) => {
+         expect(res.status).to.equal(404);
+         done();
+       });
+     });
+     });
+   });//end GET
+
+
+   describe('PUT: /api/gallery/:id', function() {
+     describe('with a valid body', () => {
+
+     before( done => {
+       new User(exampleUser)
+       .generatePasswordHash(exampleUser.password)
+       .then( user => user.save())
+       .then(user => {
+         this.tempUser = user;
+         return user.generateToken()
+       })
+       .then( token => {
+         this.tempToken = token;
+         done();
+       })
+       .catch(done);
+     });
+     before( done => {
+       exampleGallery.userID = this.tempUser._id.toString();
+       new Gallery(exampleGallery).save()
+       .then( gallery => {
+         this.tempGallery = gallery;
+         done();
+       })
+       .catch(done);
+     });
+     after( () => {
+       delete exampleGallery.userID;
+     });
+     it('should return a 400 for invalid body', done => {
+       request.put(`${url}/api/gallery/${this.tempGallery._id}`)
+       .send(exampleUpdatedGallery)
+       .set({
+         Authorization: `Bearer ${this.tempToken}`
+       })
+       .end((err, res) => {
+         expect(res.body.name).to.equal(exampleUpdatedGallery.name);
+         expect(res.body.description).to.equal(exampleUpdatedGallery.description);
+         expect(res.status).to.equal(200);
+         done();
+       });
+     });
+    });
+    describe('with an invalid body', () => {
+    before( done => {
+      new User(exampleUser)
+      .generatePasswordHash(exampleUser.password)
+      .then( user => user.save())
+      .then(user => {
+        this.tempUser = user;
+        return user.generateToken()
+      })
+      .then( token => {
+        this.tempToken = token;
+        done();
+      })
+      .catch(done);
+    });
+    before( done => {
+      exampleGallery.userID = this.tempUser._id.toString();
+      new Gallery(exampleGallery).save()
+      .then( gallery => {
+        this.tempGallery = gallery;
+        done();
+      })
+      .catch(done);
+    });
+    after( () => {
+      delete exampleGallery.userID;
+    });
+    it('should return an updated gallery (put request)', done => {
+      request.put(`${url}/api/gallery/${this.tempGallery._id}`)
+      .send(exampleBadUpdatedGallery)
+      .set({
+        Authorization: `Bearer ${this.tempToken}`
+      })
+      .end((err, res) => {
+        expect(res.status).to.equal(400);
+        done();
+      });
+    });
+   });
+
+   describe('with an invalid token', () => {
+   before( done => {
+     new User(exampleUser)
+     .generatePasswordHash(exampleUser.password)
+     .then( user => user.save())
+     .then(user => {
+       this.tempUser = user;
+       return user.generateToken()
+     })
+     .then( token => {
+       this.tempToken = token;
+       done();
+     })
+     .catch(done);
+   });
+   before( done => {
+     exampleGallery.userID = this.tempUser._id.toString();
+     new Gallery(exampleGallery).save()
+     .then( gallery => {
+       this.tempGallery = gallery;
+       done();
+     })
+     .catch(done);
+   });
+   after( () => {
+     delete exampleGallery.userID;
+   });
+   it('should return a 401 due to no token', done => {
+     request.put(`${url}/api/gallery/${this.tempGallery._id}`)
+     .send(exampleUpdatedGallery)
+     .end((err, res) => {
+       expect(res.status).to.equal(401);
+       done();
+     });
+   });
+  });
+
+  describe('with an invalid id should return 404', () => {
+  before( done => {
+    new User(exampleUser)
+    .generatePasswordHash(exampleUser.password)
+    .then( user => user.save())
+    .then(user => {
+      this.tempUser = user;
+      return user.generateToken()
+    })
+    .then( token => {
+      this.tempToken = token;
+      done();
+    })
+    .catch(done);
+  });
+  before( done => {
+    exampleGallery.userID = this.tempUser._id.toString();
+    new Gallery(exampleGallery).save()
+    .then( gallery => {
+      this.tempGallery = gallery;
+      done();
+    })
+    .catch(done);
+  });
+  after( () => {
+    delete exampleGallery.userID;
+  });
+  it('should return a 404 - id not found', done => {
+    request.put(`${url}/api/gallery/${badID}`)
+    .send(exampleUpdatedGallery)
+    .set({
+      Authorization: `Bearer ${this.tempToken}`
+    })
+    .end((err, res) => {
+      expect(res.status).to.equal(404);
+      done();
+    });
+  });
+  });
+});//end PUT
+
+describe('DELETE: /api/gallery/:id', () => {
+
+  describe('with a valid request', function(){
+  before( done => {
+    new User(exampleUser)
+    .generatePasswordHash(exampleUser.password)
+    .then( user => user.save())
+    .then(user => {
+      this.tempUser = user;
+      return user.generateToken()
+    })
+    .then( token => {
+      this.tempToken = token;
+      done();
+    })
+    .catch(done);
+  });
+  before( done => {
+    exampleGallery.userID = this.tempUser._id.toString();
+    new Gallery(exampleGallery).save()
+    .then( gallery => {
+      this.tempGallery = gallery;
+      done();
+    })
+    .catch(done);
+  });
+  after( () => {
+    delete exampleGallery.userID;
+  });
+  it('should DELETE and return a gallery', done => {
+    request.delete(`${url}/api/gallery/${this.tempGallery._id}`)
+    .set({
+      Authorization: `Bearer ${this.tempToken}`
+    })
+    .end((err, res) => {
+      if(err) return done(err);
+      debug(res.body.name);
+      expect(res.body.name).to.equal(exampleGallery.name);
+      // expect(res.body.description).to.equal(exampleGallery.description);
+      // expect(res.body.userID).to.equal(this.tempUser._id.toString());
+      // expect(date).to.not.equal('invalid date');
+      expect(res.status).to.equal(200);
+      done();
+    });
+  });
+ });
+
+
+
+ describe('with an invalid request', function(){
+ before( done => {
+   new User(exampleUser)
+   .generatePasswordHash(exampleUser.password)
+   .then( user => user.save())
+   .then(user => {
+     this.tempUser = user;
+     return user.generateToken()
+   })
+   .then( token => {
+     this.tempToken = token;
+     done();
+   })
+   .catch(done);
+ });
+ before( done => {
+   exampleGallery.userID = this.tempUser._id.toString();
+   new Gallery(exampleGallery).save()
+   .then( gallery => {
+     this.tempGallery = gallery;
+     done();
+   })
+   .catch(done);
+ });
+ after( () => {
+   delete exampleGallery.userID;
+ });
+ it('should return a 401 for no token', done => {
+   request.delete(`${url}/api/gallery/${this.tempGallery._id}`)
+   .end((err, res) => {
+     expect(res.status).to.equal(401);
+     done();
+   });
+ });
+});
+
+
+
+describe('valid request with an id that was not found', function(){
+  before( done => {
+    new User(exampleUser)
+    .generatePasswordHash(exampleUser.password)
+    .then( user => user.save())
+    .then(user => {
+      this.tempUser = user;
+      return user.generateToken()
+    })
+    .then( token => {
+      this.tempToken = token;
+      done();
+    })
+    .catch(done);
+  });
+  before( done => {
+    exampleGallery.userID = this.tempUser._id.toString();
+    new Gallery(exampleGallery).save()
+    .then( gallery => {
+      this.tempGallery = gallery;
+      done();
+    })
+    .catch(done);
+  });
+  after( () => {
+    delete exampleGallery.userID;
+  });
+  it('should return a 404 because of a bad id', done => {
+    request.delete(`${url}/api/gallery/${badID}`)
+    .set({
+      Authorization: `Bearer ${this.tempToken}`
+    })
+    .end((err, res) => {
+      expect(res.status).to.equal(404);
+      done();
+   });
+  });
+ });
+});//end delete
+
+});

From adffa024955cb8c5cf592779b20cd51a07026fb9 Mon Sep 17 00:00:00 2001
From: reganoneill <rkrotho@gmail.com>
Date: Wed, 8 Mar 2017 22:22:07 -0800
Subject: [PATCH 6/7] complete

---
 lab-regan/.env                       |    6 +-
 lab-regan/.gitignore                 |    1 -
 lab-regan/model/gallery.js           |    2 +-
 lab-regan/model/pic.js               |   16 +
 lab-regan/model/user.js              |    2 +
 lab-regan/package.json               |    5 +-
 lab-regan/route/pic-router.js        |   68 ++
 lab-regan/server.js                  |    8 +-
 lab-regan/test/auth-route-test.js    |  266 +++----
 lab-regan/test/data/angular.png      |  Bin 0 -> 15638 bytes
 lab-regan/test/gallery-route-test.js | 1090 +++++++++++++-------------
 lab-regan/test/lib/server-toggle.js  |   28 +
 lab-regan/test/pic-route-test.js     |  102 +++
 13 files changed, 910 insertions(+), 684 deletions(-)
 create mode 100644 lab-regan/model/pic.js
 create mode 100644 lab-regan/route/pic-router.js
 create mode 100644 lab-regan/test/data/angular.png
 create mode 100644 lab-regan/test/lib/server-toggle.js
 create mode 100644 lab-regan/test/pic-route-test.js

diff --git a/lab-regan/.env b/lab-regan/.env
index fdb9a4b..deddcc2 100644
--- a/lab-regan/.env
+++ b/lab-regan/.env
@@ -1,3 +1,7 @@
 
-MONGODB_URI='mongodb://localhost/cfgrammy'
+MONGODB_URI='mongodb://localhost/cfgramed'
 APP_SECRET='bestappsecret'
+PORT='8000'
+AWS_BUCKET='cfgrambackend-rko'
+AWS_ACCESS_KEY_ID='AKIAIQ3KQHA25LMUL7KA'
+AWS_SECRET_ACCESS_KEY='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'
diff --git a/lab-regan/.gitignore b/lab-regan/.gitignore
index 5ed0369..0af4c0f 100644
--- a/lab-regan/.gitignore
+++ b/lab-regan/.gitignore
@@ -17,7 +17,6 @@
 .nfs*
 
 ###Local Files###
-data/
 
 ### Node ###
 # Logs
diff --git a/lab-regan/model/gallery.js b/lab-regan/model/gallery.js
index 8e3011e..fbcaf3e 100644
--- a/lab-regan/model/gallery.js
+++ b/lab-regan/model/gallery.js
@@ -5,7 +5,7 @@ const Schema = mongoose.Schema;
 
 const gallerySchema = Schema({
   name: {type: String, required: true},
-  description: {type: String, required: true},
+  desc: {type: String, required: true},
   created: {type: Date, required: true, default: Date.now },
   userID: { type: Schema.Types.ObjectId, required: true }
 });
diff --git a/lab-regan/model/pic.js b/lab-regan/model/pic.js
new file mode 100644
index 0000000..3482fe0
--- /dev/null
+++ b/lab-regan/model/pic.js
@@ -0,0 +1,16 @@
+'use strict';
+
+const mongoose = require('mongoose');
+const Schema = mongoose.Schema;
+
+const picSchema = Schema({
+  name: {type: String, required: true},
+  desc: {type: String, required: true},
+  userID: {type: Schema.Types.ObjectId, required: true},
+  galleryID: {type: Schema.Types.ObjectId, required: true},
+  imageURI: {type: String, required: true, unique: true},
+  objectKey: {type: String, required: true, unique: true},
+  created: {type: Date, default: Date.now}
+});
+
+module.exports = mongoose.model('pic', picSchema);
diff --git a/lab-regan/model/user.js b/lab-regan/model/user.js
index 1c93e82..118c241 100644
--- a/lab-regan/model/user.js
+++ b/lab-regan/model/user.js
@@ -45,10 +45,12 @@ userSchema.methods.generateFindHash = function(){
     let tries = 0;
     _generateFindHash.call(this);
     function _generateFindHash(){
+      debug('ok we are also herererere');
       this.findHash = crypto.randomBytes(32).toString('hex');
       this.save()
       .then( () => resolve(this.findHash))
       .catch( err => {
+        debug('we are in the catch statement');
         if(tries > 3) return reject(err);
         tries++;
         _generateFindHash.call(this);
diff --git a/lab-regan/package.json b/lab-regan/package.json
index c04b2ee..2143cdc 100644
--- a/lab-regan/package.json
+++ b/lab-regan/package.json
@@ -14,17 +14,20 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
+    "aws-sdk": "^2.25.0",
     "bcrypt": "^1.0.2",
     "bluebird": "^3.5.0",
     "body-parser": "^1.17.1",
     "cors": "^2.8.1",
     "debug": "^2.6.1",
+    "del": "^2.2.2",
     "dotenv": "^4.0.0",
     "express": "^4.15.2",
     "http-errors": "^1.6.1",
     "jsonwebtoken": "^7.3.0",
     "mongoose": "^4.8.6",
-    "morgan": "^1.8.1"
+    "morgan": "^1.8.1",
+    "multer": "^1.3.0"
   },
   "devDependencies": {
     "chai": "^3.5.0",
diff --git a/lab-regan/route/pic-router.js b/lab-regan/route/pic-router.js
new file mode 100644
index 0000000..9be70cc
--- /dev/null
+++ b/lab-regan/route/pic-router.js
@@ -0,0 +1,68 @@
+'use strict';
+
+const fs = require('fs');
+const path = require('path');
+const del = require('del');
+const AWS = require('aws-sdk');
+const multer = require('multer');
+const Router = require('express').Router;
+const debug = require('debug')('cfgram:pic-router');
+const createError = require('http-errors');
+
+const Pic = require('../model/pic.js');
+const Gallery = require('../model/gallery.js');
+
+const bearerAuth = require('../lib/bearer-auth-middleware.js');
+
+AWS.config.setPromisesDependency(require('bluebird'));
+
+const s3 = new AWS.S3();
+const dataDir = `${__dirname}/../data`;
+const upload = multer({dest: dataDir});
+
+const picRouter = module.exports = Router();
+
+function s3uploadProm(params){
+  debug(s3uploadProm);
+  return new Promise((resolve, reject) => {
+    s3.upload(params, (err, s3data) => {
+      resolve(s3data);
+    });
+  });
+};
+
+picRouter.post('/api/gallery/:galleryID/pic', bearerAuth, upload.single('image'), function(req, res, next){
+  debug('POST: /api/gallery/:galleryID/pic');
+  if(!req.file){
+    return next(createError(400, 'file not found'));
+  };
+  if(!req.file.path){
+    return next(createError(500, 'bad request'))
+  };
+
+  let ext = path.extname(req.file.originalname);
+
+  let params = {
+    ACL: 'public-read',
+    Bucket: process.env.AWS_BUCKET,
+    Key: `${req.file.filename}${ext}`,
+    Body: fs.createReadStream(req.file.path)
+  };
+
+  Gallery.findById(req.params.galleryID)
+  .then( () => s3uploadProm(params))
+  .then( s3data => {
+    del([`${dataDir}/*`]);
+    let picData = {
+      name: req.body.name,
+      desc: req.body.desc,
+      objectKey: s3data.Key,
+      imageURI: s3data.Location,
+      userID: req.user._id,
+      galleryID: req.params.galleryID
+    };
+    return new Pic(picData).save()
+  })
+  .then( pic => res.json(pic))
+  .catch( err => next(err));
+});
diff --git a/lab-regan/server.js b/lab-regan/server.js
index 8fc25e4..0a93b49 100644
--- a/lab-regan/server.js
+++ b/lab-regan/server.js
@@ -11,6 +11,7 @@ const debug = require('debug')('cfgram:server');
 const errors = require('./lib/error-middleware.js');
 const authRouter = require('./route/auth-router.js');
 const galleryRouter = require('./route/gallery-router.js');
+const picRouter = require('./route/pic-router.js');
 
 
 dotenv.load();
@@ -25,8 +26,11 @@ app.use(morgan('dev'));
 
 app.use(authRouter);
 app.use(galleryRouter);
+app.use(picRouter);
 app.use(errors);
 
-app.listen(PORT,  () => {
-  debug(`server up on port ${PORT}`);
+const server = module.exports = app.listen(PORT, () => {
+  debug(`server up on ${PORT}`);
 });
+
+server.isRunning = true;
diff --git a/lab-regan/test/auth-route-test.js b/lab-regan/test/auth-route-test.js
index b5cf57c..dfcd49b 100644
--- a/lab-regan/test/auth-route-test.js
+++ b/lab-regan/test/auth-route-test.js
@@ -1,133 +1,133 @@
-'use script';
-
-const debug = require('debug')('cfgram:auth-route-test');
-const expect = require('chai').expect;
-const request = require('superagent');
-const User = require('../model/user.js');
-
-require('../server.js');
-
-const url = `http://localhost:${process.env.PORT}`;
-const exampleUser = {
-  username: 'exampleuser',
-  password: '9876',
-  email: 'example@example.com'
-};
-
-describe('Auth Routes', function(){
-  describe('POST: /api/signup', function(){
-    describe('with a valid body', function(){
-      after( done => {
-        User.remove({})
-        .then( () => done())
-        .catch(done);
-      });
-      it('should return a token', done => {
-        request.post(`${url}/api/signup`)
-        .send(exampleUser)
-        .end((err, res) => {
-          if(err) return done(err);
-          expect(res.status).to.equal(200);
-          expect(res.text).to.be.a('string');
-          done();
-        });
-      });
-    });
-
-    describe('with an invalid body', function(){
-      it('should return a 400', done => {
-        request.post(`${url}/api/signup`)
-        .send()
-        .end((err, res) => {
-          expect(err).to.be.an('error');
-          expect(err.status).to.equal(400);
-          done();
-        });
-      });
-    });
-
-    describe('with an invalid path', function(){
-      it('should return a 404', done => {
-        request.post(`${url}/apr`)
-        .send()
-        .end((err, res) => {
-          debug(err.status);
-          expect(err.status).to.equal(404);
-          done();
-        });
-      });
-    });
-  });//end post test
-
-  describe('GET: /api/signin', function(){
-
-    describe('with an invalid request', function(){
-      it('should return a 404', done => {
-        request.get(`${url}/api/test`)
-        .send()
-        .end((err, res) => {
-          expect(err).to.be.an('error');
-          expect(res.status).to.equal(404);
-          done();
-        });
-      });
-    });
-
-      describe('with a valid body', function(){
-        before( done => {
-          let user = new User(exampleUser);
-          user.generatePasswordHash(exampleUser.password)
-          .then( user => user.save())
-          .then( user => {
-            this.tempUser = user;
-            done();
-          })
-          .catch(done);
-        });
-        after( done => {
-          User.remove({})
-          .then( () => done())
-          .catch(done);
-        });
-        it('should a token', done => {
-          request.get(`${url}/api/signin`)
-          .auth('exampleuser', '9876')
-          .end((err, res) => {
-            if(err) return done(err);
-            console.log('temporary user: ', this.tempUser);
-            console.log('GET: /apl/signin token ', res.text);
-            expect(res.status).to.equal(200);
-            done();
-          });
-        });
-      });//get
-
-      describe('with an invalid credentials (password)', function(){
-        before( done => {
-          let user = new User(exampleUser);
-          user.generatePasswordHash(exampleUser.password)
-          .then( user => user.save())
-          .then( user => {
-            this.tempUser = user;
-            done();
-          })
-          .catch(done);
-        });
-        after( done => {
-          User.remove({})
-          .then( () => done())
-          .catch(done);
-        });
-        it('should return a 401', done => {
-          request.get(`${url}/api/signin`)
-          .auth('exampleuser', '0000')
-          .end((err, res) => {
-            expect(err).to.be.an('error');
-            expect(res.status).to.equal(401);
-            done();
-          });
-        });
-      });
-
-    });//end GET /api/signin
-});
+// 'use script';
+//
+// const debug = require('debug')('cfgram:auth-route-test');
+// const expect = require('chai').expect;
+// const request = require('superagent');
+// const User = require('../model/user.js');
+//
+// require('../server.js');
+//
+// const url = `http://localhost:${process.env.PORT}`;
+// const exampleUser = {
+//   username: 'exampleuser',
+//   password: '9876',
+//   email: 'example@example.com'
+// };
+//
+// describe('Auth Routes', function(){
+//   describe('POST: /api/signup', function(){
+//     describe('with a valid body', function(){
+//       after( done => {
+//         User.remove({})
+//         .then( () => done())
+//         .catch(done);
+//       });
+//       it('should return a token', done => {
+//         request.post(`${url}/api/signup`)
+//         .send(exampleUser)
+//         .end((err, res) => {
+//           if(err) return done(err);
+//           expect(res.status).to.equal(200);
+//           expect(res.text).to.be.a('string');
+//           done();
+//         });
+//       });
+//     });
+//
+//     describe('with an invalid body', function(){
+//       it('should return a 400', done => {
+//         request.post(`${url}/api/signup`)
+//         .send()
+//         .end((err, res) => {
+//           expect(err).to.be.an('error');
+//           expect(err.status).to.equal(400);
+//           done();
+//         });
+//       });
+//     });
+//
+//     describe('with an invalid path', function(){
+//       it('should return a 404', done => {
+//         request.post(`${url}/apr`)
+//         .send()
+//         .end((err, res) => {
+//           debug(err.status);
+//           expect(err.status).to.equal(404);
+//           done();
+//         });
+//       });
+//     });
+//   });//end post test
+//
+//   describe('GET: /api/signin', function(){
+//
+//     describe('with an invalid request', function(){
+//       it('should return a 404', done => {
+//         request.get(`${url}/api/test`)
+//         .send()
+//         .end((err, res) => {
+//           expect(err).to.be.an('error');
+//           expect(res.status).to.equal(404);
+//           done();
+//         });
+//       });
+//     });
+//
+//       describe('with a valid body', function(){
+//         before( done => {
+//           let user = new User(exampleUser);
+//           user.generatePasswordHash(exampleUser.password)
+//           .then( user => user.save())
+//           .then( user => {
+//             this.tempUser = user;
+//             done();
+//           })
+//           .catch(done);
+//         });
+//         after( done => {
+//           User.remove({})
+//           .then( () => done())
+//           .catch(done);
+//         });
+//         it('should a token', done => {
+//           request.get(`${url}/api/signin`)
+//           .auth('exampleuser', '9876')
+//           .end((err, res) => {
+//             if(err) return done(err);
+//             console.log('temporary user: ', this.tempUser);
+//             console.log('GET: /apl/signin token ', res.text);
+//             expect(res.status).to.equal(200);
+//             done();
+//           });
+//         });
+//       });//get
+//
+//       describe('with an invalid credentials (password)', function(){
+//         before( done => {
+//           let user = new User(exampleUser);
+//           user.generatePasswordHash(exampleUser.password)
+//           .then( user => user.save())
+//           .then( user => {
+//             this.tempUser = user;
+//             done();
+//           })
+//           .catch(done);
+//         });
+//         after( done => {
+//           User.remove({})
+//           .then( () => done())
+//           .catch(done);
+//         });
+//         it('should return a 401', done => {
+//           request.get(`${url}/api/signin`)
+//           .auth('exampleuser', '0000')
+//           .end((err, res) => {
+//             expect(err).to.be.an('error');
+//             expect(res.status).to.equal(401);
+//             done();
+//           });
+//         });
+//       });
+//
+//     });//end GET /api/signin
+// });
diff --git a/lab-regan/test/data/angular.png b/lab-regan/test/data/angular.png
new file mode 100644
index 0000000000000000000000000000000000000000..4febc831af232eb537c8ab850145ac995f52520d
GIT binary patch
literal 15638
zcmV+xJ?X-UP)<h;3K|Lk000e1NJLTq0077U0077c1^@s6tyr#}002DQNkl<Zc%1D0
z33wdWbtj7d?yc%>>;OT61Syf?u7wgekOX&vlw^srcAJu=$c`3E@x;sc{~u?aH)CX(
ze3LgBzi~WyaqPs2on-8gjxAfZEK9NlYokOG+(Aj)Nq_`M5X43-y;R+I&aG;q32x}>
zYM{~R-}g1TySl5oaPK|$?B_`2kV6hvMUFsn$l)5u5l9X>Tm$Av-@sUh0z_R+jZs6d
z>*!HaS7!-*IENg@D3~bdA>XK}x#9-J$N6*q-f-Vr4woV~0mB4$vGYSEa)`F->XP25
zxT_u3gbt<JO0D2q3--QyHsMqzCj1FKe|6BgIiw#s0!bq@QEb{Iv1JP{Y&-F@lZ%(F
z5kfpj2Nx3?*$^`%4n`wTO1(?(-!FuCvwC;^i-WJZdDAB209~(k(Diai4{`*O2C#U9
zni?tU>SFO@4fEy&gGEIX^I~|GKL412m|JYf3SQ-XmW8v*j-9eCvrtL|g+RAucT1>`
z==JtIq5fffSJ(bIhYyG2*JDE2#4omNv2$D{eaI1rPhf7bg}4PTTCrt|<sOqq7go<Q
z4YiPtevS@R8A6m65D`Rd8xf`S_YC?T5r}BEEnet0|1pIyLiD{DeJ`q1Ur^wLq43Yr
z7OxZ;cH`n*yISMF%{t3(>gw!Thfs3F;v;ed;vK9T2+|EOST{JnY}pK2$kik+t&<Rs
z<x5%4ltAx!vGW)CEswo6v-6);W#hDMB~D13Sd0L16#Zp-=4;U3x9HO!g&-SNl@+~_
z$f@|cweGyu=ESg+kt2{K5!Wl?Tq5DPJXy8u69RGrk-%~il@<~gKo4;MODXp&`Vm*w
zFXAc$k_f%fg-et{;w<?>qSuP`5@r4>sN}u^h!>ab-oAbCy=tzO6T>_sM<7Flmib#-
zMdEIKtfnT<?CP7Vgd*`tRMVkb%1pC>#iw4|=0(kmlGpz=$9V_@auK}HmHVLcj6%cE
z$9pZS*?>3_5_py9=ev_SJI^HQEG&k#R#d3R1`&1+*G7&&u7N9Ap;}k1Dvm`W(;~Lm
zK;qML^qo1RNEh&~-bXZHD-|O#h&~cSj#5a5Koa2+3yEP$1cj9P9xQ#0&LG5oCB(Oc
zg`GDC)X^#R^}T#fE&beAH*FHGa_|0|Ib01n0!hHtd=-r2Rm&Gkp%w}y?xzL$0O=Jb
zD+o3my#kJ2ab0e4C3q!}L5OoKt+VLs(lar#FkSyAO2}7B4eVRGW5>3{lUzM2=VQ4F
zas&d`EK9rUV7;Po#fow(Y(GIlOf`v7>q?ElG-40LDJ(wcqQyw17}MqxfoQ}<Fu26d
zf7lupa&(qcL`8K(+<V6v;`?`O-`<#bF8?2-vxuC|GJvs6AVRVDgaNZGqh<d5LMxcR
z(pKVm;uN>j0NqM@1$szyam=#3(Td9y?Ns0=feZ#OblW9nHXXCh5~lx!xZaVVz@d;Z
zHrvtu7xRO`3rp(jqw(_+Ovhu|5;oQdM2Br~aNzm`W&2EZ^`vk_O{JwzY(zXpho;aj
z8)W0E%PnHUiH%B2^m951WDt0<vt(%I5m#aLo{b6g+(sPcEu#Lv&lmQgl{<GHj-SBB
z34R`{TqWxX<l1^g^?IV11+-QkGay!&+RwnsgaV0DL$*StieV&>L|95GVF)1&?Pn3B
zvw(G$v$RS4n}q#tnF`h~+Wr2agmcDRTv*l;NPOoTY}RaAwrs9#N#YW!ir#J*XPPB!
zeG1!lqF&*v2z5P-5P`&T$^XoXJ#kN>1ciQE?WZl{-9jPXFOBqVp4ZTDA@M|Q`o2P(
zSvDc72t;!W5}%NeQ$c!$aq`3F5)p_!M2hy4bbJnp7t`}dY3-&3X*uB@0>exci5Ou5
z8H~6GUyyPynOH8wVkC}=k3s@_gF=2UDC{?@>g)T&fRVz<Y01J|mJFDW)NoOR8WbFO
zY~k|h0Yl9oap^hQ5AUY$O(>LxWIjP0gLgd+d@_&$V~}A4k_fG{2v=v}l~0^D5)fz!
zK)e{Sv87m<$CvMYzbSqKEB8bwT0G4LV#%=i7#gmoSF|szDeIE`Yot(1=-^Yd1J2an
zCvhR>JZrf-87JOwAcF}+Bkqu-m#nV{ExVE^CONK5sRQ(Ga{zL8MNqzd>$YueiKo^M
z#D$H@K*~&<k1OJOxfM!^2S|flN}tuRS@wcs%5+a1e!U_YWIBNi!X@L$hK&Mgpr6K@
zxbvGtJUa^^Ut7L=$IF9H9F4gw89yIa%dH3%6if=*#&0WSZ=^YzQ(~AEJZs&S*2&{u
zZAQlbkE4u0E+WAx$<GE83W;C5Id#(ibSO`VtpfHx7<qXIS8m<f7e8+_<+5bte8i(r
zD_UDc++V@RjxAX-*MM;c=@g%{m0Ci(RcV1?T#{RXVKB@34Zh)X#QsiMF~^QN3Na8D
zHjv8_bt0L2f)K~)<L@a$yk1HSe@T7)x%hdRp39Ok3yC?!m2xZ2EL}P?tmHBp{<U<w
zpURhVoYnxZl3Otv!KT&L{wPjM8^Xx+J#|QMrf5(u3vFsJ6zXV#e^dbZ!SaVb{%cWN
zn<#E&TrSIq63A6^E7&x9^u(hyv^8{ttB5ET3^li6^nsLJ#L#g=F`7Ceu+H~D1Y|Z4
zNgS8wve2V97P~<2e;pEHZyxNQRPWlgBk`n6$z>Ul#dWpZia=-Y&9)RT2&feb;^uLt
zS<p{J(U(MS#i)X5K%Hzy;Qqxh9^Zrye*6l$|K{&tE+d8+iH`K$`Hm~)vhbTe+iE7=
z<sgY-uiH`i-6{R;XD`cTsjE<rVfb@dhHbH3$qM!1s#V2>{q}TAS?h=eKTn5dUzS^;
z$1=0bvc4fNAL^Yt<bU_uD0<>EIP_0{hsGDa1i556367C$;v$#9<q8%p1j)H90V%X4
zjE;8@SJ_9ezHJJ7#~dL}TqT!fSVkvp1d`~haDV9HKXh`@vL!IYd^+*~y}jSh+=@{H
z<{qsVAaAck(Vzb}1aDo03x_|zo-cn1(T|!SCyaxN#YXxrhYNAXqG7tZEQX`A^h$`A
zl(JtbQS!jjJ(uLN3`<;??+fr+xfLp6e~MmmYU=tD!<cG0?A6!Yicy1L5NhjN2z~7@
zQ24?Zpq={4!r_1T8#I0S&tNRM9T+<VqH(2M7WUw?qTgp(r|5$>@`c!45;Xs9!TST=
zdq%o)S$rXoi{cY5&8=vdS5s7+*SC_s@f_(C^XbQK8JCz_;dr&PK+#SToJW444=4+w
z`0M`@=IvEl=P-f+bR9d4-H)t?3QZ#}BRRZwr0;el!6jUD6e)2Oqlm_hQ;K7p%L4IX
z2<nFs*e}-1nbV!P?)=PUNo8SPF}LDqb@ilxC2u0O_%MC`BpsSu!0FQTQ@z8GTQMp?
zn}j;tgy82MM$uRPD{+%N%`HSA0IR<jhrjbpochXtK_E+&b&t51%fePLUOb%3Vmi4j
zzqW<_Po%#dT2)_vBz}S)xhzQ$$hC4SPApn_C#2*IyibuFxjZqq!Xj!>*=U9Gf;huG
zbO1#^|1pA#t4XqQHabPz!pzUdx!v_>*th~}Iw|XRb}Q@2LL?NbFyQ2}@KKX3KT5UG
z;|HdY?-!Y3+tTgZk0ze#%5F)GW=f0oSk;PK452<jx4eYj-c@FrMg1e3Taoc#<@|If
z0uNQ8=>Pif5T)fnG~y7BcC8t(`+D%vxBeC_fBaPhmal~B?;q*A&Qx46mxaeMY^&W;
zsP_w%*jiau{BJYr>O2i%QVW-5yV>Dzi3qC)ZJ|EJIz>pzn^=+R;$XE5$gRkD<mExV
z^BWZY@@L3fOS(qXzGS2vE>eJ&w||X~o_id2$!rKC9>kHub#O74h1R6Zb8=Z&M*Scp
zM1!Hkx7O_5QJ2gGlhOlbb@l(>cEmnP#PRoqhH(!Q2XPG58H>eirR}o@a$?lg5g_hy
zv=!!OpFm*lToMwvJ;<dCpSD3*kub*3UxboPPs84`gLISN$lUMf1Ft&{){!K|*m_;k
zs0XB+Z%Fw>kFdZ0T2)mkf3bFmYyY}mQVEM)2)m{t5a1t>J@niCmKL5_wlk3<it9rL
zfaU`T+;uOE$x{I$1c<@IrW3<q7L{Pq`Wna?Q=$6kdvfgBG(3U_Oz%LniAUM-OdKR&
zT2@l)G^tTn5S_j8aB@yM%CN+vj7GqOI(ZhxV-F*=V3D?PUkj|bk6*M5MH|+@K7EG7
zEMu5%G`pY%xC)Cm=K_6&NrkIicYzO@#tt>a^KwXl9z@ztnm#~a?J5}4W&tc3U&cM+
z-xpdJ2^5!L^23ipojax9U-kPrTo1yj+M>?La$CD3zB)u})=(C@8hD{v+-TYyfg}S-
zdsjyn#QHS|tyu@<T3W6Jt~w;7iSh+YQ1sYF*zG;^J~!;1!QsRZ$5z~UV<ef=hBV^p
z;vOiEM|FRS_~9Ie1m+0M=MmVj62|noL-LMufPo#0A+LNqDj)w0?4t)*-5iFS%}VGc
zYb)%Jd)$Z0i<8qqg!+)CHY#(he(2z_Vp~Su1%&Q>$gxOSLlc)2r{D%cD8GFHiXOQO
z*4a)7GpCCr12GURi>R=7@oU$^?wg1ezdmfK_R>?oJ4HDTG8C8+>UbN1Pd`Dr#|+wJ
zE(SPX7c5d);eHfNy$KbMJV9Kffw)M{<m&}o2#?0TgI{k-;=H6dh-F#l1ruV<qC0f3
zY4_Yg1n+qWvb2mw?;6VaRj*-U!lK0}c<>%rO|8ULuGn5ZhpT``o8+okk!@)4YD*I5
zCPg4+rpd<1-ek@h(+HYSyPFXB(sM9p&%Ul{_e#*ZNHl`tSvO<ch7C}S2Xz!u4nu>E
zL(w(7&=xdRU$W;XMIbE~E|8u>Y)a(3f<pr><lZ9)th*D&#2W@;u9Af|j0jBLa2JAW
zmP4Iy*D+l=3<=5|sndaIK-U)Ldcs3Jd8h=UFBl9@Bl$ozy9aVKaxJi9@JKU^Pd|p>
zf`!+!>RuOY_AR<;7Rv9vi*%6|<c5Ffa3X$jq*C>CxQBcv5RKV~e?j^Ojwf@@n1q`U
zAkG~|kR5|JOux2c@VeI%P?iNF7{ug_55g$#7_ucS2i-UbF{p;hy?c9<8#g`FlanG4
z9da+!2jb$}9Igls3pw8jarb(JR@XSXN2)9Y(AQy$*7z^}0b;w3<dpRxKu6H>1_Pl}
zbUDE<ne&H4AUwVC>?~;+dk6h~4wu1k3<mF719`&?=q6|>Uy>b%Q3Oj$F=@lSq}{Yb
z>4Gn*UplKny9yVq3y}us<@6zQkhtyGhSllAW|+NT1|G8@%6k#K`+jGa=KxP1#38<d
zZ7Gz_o`Z3J{QpO6`&Nix&M$H`Xi-WC4t+;Zhznk>k#um6VHj3e*&Ym*V+5QrxVHtt
z&pr?HhH0KmyH|zgA`yhfPejF<buc)jD~6mdauvkIE1HB3L#p$9thJ&dsqH;!0*P5R
zSG?=Yg_~RjoGBeWj==hj5F`$zq?}*r@?7R48pDJIi%|Ue-+@)XgSbd8M(Zk2uKsZ*
zXq#vFKr$v?#?T35%RGHy;vKy--Dh%E_$we3fZBQ(=I?(IftfR*tTf1?+M*RBE;0!d
z*O87>MjR_*L3iNHVK5Ze)Uu&YOtJb-#E&I&fh0Ict^RA~i!S<wldf$!r;Ws+;~BWP
z(P;!%uZ5gY={xsG1V{Q#T(J)M_iluJx`h~5&Z2b%I0T|ZBb#{H(3EUdlVn6Jec>Co
zZf&QhL#9*KK1U#N1c-ZlcoN3*pK%<6R(cD*aS4E6={QtA^f1(!Ttd~gKt!S|nsC3F
zWX~NkfoN67r9h&JgSzfjvcHzCaHHWwtQmpTD<LOMO)K|^XB-OC#DwK*kiTIORBt3F
zW(@)tKIa5KLnv**N>)K<B&Vdi6iD;ao$L=~HCVhkcOGIx4MMBdJG*(B!L-L>R>AlQ
zsC@Pdus+z6tA3II;lwgHCSKsI*XtxjAaw&LMZ@;RJd_*=s;M2pdo~dFm^@51teo%@
znU|083l|d?se;|v3vK(&!71bER){wh8u?hV7A%IR(WD>k?zJtp@Joz!J%q)YXbfVu
zfzbMUN$d%*H*Z+<0Vkm<jN+SSV8UZh6BpSH5e#9hPl*d<K%02a3&=x!;7>eUBq;)^
zab-9m4OZ0Kjhs^G6r$dF9KmOwhfz5hYM3h^va-%ZQL%Ih@;0o5)!LzTlN=li7U>~v
z(y$x&z)&lhBqBKu;<6~qQfKMKS#zwLdbM&+lJ5932$Jq0ic0ByY*?*HI-x2OLD}5f
zP<Hpnpbj@UI#CXK8fby{EUB;8aadkvC0P+m6GMN#(Iga_0%M&(xCzd-eF%L1_h8PL
znVM-gl>j&9B4!Ac>o>rxT0pu;w-Zr3#=%1x5UFLrCL8Xqqk3<7=bdhPGqwptm&u@~
z@(u)6tcEO~2*f;Q4D#i;q)!T*hby3z&YeeGWF6FrmRt=jTHD-XKti;pbdh9F7;v^Y
z`MqOS3keYS*mVfzZ@qxv{Dn|a9X06fTFOSGr3rR_pSOkW`bEsVd`!Oo5xU+vsMzor
z3NjI{16#z{2LhZNIGk=B1OtjX{a&xzaC7X<f(~i7A;yIfShWIje5E(tL(2d`pzSQq
z{LP=Czr9`8;8h;PE#;K8LFw#UFz$tCVKugm*&15$PE8gE{|Na}{FoPb=fgs@voB;!
zwo+sHzO@Z<%}NAUtkvR;SFoMMI(ZU3fAu}IZhJ>}wiQDtO?ugNboG-cLS<#BeE3tq
zxnsIq&=`f1PMCW?Z0KTff8uc?PkM33YYLH)ekMXILwaOgqZazVrH$caJ3{wwB;BLJ
zTcb@T05br)y91HBSM+6DUi>k_=g)aAn(y42K-ug$DEs2`i0wE!W<%j!YKTM-J)X*S
zlAejUH<FhKJ#`slEohN<rbrBONg0V(>s`m7w?IK%m9(W9(eM9&uD1exFa8uQZ~lrl
zevhJ&aGLMrSKfe%4R=FWEznZ<*b{;^Od<MXhLO_R^s-gCz7TPcUY;Lwz7Q_wvwJ^+
zpLq^O#UyWzLFOKkbd6{Pk+)xiIzjqOh{Pdd0$P9l2Kt&C9m4aVi^PjwS1ewFqUSyX
zYummtnU?GH15xc$`un}hzequUn6dl4<E)2_si<DfJrv~4HUiaaAPS4UI|g|nceEk$
z`rE+7BHaesSTGme-}x7ut=~cPBcZ&EtXm=|Z_*S@SV#AWZqjSUTqwLQZ77vE<<xTX
z=0#_ureG_CQ#yaNf#i9$V=Dr`{d)*ZpYE7ay@171QuL$S-+}$!`#{Bbt(=2<yNtUD
zt-p8)z0FN9f_b`NT+(12iNwB1Yif}9z{g;pJva6`R0$m>cX;;UUnJEJWH3^-K=o(|
z!`I3L84Bre4>66n$Fda=r4u~nd~oS9;tt*Ih`d)1oa!JE$aEHUGzRnL8`1gq|BCYm
z_G^L>9;b*2ByYkbOnmr3sK%3Hhs!(AlS13q-ndW1tDc<n=!;8Ui*uHq@G-!@Ib(3g
z9vGXxh~OOywf^9_&MxT$(S|*+UfB#Rs&cLsAK6$0V(QIk-u%z#Z$A&ozniQs;yMl`
z=`j;mtw*qW7F2(9Of&*b><1DSN(U)!-n7Z{KkijYclw10bt>jM3$xmi#oQxIyZO`-
zgjTO4?lInDtt(eK@9jcl?>^Z3PD2!!m*kIdJeQnUg06r1A<plu2e+R0vj6BBT0|rT
zlO|)*)1QO2f7jTm#7ILLbUP6w(+^}YJW*DBIt?3#i9l4=CxytkW3U>*Wh-@65l^rk
z?h$KhMD)dffw-gEsra4<<}kF=i}6#?{NsN|w7bib<4|)E(re7ZB21`WjnM5AVfT-X
z>L-pr$PNdTsV6F#ejtP4i9q6BNg|GY^wgi#HL@-`2G1k(z<tC$%DqS4GNDEK5&Q4}
z>|gH&N<zemF29z}6uhAl-M@GZZT0VYu2>?pUnGi>=`%3?ng1WGJ=@)cs_aEPlTdKW
zXBA1gmyIU^`KtRIlon@dh2_A#Wgpn9-4})2Fb#nvtDVK_#WASku1r`R9f<shxW~<l
zoNiNB0vBY+55aD1LCfpELbS8Zu|j#_BE;>?qEb{;6ZgCQCfFDHvpp?Whndjk&{!M@
z=-LThQf=c%X{17?N%Dcp?v`xq7~HoV!6%=FQ8Ceb&IeB#EmrGL17bhf4ix8IGk2X8
zcVp2qbbarC<J_KI-jsC=q~(_1z6fQHJ_&pOP6#u59fv$Z%x`IE58l?>dp_Z?C!|Cm
z=k+gpD+)X+!18(@i91VfM6hZF?dnC|qjqVb+L18&Uws+KD{yx4Yb|)zS3(A2=Scl|
zvksB-=ZHvx-o!g)>*5ZRYSzKH?PlU4*<0K}=zbuQt0^{!hK5M3GmFDZAo1k)!dNUu
zKi=vxknCe4oH4lTT?C%|Jj|P>)2{Bd)|GHP=f@8r_BQR{72}4q&=u|c=F$~7|L6Y$
z?FT<38uK2tz<SNN1xrx8ekIhYX09vX@k*HuM+f1WKeCPAudAs^X(#ZigXnoW%{g@f
zO{v^K#)3z=mvoPLHxTz&0#Q_!LRg8TFo)lH8|tlhfU*+DOng0P7n4o9;Y6Hy^=F85
zb!gv)Ctbu%sJh|N$AOMB*<6WHaIv_6$9^D#krH)rGQ3dgP*x7J&KP_T#)F?i;PwSj
zBp!Kkw7FsJR?|^L-`@sQ&V}~z4)yeC494P{aPH5)hR&mhXiY0m3tLw|A+Aw&%RH1k
z`xxvqouv3@mzd=gi-QbXmdcZ=%a3b%8X>p*s547S?i)CqCD6J@7-H^h-D6M`mZVe+
zPSEut`}f2C=gkl^Ds^DukiiR^0~hlrp!uaAAr?=|^^#B(iy}0x9F?DV5~}GS5pH%V
z>laPD0&Rv;TEy~FZZr|zw-DETPt5zspnDwsa2<oj>M8^mRcra()4vu^iaOVV=zH(b
z6>b3c=t}ldI&9>oO0@s{HFSQ|;JF}!wt`6$<8HYP#ZPZS>_~IAdDoSbej!fNf2F%I
zr()t|q|9Tv3~5aF@y-%BshYIIwjuPu1EhPDB=XDTz^9oKvBr~#{pDXnET46C-^aDU
zj>FPo#CGpT^Q*7Ij)oooOp*|8LRG<(8!_RY`)Lz6N)wn>8HXy!9c>kkE#CRy(fF}c
zE|@ZbSUlyn9nKnG2#Z%2!Z04V1A&FrB;L3ggUSAXntPZ~7rGGL`Wu?1iFAqNxyQxJ
zk$5C;U4V|4UqXAsUfmMflV3#tm6*7A2?`&71lEy8r{qv}KsnVu)medB+e<%?!SGBV
z7vo!O^wG}LmNg+hyr>V<BlOr)kmDz~;*~cDnjWjQ6_M|M4`Si;<aCe0h!GblD?<3a
zJvjT`R>b<cT~RA}ix%r5h0|uBeEmA$9EZY-tk58pQv)NVejtP4nLsY)rVF!&o|>~F
zH(hg&D2#RUU@lw=!4AC?9E0pPiEjH1?44bJoAcorY^n|S!&tZs=e}8suA@gBF5)%i
zR|!<E-GCq$n&Z|D*-@@k#FPzFITox`6?8@_B9{K~pw-Q7p^uxIct<yVAQ*z$`yR~4
zK8wJ#>9imt-g78;L6dkDe(ep2%3^;K0*Dx7NFwr4AI`r0CSpC^q;q>CJPw5~oH`v7
z?!624vD2e{<_1i>?C%lcj9=IFOdxSnFZX_<x&Oem9*o{`W}iS;ALQ~o5L~<%;II;v
zVoL4qZLr_lNxZ(?X^G$im@AnJs&MA(e~O;dr?r@s^q_0Up{1RUlka&D=1gsB8P%ci
zJO+kt*eSXVC3H2#R4rJH)Rgp^8Xd17=!Oh|(Jf-pVp03H!Myi=1a7_EaSVE_Po)=N
ze=q3^+o28~CSnWu*HnkE6EF}vVxjrfm$W{i!$y+zi@-7a7EHbY6`%VGVte+E>b41L
zKtXTIQ}P2o=A|FVVEE!nRh*hLn#+)~7}e7Uar<ouu3ZfgD)hdfNe1RtXt9s>!FuBr
zh<Qt$+;yKJXWW2uKYbZJjmNbkGHJM#7z4#6m{@Z+Oc|qFm!owC-5^E1OSdiDv+W=s
z^IFLy5h)Q!-N04)`fYpkmLX*^<;-~)YnLK$dzD*C)Z^GP*NOHavUfl1H+KPLtmymP
zvyjV^R*XmZjknSKt5-dj1kipFB9hV>Gco?pzKYn6t+YAh`FpR!2we+{%Z(<yPZcRG
z=y)M(n*OecvcsdY45{lFL`xe&_df_xSmbaIPX!rlov{}?)rjaXUj*hXc3L8&0fKYY
zr_Mp!Yp<dE$cLo7hrAVcAYu!YmZM_%a+uQsZgGdv$40nxH~;^{MSN{An-YP<eIW+q
zIU4PAqtevNA>^HXFdwfb?y;B{fT<U{$BPlSh>(787}gJ8gU|)x($n!)2Ql6_3B5o4
zCC={H;n~OHc-JE+pT7vDkN+;L-P=cHw_J|EV!m(S5)0PIidb<gK}1Dbcn{V+;Zm{n
zj|4b;{G(k6e)7{W%H0BPp2A9$E)8UNb|UgK+B&A)o|<EDD2Vh!&Yh35Kln#<lP+TB
z<t5*OTKAK-NEaz1U1S~PO;e!yJVq{$5EA==&|RMxIGj3C9R*Ddv+C>F9eX@L^0(jw
zhS36!lI`e&@$nTpq#c1g*Bt9DDT>7&>*Nu{e)vm=d-$z;3<9VB8s$akedS%W?c5GK
z-0xOU^w3{~t~GvfH3~PZh24C1R8?Y(NAcQ9#b_2jh#&I<DG>-$?i)2V+BQfVPFu=>
zFT)Kk>U>~30uMh0bLvg0<$N%)k*E@W{bhR2cY25n12@&V>$fgI^LPGV^tGOaG|c3G
z)=j7imXu=3!;eC>HjTD~D!25M=(BCPlMi_92QnDG@lj=qh=-8Ak%LM9`nd~`cdkTm
z(ISU?q!<cfw~%uFCdu#<N-=C(1?~KzFoeF>x8dx&bu<s&8t`xpVAj9N7cNENqj!<0
z*yqiBJVM|*mCBCxo0e~0bVkYq61QY2p}M1^spFIkKz&#b^Uk|r&YkBv20bnaHcm(b
z;jQmL)zbzxslwqz93?x1hw$McXWxP|Km95C+gd&4i)dAZbf&!V<5Bs<Gq4ZuciO{^
zBA7z<7MrH8JCkp&Q?Aq7?^u80A*PwT{cu=GcMrtkMaWyX##snn3o^K2?RLvaM1Dm(
z__=n7lGAkkzM-AY4;^6}fkonyr$J+GXoPTK^H0%y-+h?*_;2fLCI=_{#K_Ob_&XM&
z`GK|Q`=A|0S;%Rhkm1li5P@^~eSQAK^tec!K(@?N+Tg2j%7W@Mgvhrt-I667$6(;o
zcf+`OfwvZFiI*dNBXayGO%f^mpM4r4iL5~#Lqv}t2M?y8)bl-99qs5jegct>HUvt>
zIidPV5DIgiSbsl?rcFo1Cq9kiPd^W1#cCjya)H8hL+9BFTQ!-Mb+I2vtq&LWfrHfQ
zzcDF}nM!q-4uNDY2hp+wyEZ!zy6-{A{DRaJQdV$DIS(vYhQR--@_d~Fdfe#k4lV<?
za7*cbB1M0~qQyA#@w*UiXoNvJl}fkC+6PF8L-QIMeD%!wA!6yhvac_6pg6C$&4id7
z&SYa2I|k49!hB*K%v%>gaiE{4O6`|Iw>eAU8h$Ennm9aiab4Vj2)<;_EhxY9PMrSv
zACXSABK<y{)Sw4GDlFa6R{7X%z_)ps*HCwX?yD!`4Iiv;9NvS_qn{@EdYs25I9C8K
zN?t@BAIir^%I0NVV?bi^hPx14RSmnXgSOJl^ou0+10mLNm|t&6p&!U#_-k<z2xl(q
zfL3NzOBc+?H^RK-R;TQZ=dhA1K#0tE_y9Kh7EPanarbV3eY^#kDlx~wQhi7W-vi%L
zCXh>p%|?fv$zktI5Jz^wyzfz%H%`-~Jw4}qWHWSCcw49RR^Cf`T2Z?b6_A0B!??05
zl)7MKB7q=5)}yu7lCgOqthlyxz<A(pgcdC%-GeK6WHi4UVJKb9q2#6+82_cOz}j^p
zV{2$R{b|J60x7vZf-jkb7q9KdMdDSXxXp}PBP;X5-dPzxvIk}jDd#h9b~-y{;EtFv
zaI2pLOUf|mu8p)%TA_Q1W!{h}CyHD(8nKuTb@wBaFb-ek3nGn=h!ICKuHzIt20MEo
zRxCqk%{m%UZ%z8g8h93MTcK?BT#Wm}|A^T39gejwv!F8xZGjILJ@k++H|j?wVH|!D
zh^7cbs=dg>j#Jt(*oMIR<uK>mma=1T%s{8*Mi81X2@}@Tz(CZgW07I|pQ)=UiVsAs
zKgHq_;VTEp7ovr3EweZX-wOxy#kvsM_>hxQI=UiNM-<vG5{+TP!o?{5{PVDO?8+!E
zqLp+GrdGBVuly($mk3`8q=WnEaJ)t4@D3*o{cJbPr#=pI_AO9ic*4-L25z6jya|=4
zSi1(Yh`2~Jqc#}H#o~fOgwt|yKQC6?U(5`+Bcm!=a>n4v{RlqzIAmFw_n^cv4vzGl
zw0b@A@4FxN>E?_m5#$z&6A{~v1|&N9Sd9<W6cgbWf#{p+sQ|ZRYjF>Z{3;9>P{+=}
zeD-k!=FFu#GLcED(P#oY;)12)FzKO(pju8lB~M3qqZz1$g;wGqt^6XDp6FMCuN-80
zT}^~jZ~eSxN?>2d=>`Puz7NLasj20BFmz4ZQU34(H{+1GM#YM?$Xj;@RNu&($@#xw
z1)ZKxhon5s#}4@D17Y~eC%NSO3AyYe5q~?9;P%aptuQt{h|t1?P=4$MoJQ+g7~G{8
zuC?YhkWrg_NzBS0UxCVJeiz4{egT2yE1>$*BKi;Yo^0YA>>WIM$M)@we5}^z+3|%y
zoXS$Qk_klE*n@$%wh;__CxU1^0Q2{sfiZ2C?yr&3Ds;oz9Sa!zod)5Q;!3yhr~S>u
z1w3`A(#pC8Gp_*StCpf=?E*y3^+V(vX)jK3Ef`MAwRV2Z^%2(B)%hBB>>mf&)F89~
zsL(dzQa<nW9o>-YRv~ZAS~sNKD}k`AO}fm5cJzMlJFpHM0E$a|D@M)W<=Re*tTlyR
zB-ez?^;D!6H$L$cCfD4nd$uP#9!ywVL#vp>Pab~;O`rcV0xMRLxWx%o!@m#m%<#ry
zDyJWa-wHazcT<EdrOhSiM>N)ice|E01fTpEj2Snl<{0FL{skdKw>Kd2`~MZHY$olR
zwrlG2;a-(a6-7T0a2GAw^mOW?9~oB)tMM2Dl{cbd=}O2@z8lG$-0yLeuMsLh#j>Sn
zUAq*q<}S$6JmS!4BJOL$G4V>#!EgLl&>6lHh>%v8sH9U0Q92^2x2|Ilflh?(c}Q0Y
z)RX5qyN<X|PbZ@L_c`+7f*G`$`#smgz2YrHSLA>}Tq$k)upuEUCZYS~EolGveVDks
z2C@F$r2mh2LRHz#^H6rrMx6c6e+pT>LU+I#PPm$&pv~AWma;irzvCZ)xVh;{h+ew+
zRuUUZM`TaooR1^KJ)U_I#`KwP@dA&k5Oc!3d_<2QM)alcL)=~s^pQ$v`Ahh^a03yD
z@=<KN3{m2Q`T2<KY(m@aJs3Z~iu947H_H~?s|@5}^7;)pzv#!XyDkuy&2us{hY7BU
zmrYn5(o)Cxn4eL+arkKFt<`^nmeoy5vC*|p4?hcG({AfW2;BP!vHlbtgRIQP!iXI?
z1nbp$BKeT-#4&tuj10!S#c1379dtLIa9g-}6F-@lOK-UYrQE{pWQ*t4)G0tYCSKK+
zhhRhenBPC*YbrGVd3)x}cAASr=13H>4w_K=Pb2V!XAqb*i#Ep;eIBM$Yd6ZZc4y4b
z^t|lrgG5hRoQM9m51^eyM!UbyX}*&zT)&7(+;z$WkC2?xnsfyfKj0Eb$HF~ZPo?WO
zd?OHT>fN--cx=lS+GEv+0mp$e%%I8cI)p&YT`(rykYdh9yw>hf#D4S!#P~Gy`4|D{
zQl)e6K+FI6Hu^g{h~b)^3Xbb@ghc6_TT%KuPs3_DKO*&f;~i}o=^#&k`Jx+1Nq@S0
zz3x!J6MeJ=##4_WxL{H0+{19X)P~>q1?`S`!&YlI?O>~1Q673<dK>NgcIrSx;UVqV
zX}%LdsB|1AKk_Ny>`^D~ZJ6Mgcon1)X<ch+5ga*bDl(j@w^|RE5N8e|xMn4c8>gpU
zt%R*LXHFsd=1$@s#mJf%F3$KQ;umET(em@3AlBFG)Zq0<{A>g%n==<>zxxbgdyhi|
zhlfZ++y^3%Xu-;89pqw5HfhTXy^cjg4vQYbyZiYLh>xvDXw7<ud!$&1T31Va{~f3|
ze+7&$A65%Zy1@#zm^=yH@9aRwfxV7`?O`*CH{Z#xya5yLya%H96!*<f!yOO$T{nt1
z%GNZ6qXUQihpz+@_heeIJBW*P8pEcCuw(E%f_JTfym3ZqrF@vMxM$({vxwC1hUzKR
z+f=qN5Diw=ONwCa*^jetzpceAuh21CbiInjRVaM=Nmx5SN_#>TPlfIW!o8cM+7~~T
z4)`l#xprt_s55loGv;uZdighEv?G@EBKWZfoXQ(1SyYsEE=CUQgZ1-&fvCF0F%@SU
ztSH2++tBgGuh4n$0A$cZk3)u=P?cYKBPP_Wqiy{hy-#~6ymA+Ae{aOt!!Q11G;k2O
z#87P8P4v_h7!CsAay|`b5P1GM7&lB!O*v<9+*NNEq75HF9U}cN&+xCuc?N-_3yg{7
z=zr}kwC&yJ#Hx9|n9{^GiNxE`$M1q_Z5<Yi7Hx$Q8L~%@lI}|Wvb?^&Qw<k^(1I5I
z#}K^pJ`x+sQd7>^a~=x8I@N^Oi{FK~qnf55JzZ)u0?{z!^xM$(^B<z8=>&{Wp7!W_
z0sBSrCstzOLl3|{*)%K?DUsj>zx#m<hVNFax|*7JQInpuo3MfbsIA9f{@&*im@(5~
z?Wus3)kr^L2S0@M>%GJZLs`i^;?P{AvJBl@UO~s9gO1qcrP8G9IFx39xX7IdR!wu;
zNvF@d&TeQaaL$aS*L&;xe{eD6SjqmhR$0{Ap`@oq1XkBTR!mNfd$^u+tFs;9pKk$X
z&Zh-4%01^p0gaiQJR4_T+JbOLyI$m8bP;W7Cn71RoQ#Rjd=A$BUFodEsKYe4qiq%O
zK|b)+G)XFHByrUqb_O~<zY(B`JlF{1v!6z2!2(@NHYEtxbKZCyu^-k!lxK(M{CePV
zlf*?jzxl7|I(CE)c#Blll^A0%3yXDHZt&J3*kRi-^!tqX6_t`7iTe7qT2Opnyz!WP
zsc<H2S+-0^8B)F?8>;%4d#t1ho|ZcIVAC#5aOCxu>3tS?&aVe{9CB-eP&ry&evzcC
zsHY~N4971LMG1+!<DdIuSi84D1Vg^wuB+$jiMEuzgP&{D=x_6#K;j|CN{U7ru`VMW
zL5l{l?zZy~cWyvv)q2knsh5Cvz?LRN-`P35U1~D`y2I_%iRgIqJzO|;$eSL*a815u
zaVaXQs}Z<u3hW+_t+lWBQ($kQwwB_yO`FoD?xsWhaR@}ogY=?ZM_i_1Css}E2yWa!
z++#}WiZl~3O=9@Hw@B%K8yG(>t32n|1^bc8$07RGR<yiT=aee+$c=ScZa9qc+ZUqj
z(WhYVtJi)dzri(wgSL_ONlKdzGOhky5@;O)p~3c#LYSFGX+mcj2-e(7;z7X44^KtB
zq8-!jIEU!Y{ZJjD?DL!t0fM>6_-W{P_dWESJnD?A*Nu%hx{+UqNj2+W+%lWENUv{P
zB<@A0WzZ>wOnXU{v}U<TH4uvI8%z^w=LrO#c@`#dkCeF+%iy69q6hZF{^_?Ns&30p
z&-r!0k;`)SRP=oR-*Im5UcH`E8ClK`DPOn@#Wky-PPO>zIOIi3TW*UXqQ3V7xzcZ?
z4K`G7@?`<80d3kPaj2{r!PR#{aCH$jgQpNyaxv$8-#*w!!&&P&9}0wGv-Tvkk(kwY
z<}_r$V@hs3p(;NglONp#)!vd?*WF8@+!((TQ>-FgZq(0yAcNsMfg}zANiJ<%xIy{#
zJDei=eggtu{0hvOvr=~qa&81&Gum_#v6ueU@tjAq*mHgzs7Mq>^(=J$^|#P@?08CC
zggLvACdS=1A0@y23D~XOI?UdW+tmF)pbp%$?`>TVD_uSiM%t8g=ao9;o3oIwz|5lH
zJOV3LLzYiWF=J2-c+L+Wg7x}tpky@XocjY|$Djg}(faz&5b5mHjzg~|U+z$qH?AC&
zpZqP@CqHz0MEU^T4+P>6zvg0b>C_n0B4Wku)KKCm5s31op$?bt*>(`d)1O6f{z8(O
zV*_PCm4~bA!ma^WU0sO2wAt~TkM^8%AHceUaoZHMefL}FX>J;*wCbS_uokNf;v%=)
zhT<n5M(jw7Ki+jNq^(q6>KD2`(yD_HOWhCdIF+jGDO}4{Wf-9i>mVy{bV!g(@UxRE
z{xGihFx`itiGwrg>=Q>3{r6u(loyT(&-r!1`d7e!byDKYuU^q5Te<oPmn@aZJ~-Ne
z#*`~DPI`C~(0at_&yw15kesa=kaAcEBwfKW+K&?siw}YUZpkL{Tt4k>Xjl|#CmFVC
zIgF`OVIBPts=wDIoXEwPDc#nYe};B06_3K@&)m{KY^l+o@q_&w^jY-%_lWSO!Kt(~
zw#BOfD9GugtiN7|_El>UA~DJKT6~YQ{(>Rok1Iyr#`OpvJPV_&z#0D}5ib@;dTn1w
zNL@{_H4WuP2mPl1P>#34ZmX^?>5YlQK_M!_j=S4C$Ku6H)FviX0R27gqK6|E#S5<S
zF%H+JT~HGP-w97dJPbt>lUv=KbPqk;r8fYD1tUrvJSeSn->1`AS<wr4B1`g|wson%
zZJl6sUV!TBPsJx<ll~#4QYVTeKCyh~&ieRTOYH`)j<hBapQlF%>Vkr(NI4*jhant=
z+Vz31V1l?^Ju#nJTS?sLFX<K!;KH}2`+1&lw*>cDpJ(TqdR`4&#kHlKICC`ht(2X6
z#f6S2?0qxRCSFUSX+kX27(bTcom~@YA&|ITy0@>-3I+1J-2Wj(4g!ZrCXc`T_?5;;
zUG`$&b$o&pa$?nWAWDkhM^jeq&}DA!eY|=7*oB5+blA~Tv-iGxwl>Y&gOL^`J#Lqt
zUtS)jS0CijE>EnH_i<JhQd^NM3nxCbE@5B(u;UMP`6JbiOJfN%z8vM8>ceYno2z%k
zShNaB8R&{eFOWd|I)9eVAjO2=PY>L1H+5?1(y5juYn8w!OAVu>n+IG6t7G`f@MS16
zRtFh*uvf|`CULsgvb%#qy+~5>pRU}w^DxqpMsWoU+kBi{v~;bI#urF^-c%?J^w^e4
zi0vQK>mo-W18~=bwpNkkA!5YwNsjtSp%VXV#qJ$-BXB?Ig&I(cHMKV`Uh#-6>@OBb
zxt_O&h|<k=^iGlPd&yMf2;?HPWWmKg0z#6cY`sg*Ut6<l$B*KhDVO(Q5q`Mht<zq!
z-mQYC3tRL1sXMp+_(FgFgMF6$ED^^+k}E+E{>)0Z!j(hDf)~3Lq;(JyI-BvRwC(4o
zg#sJb?%MJ1ynZ&*`r+qV9j-cj$q2)`Vet-7S5sre8!aANxUfvhye|u(o+CN)#y(Q2
zEu~^EHyJaV=@{oAmK4Gui30tWbt(vax7;fDtNCsqBF9?Q)YVxdm7y~t^WjGKssyoX
zwvzUj>D_OY7)Du_WATVb%4hwW8G{58H?T`qz)70u4nTarP|5#Uy=U7&_X}}P)rd+J
zBRU_oG(cZ<ZbA>ji6zTd(a?O(fOslMLlfbUkTIa2j4=XXZeWl&1#VwpC~OWI_{Qq`
z`nUPRT376^%@A=rBjzKXFCrW-g=k#7>|^xyj|?f-g@{mkZCkmYWhJ4E1p-ly?%-Ia
zm@uHW28Hpbt7lDrO>Eg>)ehP$GX=xmSnf&?&fwX~Rm7(4-1f`&X5DnB4g0f19Q$}s
z>0$WdXv|?)5qI>3Bx#$D*|s51sTWG6Shr^9_E(rVSkI_+*T4wh?q$fh4QsIMd8oR&
zBoq^0qEDV7{bXj3qsV8Kev+jeMC%z`0I^8x8P@R-@J}VMzrJYqZXJnRn_=SAm5{OX
zF_=(}EL%1=7?aN_p*~+Ajl!^ELb;geoU#AMP>^K=qHDbyLP{2oqqf~^0)JN+G{0HB
z%~8N>9dT;dd>N@A<L6_rY4~{6^2M~E{u6!jcmauB{X`@7C=Xr9A_CD0IQzCDwrvF<
zew?qwU##4-V;6tOzKl&<whXHuBUOx=`Pl4s(2c)8v84KL8s<Nw#kHZ3Sa^@6ZNtL1
z0ujTAEFci(@+zM;EVeun$M{Vi5yq-L^{>XiFnIn(3r5v^FgMw<X_HJG=#xvTpQR68
zAUU_1Cnqur^^;LdAX?8bgpm1yxrVhp2z-0(?w#L`e_=FojYN#H`EW2;KWSXCqTCMK
zpP>W)k+{ipCX^TviaR42&rwDpf#`8(!r;)5sInVPg}<&08vl6fwry?vS?ws&Gp>bE
zG9Ookc;k}LmF3e7L%l#VLW;aBVS9Vb30+Bl>(vx6$_OMzgkc691-y$C@o$^3zp-l9
zt`q#>NQZ{_jZrWk*GHnGk)NBFE}a*##UBZXM@tMNpF>wNIbwJ;5QuU!LY>eMt2Y4r
zEM&_+TeWuwSFX7%Dk58u@#4o&5O*|gb|Z!-Z{OZ<Q~kE5gt8y)vSTlCp|N}?VpzEo
zm=(KQy5VvGJzjazG24bM`{hC*Ke=J|&d1}#!Q)<=p^m;(k*OP&XAI66VD8emWZC0F
zi7ye6EN8JR;-uT!-Wy@~i%jGoZfJ<)%|+`Oq<{w`zP@(WtRD!+NFr*7IX7b@kSX(#
z7U<9w*Wz{Jj@9EtF!m`0^#`;Y-o(ekwyqbXi-nKmeP$Se=*nV2Ar0NON!cfZ5Pwyy
ztbdMsz(=de)(bLVKGF+q@!GUW#tG%v(xsKAExt_bgF{y)_Bx>}BkE|(AOf+35JsWS
z&9Kh|1^#uM75d8sd*40FAC7jDtruiHfy6O52j%GE>iGd7zDOM9DN;Q1x*bK{9*G?J
z5hjp}xf$$mjo5adq0|pb4e|dhsjuJXeka~@D(iHN>tW0gh>N(~e9_v{w0PMDCB%Oq
zS^JY*lq~ENksDTv*9a1b4h;zq$KZRgZS^AQ8-KHA*LGc2r*<HiP!rMc-dbj0tP#jX
z@Q%p^?rLdW?5L^=Oca5Qw2%I0B9vuZG@#$+E_k}QM%oqm5g-ulL}kkq7j%<K><CEv
zFIJb7yd)f-(wOBKgE3|aBo20L#T|`AC<POg`3xziUn-DtE-NM^a-=;+ez*w4wdz^4
z0hj^D(f3gv#NU=j`~P-cLxZmNoj4vj<OoEgc94^+W&X;Ev4Hgjdh=YVVNU6`V!DDa
z(xjgZ1Az?A%{Wa2^1V{nUt7FuS1W&^b`<1hj0AE7l7PW6UaZI)0?*R>|3Dli7^eN#
zvbj{bzd0!BA`q8j*wW1bkJ)y_1ioD$@vY@Mckboy)aD4|n#d8z6)-plrD<{Xa$Bh1
zr^62up@=@Wm;`)M<kLhT`u_5q+zbSOpXLekzpvW0Z7Y8`7EQKZkRy<5AkoptII(#7
z145`jAVq!^dzX7`%NIwZ&jg~m28Y&IS^-z@=0p6CmAmU-jDKM)Ir>sXjzF%1!8s_3
zl-S1Zz8C1_?-U!xe9mZ$rkI1`6M<aJ&EO(zq-X5Ollc2JB_-c<EmPP`9A(omS0)_o
z$Pvg8F<3u2xoFiCC9O{js4o{vqmpyvIR`}mNw>XDkwCP`)^u|-V#;nIuJMgZL;T}y
z_4UpCh1x91%@_&f2qZ~pLLvPmzANiu5|;Q~I{rL~H3d;t<de)nNr6CgZU&odW47uI
z2=yJ)HovjPtxlM2xfvsY9D#Vm;2f0Gi>s?Fi9aU#xSvF?V7Fzt9eS?sX!JlJTBIv9
z4AE~{QKH137YX&>s(0<$;ojRN+%5<2$cS+7(TKr0C{uR6Uq5xn`=6i>9_x--uRF!=
zbU>`1c@nw}Sx`zz+)6|(`?Ugz$M4*|^N~1l#H*m^h{GS`IEW8O2yoPLe&dQ2`F7OW
zB$W71q@T=>DqT$CsvKnq97J;r(lbPm`(`L>Pf+0Nt0ztRKjIg^2xE-oW{d=K1mZIi
zLp6?8S5Go6^&~CZ-y@DP*>)NRU1l1-8iDX)w{>oYFm!iUTQ!q7^|hcK{obm*dvyr<
zU{iDs{vt;pX~5tdl+#sJ)1olGA|ZZ@^po-nmUT(7yQ>h0j<hY*p&_yJL2eHaF#dAc
z_U*d;an8{<JjfA98lg~2I!NtBUEt)>rAw8PUlO)@vdA>$1+B<K5tRrc5J3bI4=Wc1
z#4{q66{F97kgw!7R_@ucZQ#1;Z-1PFgB*dR83{S^7cE}Lmn`2XZS}>FAvf~-m~G>%
zvSZD*rA@XhPT9)-MV^xXd-d)eFY|Y5U4u$a&lq0h2xJ(MC>C*OeT53#4`Kh8JRxuI
zqJzg`QAiv6f>Qj&)Y76CXVlg8(`jNeHp$13(=&1yBVa{7{+io6oT^&>2YVMUt^duU
zsy}R)H?QbQ-^(F~F$LBmYOmslQjXa+=cCFYhgu>8H6ZHd2qT9at^}3S2Xn|FhtY-{
wJI^79YamA;IplB+<On2(9Ik=?F8~1l|D3uim>L;G#{d8T07*qoM6N<$g8N@jga7~l

literal 0
HcmV?d00001

diff --git a/lab-regan/test/gallery-route-test.js b/lab-regan/test/gallery-route-test.js
index ca75bb2..72f3bf1 100644
--- a/lab-regan/test/gallery-route-test.js
+++ b/lab-regan/test/gallery-route-test.js
@@ -1,545 +1,545 @@
-'use strict';
-
-const expect = require('chai').expect;
-const request = require('superagent');
-const debug = require('debug')('cfgram:gallery-route-test');
-const mongoose = require('mongoose');
-const Promise = require('bluebird');
-
-const Gallery = require('../model/gallery.js');
-const User = require('../model/user.js');
-
-const url = `http://localhost:${process.env.PORT}`;
-
-const exampleUser = {
-  username: 'tester name',
-  password: 'tester password',
-  email: 'test@test.com'
-};
-const exampleGallery = {
-  name: 'test gallery',
-  description: 'descriptive test'
-};
-const exampleUpdatedGallery = {
-  name: 'updated test gallery',
-  description: 'updated descriptive test'
-};
-const exampleBadUpdatedGallery = {
-  description: 'updated descriptive test'
-};
-const badID = 6666666666666;
-
-describe('Gallery Routes', function(){
-
-  afterEach( done => {
-      Promise.all([
-        User.remove({}),
-        Gallery.remove({})
-      ])
-      .then( () => done())
-      .catch(done);
-  });
-
-  describe('POST: /api/gallery', () => {
-    describe('a valid request', function(){
-      before( done => {
-        new User(exampleUser)
-        .generatePasswordHash(exampleUser.password)
-        .then( user => user.save())
-        .then( user => {
-          this.tempUser = user;
-          return user.generateToken();
-        })
-        .then( token => {
-          this.tempToken = token;
-          done();
-        })
-        .catch(done);
-      });
-      it('should return a gallery (post request)', done => {
-        request.post(`${url}/api/gallery`)
-        .send(exampleGallery)
-        .set({
-          Authorization: `Bearer ${this.tempToken}`
-        })
-        .end((err, res) => {
-          if(err) return done(err);
-          let date = new Date(res.body.created).toString();
-          expect(res.body.name).to.equal(exampleGallery.name);
-          expect(res.body.description).to.equal(exampleGallery.description);
-          expect(res.body.userID).to.equal(this.tempUser._id.toString());
-          expect(date).to.not.equal('invalid');
-          expect(res.status).to.equal(200);
-          done();
-        });
-      });
-   });
-
-   describe('a request with no token', function(){
-     before( done => {
-       new User(exampleUser)
-       .generatePasswordHash(exampleUser.password)
-       .then( user => user.save())
-       .then( user => {
-         this.tempUser = user;
-         return user.generateToken();
-       })
-       .then( token => {
-         this.tempToken = token;
-         done();
-       })
-       .catch(done);
-     });
-     it('should return a 401 because of no token', done => {
-       request.post(`${url}/api/gallery`)
-       .send(exampleGallery)
-       .end((err, res) => {
-         expect(res.status).to.equal(401);
-         done();
-       });
-     });
-  });
-
-  describe('no request body or invalid request body returns 400', function(){
-    before( done => {
-      new User(exampleUser)
-      .generatePasswordHash(exampleUser.password)
-      .then( user => user.save())
-      .then( user => {
-        this.tempUser = user;
-        return user.generateToken();
-      })
-      .then( token => {
-        this.tempToken = token;
-        done();
-      })
-      .catch(done);
-    });
-    it('should return a 400 because of no token', done => {
-      request.post(`${url}/api/gallery`)
-      .send(exampleBadUpdatedGallery)
-      .set({
-        Authorization: `Bearer ${this.tempToken}`
-      })
-      .end((err, res) => {
-        expect(res.status).to.equal(400);
-        done();
-      });
-    });
- });
-});//end post
-
-
-    describe('GET: /api/gallery/:id', () => {
-
-      describe('with a valid request', function(){
-      before( done => {
-        new User(exampleUser)
-        .generatePasswordHash(exampleUser.password)
-        .then( user => user.save())
-        .then(user => {
-          this.tempUser = user;
-          return user.generateToken()
-        })
-        .then( token => {
-          this.tempToken = token;
-          done();
-        })
-        .catch(done);
-      });
-      before( done => {
-        exampleGallery.userID = this.tempUser._id.toString();
-        new Gallery(exampleGallery).save()
-        .then( gallery => {
-          this.tempGallery = gallery;
-          done();
-        })
-        .catch(done);
-      });
-      after( () => {
-        delete exampleGallery.userID;
-      });
-      it('should GET return a gallery', done => {
-        request.get(`${url}/api/gallery/${this.tempGallery._id}`)
-        .set({
-          Authorization: `Bearer ${this.tempToken}`
-        })
-        .end((err, res) => {
-          if(err) return done(err);
-          let date = new Date(res.body.created.toString());
-          expect(res.body.name).to.equal(exampleGallery.name);
-          expect(res.body.description).to.equal(exampleGallery.description);
-          expect(res.body.userID).to.equal(this.tempUser._id.toString());
-          expect(date).to.not.equal('invalid date');
-          expect(res.status).to.equal(200);
-          done();
-        });
-      });
-     });
-
-     describe('with an invalid request', function(){
-     before( done => {
-       new User(exampleUser)
-       .generatePasswordHash(exampleUser.password)
-       .then( user => user.save())
-       .then(user => {
-         this.tempUser = user;
-         return user.generateToken()
-       })
-       .then( token => {
-         this.tempToken = token;
-         done();
-       })
-       .catch(done);
-     });
-     before( done => {
-       exampleGallery.userID = this.tempUser._id.toString();
-       new Gallery(exampleGallery).save()
-       .then( gallery => {
-         this.tempGallery = gallery;
-         done();
-       })
-       .catch(done);
-     });
-     after( () => {
-       delete exampleGallery.userID;
-     });
-     it('should return a 401 for no token', done => {
-       request.get(`${url}/api/gallery/${this.tempGallery._id}`)
-       .end((err, res) => {
-         expect(res.status).to.equal(401);
-         done();
-       });
-     });
-     });
-
-     describe('with a valid request and no id foud', function(){
-     before( done => {
-       new User(exampleUser)
-       .generatePasswordHash(exampleUser.password)
-       .then( user => user.save())
-       .then(user => {
-         this.tempUser = user;
-         return user.generateToken()
-       })
-       .then( token => {
-         this.tempToken = token;
-         done();
-       })
-       .catch(done);
-     });
-     before( done => {
-       exampleGallery.userID = this.tempUser._id.toString();
-       new Gallery(exampleGallery).save()
-       .then( gallery => {
-         this.tempGallery = gallery;
-         done();
-       })
-       .catch(done);
-     });
-     after( () => {
-       delete exampleGallery.userID;
-     });
-     it('should return a 404 for no id found', done => {
-       request.get(`${url}/api/gallery/${badID}`)
-       .set({
-         Authorization: `Bearer ${this.tempToken}`
-       })
-       .end((err, res) => {
-         expect(res.status).to.equal(404);
-         done();
-       });
-     });
-     });
-   });//end GET
-
-
-   describe('PUT: /api/gallery/:id', function() {
-     describe('with a valid body', () => {
-
-     before( done => {
-       new User(exampleUser)
-       .generatePasswordHash(exampleUser.password)
-       .then( user => user.save())
-       .then(user => {
-         this.tempUser = user;
-         return user.generateToken()
-       })
-       .then( token => {
-         this.tempToken = token;
-         done();
-       })
-       .catch(done);
-     });
-     before( done => {
-       exampleGallery.userID = this.tempUser._id.toString();
-       new Gallery(exampleGallery).save()
-       .then( gallery => {
-         this.tempGallery = gallery;
-         done();
-       })
-       .catch(done);
-     });
-     after( () => {
-       delete exampleGallery.userID;
-     });
-     it('should return a 400 for invalid body', done => {
-       request.put(`${url}/api/gallery/${this.tempGallery._id}`)
-       .send(exampleUpdatedGallery)
-       .set({
-         Authorization: `Bearer ${this.tempToken}`
-       })
-       .end((err, res) => {
-         expect(res.body.name).to.equal(exampleUpdatedGallery.name);
-         expect(res.body.description).to.equal(exampleUpdatedGallery.description);
-         expect(res.status).to.equal(200);
-         done();
-       });
-     });
-    });
-    describe('with an invalid body', () => {
-    before( done => {
-      new User(exampleUser)
-      .generatePasswordHash(exampleUser.password)
-      .then( user => user.save())
-      .then(user => {
-        this.tempUser = user;
-        return user.generateToken()
-      })
-      .then( token => {
-        this.tempToken = token;
-        done();
-      })
-      .catch(done);
-    });
-    before( done => {
-      exampleGallery.userID = this.tempUser._id.toString();
-      new Gallery(exampleGallery).save()
-      .then( gallery => {
-        this.tempGallery = gallery;
-        done();
-      })
-      .catch(done);
-    });
-    after( () => {
-      delete exampleGallery.userID;
-    });
-    it('should return an updated gallery (put request)', done => {
-      request.put(`${url}/api/gallery/${this.tempGallery._id}`)
-      .send(exampleBadUpdatedGallery)
-      .set({
-        Authorization: `Bearer ${this.tempToken}`
-      })
-      .end((err, res) => {
-        expect(res.status).to.equal(400);
-        done();
-      });
-    });
-   });
-
-   describe('with an invalid token', () => {
-   before( done => {
-     new User(exampleUser)
-     .generatePasswordHash(exampleUser.password)
-     .then( user => user.save())
-     .then(user => {
-       this.tempUser = user;
-       return user.generateToken()
-     })
-     .then( token => {
-       this.tempToken = token;
-       done();
-     })
-     .catch(done);
-   });
-   before( done => {
-     exampleGallery.userID = this.tempUser._id.toString();
-     new Gallery(exampleGallery).save()
-     .then( gallery => {
-       this.tempGallery = gallery;
-       done();
-     })
-     .catch(done);
-   });
-   after( () => {
-     delete exampleGallery.userID;
-   });
-   it('should return a 401 due to no token', done => {
-     request.put(`${url}/api/gallery/${this.tempGallery._id}`)
-     .send(exampleUpdatedGallery)
-     .end((err, res) => {
-       expect(res.status).to.equal(401);
-       done();
-     });
-   });
-  });
-
-  describe('with an invalid id should return 404', () => {
-  before( done => {
-    new User(exampleUser)
-    .generatePasswordHash(exampleUser.password)
-    .then( user => user.save())
-    .then(user => {
-      this.tempUser = user;
-      return user.generateToken()
-    })
-    .then( token => {
-      this.tempToken = token;
-      done();
-    })
-    .catch(done);
-  });
-  before( done => {
-    exampleGallery.userID = this.tempUser._id.toString();
-    new Gallery(exampleGallery).save()
-    .then( gallery => {
-      this.tempGallery = gallery;
-      done();
-    })
-    .catch(done);
-  });
-  after( () => {
-    delete exampleGallery.userID;
-  });
-  it('should return a 404 - id not found', done => {
-    request.put(`${url}/api/gallery/${badID}`)
-    .send(exampleUpdatedGallery)
-    .set({
-      Authorization: `Bearer ${this.tempToken}`
-    })
-    .end((err, res) => {
-      expect(res.status).to.equal(404);
-      done();
-    });
-  });
-  });
-});//end PUT
-
-describe('DELETE: /api/gallery/:id', () => {
-
-  describe('with a valid request', function(){
-  before( done => {
-    new User(exampleUser)
-    .generatePasswordHash(exampleUser.password)
-    .then( user => user.save())
-    .then(user => {
-      this.tempUser = user;
-      return user.generateToken()
-    })
-    .then( token => {
-      this.tempToken = token;
-      done();
-    })
-    .catch(done);
-  });
-  before( done => {
-    exampleGallery.userID = this.tempUser._id.toString();
-    new Gallery(exampleGallery).save()
-    .then( gallery => {
-      this.tempGallery = gallery;
-      done();
-    })
-    .catch(done);
-  });
-  after( () => {
-    delete exampleGallery.userID;
-  });
-  it('should DELETE and return a gallery', done => {
-    request.delete(`${url}/api/gallery/${this.tempGallery._id}`)
-    .set({
-      Authorization: `Bearer ${this.tempToken}`
-    })
-    .end((err, res) => {
-      if(err) return done(err);
-      debug(res.body.name);
-      expect(res.body.name).to.equal(exampleGallery.name);
-      // expect(res.body.description).to.equal(exampleGallery.description);
-      // expect(res.body.userID).to.equal(this.tempUser._id.toString());
-      // expect(date).to.not.equal('invalid date');
-      expect(res.status).to.equal(200);
-      done();
-    });
-  });
- });
-
-
-
- describe('with an invalid request', function(){
- before( done => {
-   new User(exampleUser)
-   .generatePasswordHash(exampleUser.password)
-   .then( user => user.save())
-   .then(user => {
-     this.tempUser = user;
-     return user.generateToken()
-   })
-   .then( token => {
-     this.tempToken = token;
-     done();
-   })
-   .catch(done);
- });
- before( done => {
-   exampleGallery.userID = this.tempUser._id.toString();
-   new Gallery(exampleGallery).save()
-   .then( gallery => {
-     this.tempGallery = gallery;
-     done();
-   })
-   .catch(done);
- });
- after( () => {
-   delete exampleGallery.userID;
- });
- it('should return a 401 for no token', done => {
-   request.delete(`${url}/api/gallery/${this.tempGallery._id}`)
-   .end((err, res) => {
-     expect(res.status).to.equal(401);
-     done();
-   });
- });
-});
-
-
-
-describe('valid request with an id that was not found', function(){
-  before( done => {
-    new User(exampleUser)
-    .generatePasswordHash(exampleUser.password)
-    .then( user => user.save())
-    .then(user => {
-      this.tempUser = user;
-      return user.generateToken()
-    })
-    .then( token => {
-      this.tempToken = token;
-      done();
-    })
-    .catch(done);
-  });
-  before( done => {
-    exampleGallery.userID = this.tempUser._id.toString();
-    new Gallery(exampleGallery).save()
-    .then( gallery => {
-      this.tempGallery = gallery;
-      done();
-    })
-    .catch(done);
-  });
-  after( () => {
-    delete exampleGallery.userID;
-  });
-  it('should return a 404 because of a bad id', done => {
-    request.delete(`${url}/api/gallery/${badID}`)
-    .set({
-      Authorization: `Bearer ${this.tempToken}`
-    })
-    .end((err, res) => {
-      expect(res.status).to.equal(404);
-      done();
-   });
-  });
- });
-});//end delete
-
-});
+// 'use strict';
+//
+// const expect = require('chai').expect;
+// const request = require('superagent');
+// const debug = require('debug')('cfgram:gallery-route-test');
+// const mongoose = require('mongoose');
+// const Promise = require('bluebird');
+//
+// const Gallery = require('../model/gallery.js');
+// const User = require('../model/user.js');
+//
+// const url = `http://localhost:${process.env.PORT}`;
+//
+// const exampleUser = {
+//   username: 'tester name',
+//   password: 'tester password',
+//   email: 'test@test.com'
+// };
+// const exampleGallery = {
+//   name: 'test gallery',
+//   description: 'descriptive test'
+// };
+// const exampleUpdatedGallery = {
+//   name: 'updated test gallery',
+//   description: 'updated descriptive test'
+// };
+// const exampleBadUpdatedGallery = {
+//   description: 'updated descriptive test'
+// };
+// const badID = 6666666666666;
+//
+// describe('Gallery Routes', function(){
+//
+//   afterEach( done => {
+//       Promise.all([
+//         User.remove({}),
+//         Gallery.remove({})
+//       ])
+//       .then( () => done())
+//       .catch(done);
+//   });
+//
+//   describe('POST: /api/gallery', () => {
+//     describe('a valid request', function(){
+//       before( done => {
+//         new User(exampleUser)
+//         .generatePasswordHash(exampleUser.password)
+//         .then( user => user.save())
+//         .then( user => {
+//           this.tempUser = user;
+//           return user.generateToken();
+//         })
+//         .then( token => {
+//           this.tempToken = token;
+//           done();
+//         })
+//         .catch(done);
+//       });
+//       it('should return a gallery (post request)', done => {
+//         request.post(`${url}/api/gallery`)
+//         .send(exampleGallery)
+//         .set({
+//           Authorization: `Bearer ${this.tempToken}`
+//         })
+//         .end((err, res) => {
+//           if(err) return done(err);
+//           let date = new Date(res.body.created).toString();
+//           expect(res.body.name).to.equal(exampleGallery.name);
+//           expect(res.body.description).to.equal(exampleGallery.description);
+//           expect(res.body.userID).to.equal(this.tempUser._id.toString());
+//           expect(date).to.not.equal('invalid');
+//           expect(res.status).to.equal(200);
+//           done();
+//         });
+//       });
+//    });
+//
+//    describe('a request with no token', function(){
+//      before( done => {
+//        new User(exampleUser)
+//        .generatePasswordHash(exampleUser.password)
+//        .then( user => user.save())
+//        .then( user => {
+//          this.tempUser = user;
+//          return user.generateToken();
+//        })
+//        .then( token => {
+//          this.tempToken = token;
+//          done();
+//        })
+//        .catch(done);
+//      });
+//      it('should return a 401 because of no token', done => {
+//        request.post(`${url}/api/gallery`)
+//        .send(exampleGallery)
+//        .end((err, res) => {
+//          expect(res.status).to.equal(401);
+//          done();
+//        });
+//      });
+//   });
+//
+//   describe('no request body or invalid request body returns 400', function(){
+//     before( done => {
+//       new User(exampleUser)
+//       .generatePasswordHash(exampleUser.password)
+//       .then( user => user.save())
+//       .then( user => {
+//         this.tempUser = user;
+//         return user.generateToken();
+//       })
+//       .then( token => {
+//         this.tempToken = token;
+//         done();
+//       })
+//       .catch(done);
+//     });
+//     it('should return a 400 because of no token', done => {
+//       request.post(`${url}/api/gallery`)
+//       .send(exampleBadUpdatedGallery)
+//       .set({
+//         Authorization: `Bearer ${this.tempToken}`
+//       })
+//       .end((err, res) => {
+//         expect(res.status).to.equal(400);
+//         done();
+//       });
+//     });
+//  });
+// });//end post
+//
+//
+//     describe('GET: /api/gallery/:id', () => {
+//
+//       describe('with a valid request', function(){
+//       before( done => {
+//         new User(exampleUser)
+//         .generatePasswordHash(exampleUser.password)
+//         .then( user => user.save())
+//         .then(user => {
+//           this.tempUser = user;
+//           return user.generateToken()
+//         })
+//         .then( token => {
+//           this.tempToken = token;
+//           done();
+//         })
+//         .catch(done);
+//       });
+//       before( done => {
+//         exampleGallery.userID = this.tempUser._id.toString();
+//         new Gallery(exampleGallery).save()
+//         .then( gallery => {
+//           this.tempGallery = gallery;
+//           done();
+//         })
+//         .catch(done);
+//       });
+//       after( () => {
+//         delete exampleGallery.userID;
+//       });
+//       it('should GET return a gallery', done => {
+//         request.get(`${url}/api/gallery/${this.tempGallery._id}`)
+//         .set({
+//           Authorization: `Bearer ${this.tempToken}`
+//         })
+//         .end((err, res) => {
+//           if(err) return done(err);
+//           let date = new Date(res.body.created.toString());
+//           expect(res.body.name).to.equal(exampleGallery.name);
+//           expect(res.body.description).to.equal(exampleGallery.description);
+//           expect(res.body.userID).to.equal(this.tempUser._id.toString());
+//           expect(date).to.not.equal('invalid date');
+//           expect(res.status).to.equal(200);
+//           done();
+//         });
+//       });
+//      });
+//
+//      describe('with an invalid request', function(){
+//      before( done => {
+//        new User(exampleUser)
+//        .generatePasswordHash(exampleUser.password)
+//        .then( user => user.save())
+//        .then(user => {
+//          this.tempUser = user;
+//          return user.generateToken()
+//        })
+//        .then( token => {
+//          this.tempToken = token;
+//          done();
+//        })
+//        .catch(done);
+//      });
+//      before( done => {
+//        exampleGallery.userID = this.tempUser._id.toString();
+//        new Gallery(exampleGallery).save()
+//        .then( gallery => {
+//          this.tempGallery = gallery;
+//          done();
+//        })
+//        .catch(done);
+//      });
+//      after( () => {
+//        delete exampleGallery.userID;
+//      });
+//      it('should return a 401 for no token', done => {
+//        request.get(`${url}/api/gallery/${this.tempGallery._id}`)
+//        .end((err, res) => {
+//          expect(res.status).to.equal(401);
+//          done();
+//        });
+//      });
+//      });
+//
+//      describe('with a valid request and no id foud', function(){
+//      before( done => {
+//        new User(exampleUser)
+//        .generatePasswordHash(exampleUser.password)
+//        .then( user => user.save())
+//        .then(user => {
+//          this.tempUser = user;
+//          return user.generateToken()
+//        })
+//        .then( token => {
+//          this.tempToken = token;
+//          done();
+//        })
+//        .catch(done);
+//      });
+//      before( done => {
+//        exampleGallery.userID = this.tempUser._id.toString();
+//        new Gallery(exampleGallery).save()
+//        .then( gallery => {
+//          this.tempGallery = gallery;
+//          done();
+//        })
+//        .catch(done);
+//      });
+//      after( () => {
+//        delete exampleGallery.userID;
+//      });
+//      it('should return a 404 for no id found', done => {
+//        request.get(`${url}/api/gallery/${badID}`)
+//        .set({
+//          Authorization: `Bearer ${this.tempToken}`
+//        })
+//        .end((err, res) => {
+//          expect(res.status).to.equal(404);
+//          done();
+//        });
+//      });
+//      });
+//    });//end GET
+//
+//
+//    describe('PUT: /api/gallery/:id', function() {
+//      describe('with a valid body', () => {
+//
+//      before( done => {
+//        new User(exampleUser)
+//        .generatePasswordHash(exampleUser.password)
+//        .then( user => user.save())
+//        .then(user => {
+//          this.tempUser = user;
+//          return user.generateToken()
+//        })
+//        .then( token => {
+//          this.tempToken = token;
+//          done();
+//        })
+//        .catch(done);
+//      });
+//      before( done => {
+//        exampleGallery.userID = this.tempUser._id.toString();
+//        new Gallery(exampleGallery).save()
+//        .then( gallery => {
+//          this.tempGallery = gallery;
+//          done();
+//        })
+//        .catch(done);
+//      });
+//      after( () => {
+//        delete exampleGallery.userID;
+//      });
+//      it('should return a 400 for invalid body', done => {
+//        request.put(`${url}/api/gallery/${this.tempGallery._id}`)
+//        .send(exampleUpdatedGallery)
+//        .set({
+//          Authorization: `Bearer ${this.tempToken}`
+//        })
+//        .end((err, res) => {
+//          expect(res.body.name).to.equal(exampleUpdatedGallery.name);
+//          expect(res.body.description).to.equal(exampleUpdatedGallery.description);
+//          expect(res.status).to.equal(200);
+//          done();
+//        });
+//      });
+//     });
+//     describe('with an invalid body', () => {
+//     before( done => {
+//       new User(exampleUser)
+//       .generatePasswordHash(exampleUser.password)
+//       .then( user => user.save())
+//       .then(user => {
+//         this.tempUser = user;
+//         return user.generateToken()
+//       })
+//       .then( token => {
+//         this.tempToken = token;
+//         done();
+//       })
+//       .catch(done);
+//     });
+//     before( done => {
+//       exampleGallery.userID = this.tempUser._id.toString();
+//       new Gallery(exampleGallery).save()
+//       .then( gallery => {
+//         this.tempGallery = gallery;
+//         done();
+//       })
+//       .catch(done);
+//     });
+//     after( () => {
+//       delete exampleGallery.userID;
+//     });
+//     it('should return an updated gallery (put request)', done => {
+//       request.put(`${url}/api/gallery/${this.tempGallery._id}`)
+//       .send(exampleBadUpdatedGallery)
+//       .set({
+//         Authorization: `Bearer ${this.tempToken}`
+//       })
+//       .end((err, res) => {
+//         expect(res.status).to.equal(400);
+//         done();
+//       });
+//     });
+//    });
+//
+//    describe('with an invalid token', () => {
+//    before( done => {
+//      new User(exampleUser)
+//      .generatePasswordHash(exampleUser.password)
+//      .then( user => user.save())
+//      .then(user => {
+//        this.tempUser = user;
+//        return user.generateToken()
+//      })
+//      .then( token => {
+//        this.tempToken = token;
+//        done();
+//      })
+//      .catch(done);
+//    });
+//    before( done => {
+//      exampleGallery.userID = this.tempUser._id.toString();
+//      new Gallery(exampleGallery).save()
+//      .then( gallery => {
+//        this.tempGallery = gallery;
+//        done();
+//      })
+//      .catch(done);
+//    });
+//    after( () => {
+//      delete exampleGallery.userID;
+//    });
+//    it('should return a 401 due to no token', done => {
+//      request.put(`${url}/api/gallery/${this.tempGallery._id}`)
+//      .send(exampleUpdatedGallery)
+//      .end((err, res) => {
+//        expect(res.status).to.equal(401);
+//        done();
+//      });
+//    });
+//   });
+//
+//   describe('with an invalid id should return 404', () => {
+//   before( done => {
+//     new User(exampleUser)
+//     .generatePasswordHash(exampleUser.password)
+//     .then( user => user.save())
+//     .then(user => {
+//       this.tempUser = user;
+//       return user.generateToken()
+//     })
+//     .then( token => {
+//       this.tempToken = token;
+//       done();
+//     })
+//     .catch(done);
+//   });
+//   before( done => {
+//     exampleGallery.userID = this.tempUser._id.toString();
+//     new Gallery(exampleGallery).save()
+//     .then( gallery => {
+//       this.tempGallery = gallery;
+//       done();
+//     })
+//     .catch(done);
+//   });
+//   after( () => {
+//     delete exampleGallery.userID;
+//   });
+//   it('should return a 404 - id not found', done => {
+//     request.put(`${url}/api/gallery/${badID}`)
+//     .send(exampleUpdatedGallery)
+//     .set({
+//       Authorization: `Bearer ${this.tempToken}`
+//     })
+//     .end((err, res) => {
+//       expect(res.status).to.equal(404);
+//       done();
+//     });
+//   });
+//   });
+// });//end PUT
+//
+// describe('DELETE: /api/gallery/:id', () => {
+//
+//   describe('with a valid request', function(){
+//   before( done => {
+//     new User(exampleUser)
+//     .generatePasswordHash(exampleUser.password)
+//     .then( user => user.save())
+//     .then(user => {
+//       this.tempUser = user;
+//       return user.generateToken()
+//     })
+//     .then( token => {
+//       this.tempToken = token;
+//       done();
+//     })
+//     .catch(done);
+//   });
+//   before( done => {
+//     exampleGallery.userID = this.tempUser._id.toString();
+//     new Gallery(exampleGallery).save()
+//     .then( gallery => {
+//       this.tempGallery = gallery;
+//       done();
+//     })
+//     .catch(done);
+//   });
+//   after( () => {
+//     delete exampleGallery.userID;
+//   });
+//   it('should DELETE and return a gallery', done => {
+//     request.delete(`${url}/api/gallery/${this.tempGallery._id}`)
+//     .set({
+//       Authorization: `Bearer ${this.tempToken}`
+//     })
+//     .end((err, res) => {
+//       if(err) return done(err);
+//       debug(res.body.name);
+//       expect(res.body.name).to.equal(exampleGallery.name);
+//       // expect(res.body.description).to.equal(exampleGallery.description);
+//       // expect(res.body.userID).to.equal(this.tempUser._id.toString());
+//       // expect(date).to.not.equal('invalid date');
+//       expect(res.status).to.equal(200);
+//       done();
+//     });
+//   });
+//  });
+//
+//
+//
+//  describe('with an invalid request', function(){
+//  before( done => {
+//    new User(exampleUser)
+//    .generatePasswordHash(exampleUser.password)
+//    .then( user => user.save())
+//    .then(user => {
+//      this.tempUser = user;
+//      return user.generateToken()
+//    })
+//    .then( token => {
+//      this.tempToken = token;
+//      done();
+//    })
+//    .catch(done);
+//  });
+//  before( done => {
+//    exampleGallery.userID = this.tempUser._id.toString();
+//    new Gallery(exampleGallery).save()
+//    .then( gallery => {
+//      this.tempGallery = gallery;
+//      done();
+//    })
+//    .catch(done);
+//  });
+//  after( () => {
+//    delete exampleGallery.userID;
+//  });
+//  it('should return a 401 for no token', done => {
+//    request.delete(`${url}/api/gallery/${this.tempGallery._id}`)
+//    .end((err, res) => {
+//      expect(res.status).to.equal(401);
+//      done();
+//    });
+//  });
+// });
+//
+//
+//
+// describe('valid request with an id that was not found', function(){
+//   before( done => {
+//     new User(exampleUser)
+//     .generatePasswordHash(exampleUser.password)
+//     .then( user => user.save())
+//     .then(user => {
+//       this.tempUser = user;
+//       return user.generateToken()
+//     })
+//     .then( token => {
+//       this.tempToken = token;
+//       done();
+//     })
+//     .catch(done);
+//   });
+//   before( done => {
+//     exampleGallery.userID = this.tempUser._id.toString();
+//     new Gallery(exampleGallery).save()
+//     .then( gallery => {
+//       this.tempGallery = gallery;
+//       done();
+//     })
+//     .catch(done);
+//   });
+//   after( () => {
+//     delete exampleGallery.userID;
+//   });
+//   it('should return a 404 because of a bad id', done => {
+//     request.delete(`${url}/api/gallery/${badID}`)
+//     .set({
+//       Authorization: `Bearer ${this.tempToken}`
+//     })
+//     .end((err, res) => {
+//       expect(res.status).to.equal(404);
+//       done();
+//    });
+//   });
+//  });
+// });//end delete
+//
+// });
diff --git a/lab-regan/test/lib/server-toggle.js b/lab-regan/test/lib/server-toggle.js
new file mode 100644
index 0000000..b34281a
--- /dev/null
+++ b/lab-regan/test/lib/server-toggle.js
@@ -0,0 +1,28 @@
+'use strict';
+
+const debug = require('debug')('cfgram:server-toggle');
+module.exports = exports = {};
+
+exports.serverOn = function(server, done){
+  if(!server.isRunning){
+    server.listen(process.env.PORT, () => {
+      server.isRunning = true;
+      debug('server up!');
+      done();
+    });
+    return;
+  };
+  done();
+};
+
+exports.serverOff = function(server, done){
+  if(server.isRunning){
+    server.close( err => {
+      server.isRunning = false;
+      debug('server down');
+      done();
+    });
+    return;
+  };
+  done();
+};
diff --git a/lab-regan/test/pic-route-test.js b/lab-regan/test/pic-route-test.js
new file mode 100644
index 0000000..09b5769
--- /dev/null
+++ b/lab-regan/test/pic-route-test.js
@@ -0,0 +1,102 @@
+'use strict';
+
+const expect = require('chai').expect;
+const request = require('superagent');
+const debug = require('debug')('cfgram:pic-router-test');
+
+const Pic = require('../model/pic.js');
+const User = require('../model/user.js');
+const Gallery = require('../model/gallery.js');
+
+const serverToggle = require('./lib/server-toggle.js');
+const server = require('../server.js');
+
+const url = `http://localhost:${process.env.PORT}`;
+
+const exampleUser = {
+  username: 'exampleuser',
+  password: '1234',
+  email: 'exampleuser@test.com'
+};
+
+const exampleGallery = {
+  name: 'test gallery',
+  desc: 'test gallery description'
+};
+
+const examplePic = {
+  name: 'example pic',
+  desc: 'example pic description',
+  image: `${__dirname}/data/angular.png`
+};
+
+describe('Pic Routes', function() {
+  before( done => {
+    serverToggle.serverOn(server, done);
+  });
+
+  after( done => {
+    serverToggle.serverOff(server, done);
+  });
+
+  afterEach( done => {
+    Promise.all([
+      Pic.remove({}),
+      User.remove({}),
+      Gallery.remove({})
+    ])
+    .then( () => done())
+    .catch(done);
+  });
+
+  describe('POST: /api/gallery/:id/pic', function() {
+    describe('with a valid token and valid data', function() {
+      before( done => {
+        new User(exampleUser)
+        .generatePasswordHash(exampleUser.password)
+        .then( user => user.save())
+        .then( user => {
+          this.tempUser = user;
+          return user.generateToken();
+        })
+        .then( token => {
+          this.tempToken = token;
+          done();
+        })
+        .catch(done);
+      });
+
+      before( done => {
+        exampleGallery.userID = this.tempUser._id.toString();
+        new Gallery(exampleGallery).save()
+        .then( gallery => {
+          this.tempGallery = gallery;
+          done();
+        })
+        .catch(done);
+      });
+
+      after( done => {
+        delete exampleGallery.userID;
+        done();
+      });
+      it('should return a pic (and a 200)', done => {
+        request.post(`${url}/api/gallery/${this.tempGallery._id}/pic`)
+        .set({
+          Authorization: `Bearer ${this.tempToken}`
+        })
+        .field('name', examplePic.name)
+        .field('desc', examplePic.desc)
+        .attach('image', examplePic.image)
+        .end((err, res) => {
+          if (err) return done(err);
+          expect(res.status).to.equal(200);
+          expect(res.body.name).to.equal(examplePic.name);
+          expect(res.body.desc).to.equal(examplePic.desc);
+          expect(res.body.galleryID).to.equal(this.tempGallery._id.toString());
+          done();
+        });
+      });
+    });
+  });
+});

From 46654d35c4467028d8e005ebcfb77a7cfad7f163 Mon Sep 17 00:00:00 2001
From: Regan O'Neill <rkrotho@gmail.com>
Date: Fri, 10 Mar 2017 22:13:35 -0800
Subject: [PATCH 7/7] Delete .env

---
 lab-regan/.env | 7 -------
 1 file changed, 7 deletions(-)
 delete mode 100644 lab-regan/.env

diff --git a/lab-regan/.env b/lab-regan/.env
deleted file mode 100644
index deddcc2..0000000
--- a/lab-regan/.env
+++ /dev/null
@@ -1,7 +0,0 @@
-
-MONGODB_URI='mongodb://localhost/cfgramed'
-APP_SECRET='bestappsecret'
-PORT='8000'
-AWS_BUCKET='cfgrambackend-rko'
-AWS_ACCESS_KEY_ID='AKIAIQ3KQHA25LMUL7KA'
-AWS_SECRET_ACCESS_KEY='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'