feat(01-02): add Hono API routes with validation, image upload, and integration tests

- Item routes: GET, POST, PUT, DELETE with Zod validation and image cleanup - Category routes: GET, POST, PUT, DELETE with Uncategorized protection - Totals route: per-category and global aggregates - Image upload: multipart file handling with type/size validation - Routes use DI via Hono context variables for testability - Integration tests: 10 tests covering all endpoints and edge cases - All 30 tests passing Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-14 22:40:49 +01:00
parent 22757a8aef
commit 029adf4dca
7 changed files with 412 additions and 0 deletions
--- a/src/server/index.ts
+++ b/src/server/index.ts
@@ -1,6 +1,10 @@
 import { Hono } from "hono";
 import { serveStatic } from "hono/bun";
 import { seedDefaults } from "../db/seed.ts";
+import { itemRoutes } from "./routes/items.ts";
+import { categoryRoutes } from "./routes/categories.ts";
+import { totalRoutes } from "./routes/totals.ts";
+import { imageRoutes } from "./routes/images.ts";

 // Seed default data on startup
 seedDefaults();
@@ -12,6 +16,12 @@ app.get("/api/health", (c) => {
  return c.json({ status: "ok" });
 });

+// API routes
+app.route("/api/items", itemRoutes);
+app.route("/api/categories", categoryRoutes);
+app.route("/api/totals", totalRoutes);
+app.route("/api/images", imageRoutes);
+
 // Serve uploaded images
 app.use("/uploads/*", serveStatic({ root: "./" }));

@@ -22,3 +32,4 @@ if (process.env.NODE_ENV === "production") {
 }

 export default { port: 3000, fetch: app.fetch };
+export { app };
--- a/src/server/routes/categories.ts
+++ b/src/server/routes/categories.ts
@@ -0,0 +1,59 @@
+import { Hono } from "hono";
+import { zValidator } from "@hono/zod-validator";
+import {
+  createCategorySchema,
+  updateCategorySchema,
+} from "../../shared/schemas.ts";
+import {
+  getAllCategories,
+  createCategory,
+  updateCategory,
+  deleteCategory,
+} from "../services/category.service.ts";
+
+type Env = { Variables: { db?: any } };
+
+const app = new Hono<Env>();
+
+app.get("/", (c) => {
+  const db = c.get("db");
+  const cats = getAllCategories(db);
+  return c.json(cats);
+});
+
+app.post("/", zValidator("json", createCategorySchema), (c) => {
+  const db = c.get("db");
+  const data = c.req.valid("json");
+  const cat = createCategory(db, data);
+  return c.json(cat, 201);
+});
+
+app.put(
+  "/:id",
+  zValidator("json", updateCategorySchema.omit({ id: true })),
+  (c) => {
+    const db = c.get("db");
+    const id = Number(c.req.param("id"));
+    const data = c.req.valid("json");
+    const cat = updateCategory(db, id, data);
+    if (!cat) return c.json({ error: "Category not found" }, 404);
+    return c.json(cat);
+  },
+);
+
+app.delete("/:id", (c) => {
+  const db = c.get("db");
+  const id = Number(c.req.param("id"));
+  const result = deleteCategory(db, id);
+
+  if (!result.success) {
+    if (result.error === "Cannot delete the Uncategorized category") {
+      return c.json({ error: result.error }, 400);
+    }
+    return c.json({ error: result.error }, 404);
+  }
+
+  return c.json({ success: true });
+});
+
+export { app as categoryRoutes };
--- a/src/server/routes/images.ts
+++ b/src/server/routes/images.ts
@@ -0,0 +1,46 @@
+import { Hono } from "hono";
+import { randomUUID } from "node:crypto";
+import { join } from "node:path";
+import { mkdir } from "node:fs/promises";
+
+const ALLOWED_TYPES = ["image/jpeg", "image/png", "image/webp"];
+const MAX_SIZE = 5 * 1024 * 1024; // 5MB
+
+const app = new Hono();
+
+app.post("/", async (c) => {
+  const body = await c.req.parseBody();
+  const file = body["image"];
+
+  if (!file || typeof file === "string") {
+    return c.json({ error: "No image file provided" }, 400);
+  }
+
+  // Validate file type
+  if (!ALLOWED_TYPES.includes(file.type)) {
+    return c.json(
+      { error: "Invalid file type. Accepted: jpeg, png, webp" },
+      400,
+    );
+  }
+
+  // Validate file size
+  if (file.size > MAX_SIZE) {
+    return c.json({ error: "File too large. Maximum size is 5MB" }, 400);
+  }
+
+  // Generate unique filename
+  const ext = file.type.split("/")[1] === "jpeg" ? "jpg" : file.type.split("/")[1];
+  const filename = `${Date.now()}-${randomUUID()}.${ext}`;
+
+  // Ensure uploads directory exists
+  await mkdir("uploads", { recursive: true });
+
+  // Write file
+  const buffer = await file.arrayBuffer();
+  await Bun.write(join("uploads", filename), buffer);
+
+  return c.json({ filename }, 201);
+});
+
+export { app as imageRoutes };
--- a/src/server/routes/items.ts
+++ b/src/server/routes/items.ts
@@ -0,0 +1,66 @@
+import { Hono } from "hono";
+import { zValidator } from "@hono/zod-validator";
+import { createItemSchema, updateItemSchema } from "../../shared/schemas.ts";
+import {
+  getAllItems,
+  getItemById,
+  createItem,
+  updateItem,
+  deleteItem,
+} from "../services/item.service.ts";
+import { unlink } from "node:fs/promises";
+import { join } from "node:path";
+
+type Env = { Variables: { db?: any } };
+
+const app = new Hono<Env>();
+
+app.get("/", (c) => {
+  const db = c.get("db");
+  const items = getAllItems(db);
+  return c.json(items);
+});
+
+app.get("/:id", (c) => {
+  const db = c.get("db");
+  const id = Number(c.req.param("id"));
+  const item = getItemById(db, id);
+  if (!item) return c.json({ error: "Item not found" }, 404);
+  return c.json(item);
+});
+
+app.post("/", zValidator("json", createItemSchema), (c) => {
+  const db = c.get("db");
+  const data = c.req.valid("json");
+  const item = createItem(db, data);
+  return c.json(item, 201);
+});
+
+app.put("/:id", zValidator("json", updateItemSchema.omit({ id: true })), (c) => {
+  const db = c.get("db");
+  const id = Number(c.req.param("id"));
+  const data = c.req.valid("json");
+  const item = updateItem(db, id, data);
+  if (!item) return c.json({ error: "Item not found" }, 404);
+  return c.json(item);
+});
+
+app.delete("/:id", async (c) => {
+  const db = c.get("db");
+  const id = Number(c.req.param("id"));
+  const deleted = deleteItem(db, id);
+  if (!deleted) return c.json({ error: "Item not found" }, 404);
+
+  // Clean up image file if exists
+  if (deleted.imageFilename) {
+    try {
+      await unlink(join("uploads", deleted.imageFilename));
+    } catch {
+      // File missing is not an error worth failing the delete over
+    }
+  }
+
+  return c.json({ success: true });
+});
+
+export { app as itemRoutes };
--- a/src/server/routes/totals.ts
+++ b/src/server/routes/totals.ts
@@ -0,0 +1,18 @@
+import { Hono } from "hono";
+import {
+  getCategoryTotals,
+  getGlobalTotals,
+} from "../services/totals.service.ts";
+
+type Env = { Variables: { db?: any } };
+
+const app = new Hono<Env>();
+
+app.get("/", (c) => {
+  const db = c.get("db");
+  const categoryTotals = getCategoryTotals(db);
+  const globalTotals = getGlobalTotals(db);
+  return c.json({ categories: categoryTotals, global: globalTotals });
+});
+
+export { app as totalRoutes };
--- a/tests/routes/categories.test.ts
+++ b/tests/routes/categories.test.ts
@@ -0,0 +1,91 @@
+import { describe, it, expect, beforeEach } from "bun:test";
+import { Hono } from "hono";
+import { createTestDb } from "../helpers/db.ts";
+import { categoryRoutes } from "../../src/server/routes/categories.ts";
+import { itemRoutes } from "../../src/server/routes/items.ts";
+
+function createTestApp() {
+  const db = createTestDb();
+  const app = new Hono();
+
+  // Inject test DB into context for all routes
+  app.use("*", async (c, next) => {
+    c.set("db", db);
+    await next();
+  });
+
+  app.route("/api/categories", categoryRoutes);
+  app.route("/api/items", itemRoutes);
+  return { app, db };
+}
+
+describe("Category Routes", () => {
+  let app: Hono;
+
+  beforeEach(() => {
+    const testApp = createTestApp();
+    app = testApp.app;
+  });
+
+  it("POST /api/categories creates category", async () => {
+    const res = await app.request("/api/categories", {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ name: "Shelter", emoji: "\u{26FA}" }),
+    });
+
+    expect(res.status).toBe(201);
+    const body = await res.json();
+    expect(body.name).toBe("Shelter");
+    expect(body.emoji).toBe("\u{26FA}");
+    expect(body.id).toBeGreaterThan(0);
+  });
+
+  it("GET /api/categories returns all categories", async () => {
+    const res = await app.request("/api/categories");
+    expect(res.status).toBe(200);
+    const body = await res.json();
+    expect(Array.isArray(body)).toBe(true);
+    // At minimum, Uncategorized is seeded
+    expect(body.length).toBeGreaterThanOrEqual(1);
+  });
+
+  it("DELETE /api/categories/:id reassigns items", async () => {
+    // Create category
+    const catRes = await app.request("/api/categories", {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ name: "Shelter", emoji: "\u{26FA}" }),
+    });
+    const cat = await catRes.json();
+
+    // Create item in that category
+    await app.request("/api/items", {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ name: "Tent", categoryId: cat.id }),
+    });
+
+    // Delete the category
+    const delRes = await app.request(`/api/categories/${cat.id}`, {
+      method: "DELETE",
+    });
+    expect(delRes.status).toBe(200);
+
+    // Verify items are now in Uncategorized
+    const itemsRes = await app.request("/api/items");
+    const items = await itemsRes.json();
+    const tent = items.find((i: any) => i.name === "Tent");
+    expect(tent.categoryId).toBe(1);
+  });
+
+  it("DELETE /api/categories/1 returns 400 (cannot delete Uncategorized)", async () => {
+    const res = await app.request("/api/categories/1", {
+      method: "DELETE",
+    });
+
+    expect(res.status).toBe(400);
+    const body = await res.json();
+    expect(body.error).toContain("Uncategorized");
+  });
+});
--- a/tests/routes/items.test.ts
+++ b/tests/routes/items.test.ts
@@ -0,0 +1,121 @@
+import { describe, it, expect, beforeEach } from "bun:test";
+import { Hono } from "hono";
+import { createTestDb } from "../helpers/db.ts";
+import { itemRoutes } from "../../src/server/routes/items.ts";
+import { categoryRoutes } from "../../src/server/routes/categories.ts";
+
+function createTestApp() {
+  const db = createTestDb();
+  const app = new Hono();
+
+  // Inject test DB into context for all routes
+  app.use("*", async (c, next) => {
+    c.set("db", db);
+    await next();
+  });
+
+  app.route("/api/items", itemRoutes);
+  app.route("/api/categories", categoryRoutes);
+  return { app, db };
+}
+
+describe("Item Routes", () => {
+  let app: Hono;
+
+  beforeEach(() => {
+    const testApp = createTestApp();
+    app = testApp.app;
+  });
+
+  it("POST /api/items with valid data returns 201", async () => {
+    const res = await app.request("/api/items", {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        name: "Tent",
+        weightGrams: 1200,
+        priceCents: 35000,
+        categoryId: 1,
+      }),
+    });
+
+    expect(res.status).toBe(201);
+    const body = await res.json();
+    expect(body.name).toBe("Tent");
+    expect(body.id).toBeGreaterThan(0);
+  });
+
+  it("POST /api/items with missing name returns 400", async () => {
+    const res = await app.request("/api/items", {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ categoryId: 1 }),
+    });
+
+    expect(res.status).toBe(400);
+  });
+
+  it("GET /api/items returns array", async () => {
+    // Create an item first
+    await app.request("/api/items", {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ name: "Tent", categoryId: 1 }),
+    });
+
+    const res = await app.request("/api/items");
+    expect(res.status).toBe(200);
+    const body = await res.json();
+    expect(Array.isArray(body)).toBe(true);
+    expect(body.length).toBeGreaterThanOrEqual(1);
+  });
+
+  it("PUT /api/items/:id updates fields", async () => {
+    // Create first
+    const createRes = await app.request("/api/items", {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({
+        name: "Tent",
+        weightGrams: 1200,
+        categoryId: 1,
+      }),
+    });
+    const created = await createRes.json();
+
+    // Update
+    const res = await app.request(`/api/items/${created.id}`, {
+      method: "PUT",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ name: "Big Agnes Tent", weightGrams: 1100 }),
+    });
+
+    expect(res.status).toBe(200);
+    const body = await res.json();
+    expect(body.name).toBe("Big Agnes Tent");
+    expect(body.weightGrams).toBe(1100);
+  });
+
+  it("DELETE /api/items/:id returns success", async () => {
+    // Create first
+    const createRes = await app.request("/api/items", {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ name: "Tent", categoryId: 1 }),
+    });
+    const created = await createRes.json();
+
+    const res = await app.request(`/api/items/${created.id}`, {
+      method: "DELETE",
+    });
+
+    expect(res.status).toBe(200);
+    const body = await res.json();
+    expect(body.success).toBe(true);
+  });
+
+  it("GET /api/items/:id returns 404 for non-existent item", async () => {
+    const res = await app.request("/api/items/9999");
+    expect(res.status).toBe(404);
+  });
+});