Merge branch 'main' of github.com:CS3219-AY2425S1/cs3219-ay2425s1-project-g16 into PEER-249-UI-Question-Details

Signed-off-by: SeeuSim <[email protected]>

Author: SeeuSim

Makefile

@@ -0,0 +1,7 @@
+db-up:
+	./scripts/ensure-volume.sh
+	docker-compose --env-file .env.local up -d
+
+db-down:
+	docker-compose --env-file .env.local down
+

backend/user/.env.local

@@ -1,4 +1,7 @@
 EXPRESS_ENV="local"
+PEERPREP_UI_HOST="http://localhost:5173"
+
+EXPRESS_PORT=9001
 EXPRESS_DB_HOST="localhost"
 EXPRESS_DB_PORT=5431
 POSTGRES_DB="user"

backend/user/docker-compose.yml

@@ -26,8 +26,9 @@ services:
       args: 
         # For building with the correct env vars
         - env=${EXPRESS_ENV}
+        - port=${EXPRESS_PORT}
     ports:
-      - "9001:8001"
+      - "9001:${EXPRESS_PORT}"
     command: node dist/index.js
     env_file:
       - ./.env.local

backend/user/express.Dockerfile

@@ -13,5 +13,6 @@ COPY --from=build --chown=node:node /data/question-express/dist ./dist
 
 ARG env
 COPY ".env.${env}" .
-EXPOSE 8001
+ARG port
+EXPOSE ${port}
 CMD [ "npm", "run", "start" ]

backend/user/package.json

@@ -20,6 +20,8 @@
   "description": "",
   "dependencies": {
     "bcrypt": "^5.1.1",
+    "cookie-parser": "^1.4.6",
+    "cors": "^2.8.5",
     "drizzle-orm": "^0.33.0",
     "env-cmd": "^10.1.0",
     "express": "^4.21.0",
@@ -35,6 +37,8 @@
     "@swc/core": "^1.7.26",
     "@swc/helpers": "^0.5.13",
     "@types/bcrypt": "^5.0.2",
+    "@types/cookie-parser": "^1.4.7",
+    "@types/cors": "^2.8.17",
     "@types/express": "^4.17.21",
     "@types/jsonwebtoken": "^9.0.6",
     "@types/node": "^22.5.5",

backend/user/src/controllers/auth-check/index.ts

@@ -0,0 +1,21 @@
+import { StatusCodes } from 'http-status-codes';
+
+import { COOKIE_NAME, decodeCookie, isCookieValid } from '@/lib/cookies';
+import { IRouteHandler } from '@/types';
+import { logger } from '@/lib/utils';
+
+export const checkIsAuthed: IRouteHandler = async (req, res) => {
+  const cookie: string | undefined = req.cookies[COOKIE_NAME];
+  if (cookie && isCookieValid(cookie)) {
+    const decoded = decodeCookie(cookie);
+    const expireTimeInMillis = decoded.exp * 1000;
+    logger.info(
+      '[/auth-check/check-is-authed]: Expires At ' + new Date(expireTimeInMillis).toLocaleString()
+    );
+    return res.status(StatusCodes.OK).json({
+      message: 'OK',
+      expiresAt: expireTimeInMillis,
+    });
+  }
+  return res.status(StatusCodes.UNAUTHORIZED).json('Unauthorised');
+};

backend/user/src/controllers/auth/index.ts

@@ -1,5 +1,6 @@
 import { StatusCodes } from 'http-status-codes';
 
+import { COOKIE_NAME } from '@/lib/cookies';
 import {
   loginService,
   registerService,
@@ -20,13 +21,18 @@ export const login: IRouteHandler = async (req, res) => {
   }
   return res
     .status(StatusCodes.OK)
-    .cookie('jwtToken', data.cookie, { httpOnly: true })
+    .cookie(COOKIE_NAME, data.cookie, {
+      httpOnly: true,
+      secure: false, // For HTTPS: Set true
+      sameSite: 'lax',
+      path: '/',
+    })
     .json(data.user);
 };
 
 export const logout: IRouteHandler = async (_req, res) => {
   return res
-    .clearCookie('jwtToken', {
+    .clearCookie(COOKIE_NAME, {
       secure: true,
       sameSite: 'none',
     })

backend/user/src/index.ts

@@ -1,7 +1,7 @@
 import app, { dbHealthCheck } from '@/server';
 import { logger } from '@/lib/utils';
 
-const port = process.env.PORT || 8001;
+const port = Number.parseInt(process.env.EXPRESS_PORT ?? '8001');
 
 const listenMessage = `App listening on port: ${port}`;
 app.listen(port, async () => {

backend/user/src/lib/cookies/index.ts

@@ -1,6 +1,8 @@
 import { JWT_SECRET_KEY } from '@/config';
 import jwt from 'jsonwebtoken';
 
+export const COOKIE_NAME = 'peerprep-user-session';
+
 export const generateCookie = <T extends object>(payload: T) => {
   return jwt.sign(payload, JWT_SECRET_KEY, {
     expiresIn: '30m',
@@ -13,8 +15,19 @@ export const isCookieValid = (cookie: string) => {
   });
 };
 
+export type CookiePayload = {
+  id: string;
+};
+
+type CookieType<T> = T & {
+  iat: number;
+  exp: number;
+};
+
 export const decodeCookie = (cookie: string) => {
-  return jwt.decode(cookie);
+  const decoded = jwt.decode(cookie) as CookieType<CookiePayload>;
+
+  return decoded;
 };
 
 // TODO: Insert proper cookie validity logic and middleware

backend/user/src/routes/auth-check.ts

@@ -0,0 +1,9 @@
+import express from 'express';
+
+import { checkIsAuthed } from '@/controllers/auth-check';
+
+const router = express.Router();
+
+router.get('/is-authed', checkIsAuthed);
+
+export default router;