Merge branch 'development' into BE/stopmatch

Author: jolynloh

backend/user-service/.env.sample

@@ -7,18 +7,26 @@ MONGO_LOCAL_URI=<MONGO_LOCAL_URI>
 # Secret for creating JWT signature
 JWT_SECRET=<JWT_SECRET>
 
-# admin default credentials
+# Admin default credentials
 ADMIN_FIRST_NAME=Admin
 ADMIN_LAST_NAME=User
 ADMIN_USERNAME=administrator
 ADMIN_EMAIL=[email protected]
 ADMIN_PASSWORD=Admin@123
 
-# firebase
+# Firebase
 FIREBASE_PROJECT_ID=FIREBASE_PROJECT_ID
 FIREBASE_PRIVATE_KEY=FIREBASE_PRIVATE_KEY
 FIREBASE_CLIENT_EMAIL=FIREBASE_CLIENT_EMAIL
 FIREBASE_STORAGE_BUCKET=FIREBASE_STORAGE_BUCKET
 
-# origins for cors
-ORIGINS=http://localhost:5173,http://127.0.0.1:5173
+# Origins for cors
+ORIGINS=http://localhost:5173,http://127.0.0.1:5173
+
+# Mail service
+SERVICE=gmail
+USER=EMAIL_ADDRESS
+PASS=PASSWORD
+
+# Redis configuration
+REDIS_URI=REDIS_URI

backend/user-service/README.md

@@ -8,10 +8,40 @@
 
 2. To connect to your cloud MongoDB instead of your local MongoDB, set the `NODE_ENV` to `production` instead of `development`.
 
-3. Update `MONGO_CLOUD_URI`, `MONGO_LOCAL_URI`, `FIREBASE_PROJECT_ID`, `FIREBASE_PRIVATE_KEY`, `FIREBASE_CLIENT_EMAIL`, `FIREBASE_STORAGE_BUCKET`, `JWT_SECRET`.
+3. Update the following variables in the `.env` file:
+
+   - `MONGO_CLOUD_URI`
+
+   - `MONGO_LOCAL_URI`
+
+   - `FIREBASE_PROJECT_ID`
+
+   - `FIREBASE_PRIVATE_KEY`
+
+   - `FIREBASE_CLIENT_EMAIL`
+
+   - `FIREBASE_STORAGE_BUCKET`
+
+   - `JWT_SECRET`
+
+   - `SERVICE`: Email service to use to send account verification links, e.g. `gmail`.
+
+   - `USER`: Email address that you will be using, e.g. `[email protected]`.
+
+   - `PASS`: The app password. For gmail accounts, please refer to this [link](https://support.google.com/accounts/answer/185833?hl=en).
+
+   - `REDIS_URI`
 
 4. A default admin account (`email: [email protected]` and `password: Admin@123`) wil be created. If you wish to change the default credentials, update them in `.env`. Alternatively, you can also edit your credentials and user profile after you have created the default account.
 
+5. To view the contents stored in Redis,
+
+   1. Go to [http://localhost:5540](http://localhost:5540).
+
+   2. Click on "Add Redis Database".
+
+   3. Enter `host.internal.docker` as the Host.
+
 ## Running User Service without Docker
 
 1. Open Command Line/Terminal and navigate into the `user-service` directory.

backend/user-service/config/firebase.ts

@@ -11,4 +11,6 @@ admin.initializeApp({
 
 const bucket = admin.storage().bucket();
 
-export { bucket };
+const auth = admin.auth();
+
+export { bucket, auth };

backend/user-service/config/redis.ts

@@ -0,0 +1,19 @@
+import { createClient } from "redis";
+import dotenv from "dotenv";
+
+dotenv.config();
+
+const REDIS_URI = process.env.REDIS_URI || "redis://localhost:6379";
+
+const client = createClient({ url: REDIS_URI });
+
+export const connectRedis = async () => {
+  await client.connect();
+  client.on("error", (err) => console.log(`Error: ${err}`));
+};
+
+// client.on("error", (err) => console.log(`Error: ${err}`));
+
+// (async () => await client.connect())();
+
+export default client;

backend/user-service/controller/auth-controller.ts

@@ -17,6 +17,12 @@ export async function handleLogin(
         return res.status(401).json({ message: "Wrong email and/or password" });
       }
 
+      if (!user.isVerified) {
+        return res.status(401).json({
+          message: "User not verified.",
+        });
+      }
+
       const match = await bcrypt.compare(password, user.password);
       if (!match) {
         return res.status(401).json({ message: "Wrong email and/or password" });

backend/user-service/controller/user-controller.ts

@@ -11,6 +11,7 @@ import {
   findUserByUsernameOrEmail as _findUserByUsernameOrEmail,
   updateUserById as _updateUserById,
   updateUserPrivilegeById as _updateUserPrivilegeById,
+  updateUserVerification as _updateUserVerification,
 } from "../model/repository";
 import {
   validateEmail,
@@ -22,6 +23,10 @@ import {
 import { IUser } from "../model/user-model";
 import { upload } from "../config/multer";
 import { uploadFileToFirebase } from "../utils/utils";
+import redisClient from "../config/redis";
+import crypto from "crypto";
+import { sendAccVerificationMail } from "../utils/mailer";
+import { ACCOUNT_VERIFICATION_SUBJ } from "../utils/constants";
 
 export async function createUser(
   req: Request,
@@ -77,8 +82,9 @@ export async function createUser(
         email,
         hashedPassword
       );
+
       return res.status(201).json({
-        message: `Created new user ${username} successfully`,
+        message: `Created new user ${username} successfully.`,
         data: formatUserResponse(createdUser),
       });
     } else {
@@ -94,6 +100,74 @@ export async function createUser(
   }
 }
 
+export const sendVerificationMail = async (
+  req: Request,
+  res: Response
+): Promise<Response> => {
+  try {
+    const { email } = req.body;
+    const user = await _findUserByEmail(email);
+
+    if (!user) {
+      return res.status(404).json({ message: `User ${email} not found` });
+    }
+
+    const emailToken = crypto.randomBytes(16).toString("hex");
+    await redisClient.set(email, emailToken, { EX: 60 * 5 }); // expire in 5 minutes
+    await sendAccVerificationMail(
+      email,
+      ACCOUNT_VERIFICATION_SUBJ,
+      user.username,
+      emailToken
+    );
+
+    return res.status(200).json({
+      message: "Verification email sent. Please check your inbox.",
+      data: { email, id: user.id },
+    });
+  } catch (error) {
+    return res.status(500).json({
+      message: "Unknown error when sending verification email!",
+      error,
+    });
+  }
+};
+
+export const verifyUser = async (
+  req: Request,
+  res: Response
+): Promise<Response> => {
+  try {
+    const { email, token } = req.params;
+
+    const user = await _findUserByEmail(email);
+    if (!user) {
+      return res.status(404).json({ message: `User ${email} not found` });
+    }
+
+    const expectedToken = await redisClient.get(email);
+
+    if (expectedToken !== token) {
+      return res
+        .status(400)
+        .json({ message: "Invalid token. Please request for a new one." });
+    }
+
+    const updatedUser = await _updateUserVerification(email);
+    if (!updatedUser) {
+      return res.status(404).json({ message: `User ${email} not verified.` });
+    }
+
+    return res
+      .status(200)
+      .json({ message: `User ${email} verified successfully.` });
+  } catch (error) {
+    return res
+      .status(500)
+      .json({ message: "Unknown error when verifying user!", error });
+  }
+};
+
 export const createImageLink = async (
   req: Request,
   res: Response

backend/user-service/jest.config.ts

@@ -4,6 +4,7 @@
  */
 
 import type { Config } from "jest";
+// import type { JestConfigWithTsJest } from "ts-jest";
 
 const config: Config = {
   // All imported modules in your tests should be mocked automatically
@@ -52,6 +53,8 @@ const config: Config = {
   // Make calling deprecated APIs throw helpful error messages
   // errorOnDeprecated: false,
 
+  // extensionsToTreatAsEsm: [".ts"],
+
   // The default configuration for fake timers
   // fakeTimers: {
   //   "enableGlobally": false
@@ -90,7 +93,9 @@ const config: Config = {
   // ],
 
   // A map from regular expressions to module names or to arrays of module names that allow to stub out resources with a single module
-  // moduleNameMapper: {},
+  // moduleNameMapper: {
+  //   "^(\\.{1,2}/.*)\\.js$": "$1",
+  // },
 
   // An array of regexp pattern strings, matched against all module paths before considered 'visible' to the module loader
   // modulePathIgnorePatterns: [],
@@ -146,7 +151,7 @@ const config: Config = {
   // snapshotSerializers: [],
 
   // The test environment that will be used for testing
-  // testEnvironment: "jest-environment-node",
+  // testEnvironment: "node",
 
   // Options that will be passed to the testEnvironment
   // testEnvironmentOptions: {},
@@ -175,12 +180,38 @@ const config: Config = {
   // testRunner: "jest-circus/runner",
 
   // A map from regular expressions to paths to transformers
-  // transform: undefined,
+  // transform: {
+  //   "^.+\\.tsx?$": [
+  //     "ts-jest",
+  //     {
+  //       diagnostics: {
+  //         ignoreCodes: [1343],
+  //       },
+  //       astTransformers: {
+  //         before: [
+  //           {
+  //             path: "node_modules/ts-jest-mock-import-meta", // or, alternatively, 'ts-jest-mock-import-meta' directly, without node_modules.
+  //           },
+  //         ],
+  //       },
+  //     },
+  //   ],
+  // },
+  // transform: {
+  //   "^.+\\.tsx?$": [
+  //     "ts-jest",
+  //     {
+  //       useESM: true,
+  //       astTransformers: { before: [{ path: "ts-jest-mock-import-meta" }] },
+  //       diagnostics: { ignoreCodes: [1343] },
+  //     },
+  //   ],
+  //   "node_modules/nodemailer-express-handlebars/.+\\.(j|t)sx?$": "ts-jest",
+  // },
 
   // An array of regexp pattern strings that are matched against all source file paths, matched files will skip transformation
   // transformIgnorePatterns: [
-  //   "/node_modules/",
-  //   "\\.pnp\\.[^\\/]+$"
+  //   "node_modules/?!(nodemailer-express-handlebars/.*)",
   // ],
 
   // An array of regexp pattern strings that are matched against all modules before the module loader will automatically return a mock for them

backend/user-service/model/repository.ts

@@ -21,16 +21,18 @@ export async function createUser(
   username: string,
   email: string,
   password: string,
-  isAdmin: boolean = false
+  isAdmin: boolean = false,
+  isVerified: boolean = false
 ): Promise<IUser> {
-  return new UserModel({
+  const user = new UserModel({
     firstName,
     lastName,
     username,
     email,
     password,
     isAdmin,
-  }).save();
+  });
+  return user.save();
 }
 
 export async function findUserByEmail(email: string): Promise<IUser | null> {
@@ -98,6 +100,20 @@ export async function updateUserPrivilegeById(
   );
 }
 
+export async function updateUserVerification(
+  email: string
+): Promise<IUser | null> {
+  return UserModel.findOneAndUpdate(
+    { email },
+    {
+      $set: {
+        isVerified: true,
+      },
+    },
+    { new: true } // return the updated user
+  );
+}
+
 export async function deleteUserById(userId: string): Promise<IUser | null> {
   return UserModel.findByIdAndDelete(userId);
 }

backend/user-service/model/user-model.ts

@@ -11,6 +11,8 @@ export interface IUser extends Document {
   firstName: string;
   lastName: string;
   biography?: string;
+
+  isVerified: boolean;
 }
 
 const UserModelSchema: Schema<IUser> = new mongoose.Schema({
@@ -54,6 +56,11 @@ const UserModelSchema: Schema<IUser> = new mongoose.Schema({
     required: false,
     default: "Hello World!",
   },
+  isVerified: {
+    type: Boolean,
+    required: true,
+    default: false,
+  },
 });
 
 const UserModel = mongoose.model<IUser>("UserModel", UserModelSchema);