Dev

.scannerwork/report-task.txt

@@ -0,0 +1,6 @@
+projectKey=x-backend-replica
+serverUrl=http://localhost:9000
+serverVersion=25.12.0.117093
+dashboardUrl=http://localhost:9000/dashboard?id=x-backend-replica
+ceTaskId=7168e6a5-41aa-42a6-a2a2-124c7e9216b7
+ceTaskUrl=http://localhost:9000/api/ce/task?id=7168e6a5-41aa-42a6-a2a2-124c7e9216b7

package.json

@@ -30,7 +30,8 @@
         "seed": "ts-node -r tsconfig-paths/register src/databases/seeds/scripts/seed.ts",
         "es:seed": "ts-node -r tsconfig-paths/register src/elasticsearch/scripts/es-seed.ts",
         "es:reset": "ts-node -r tsconfig-paths/register src/elasticsearch/scripts/es-reset.ts",
-        "generate-encryption-key": "node -r ts-node/register src/shared/services/encryption/generate-encryption-key.ts"
+        "generate-encryption-key": "node -r ts-node/register src/shared/services/encryption/generate-encryption-key.ts",
+        "sonar": "npm run test:cov && sonar-scanner"
     },
     "lint-staged": {
         "*.ts": [
@@ -55,8 +56,8 @@
         "@nestjs/mongoose": "^11.0.3",
         "@nestjs/passport": "^11.0.5",
         "@nestjs/platform-express": "^11.0.1",
-        "@nestjs/schedule": "^6.0.1",
         "@nestjs/platform-socket.io": "^11.1.9",
+        "@nestjs/schedule": "^6.0.1",
         "@nestjs/swagger": "^11.2.0",
         "@nestjs/typeorm": "^11.0.0",
         "@nestjs/websockets": "^11.1.9",
@@ -70,7 +71,7 @@
         "class-transformer": "^0.5.1",
         "class-validator": "^0.14.2",
         "cookie-parser": "^1.4.7",
-        "firebase-admin": "^13.6.0",
+        "expo-server-sdk": "^4.0.0",
         "fluent-ffmpeg": "^2.1.3",
         "google-auth-library": "^10.4.1",
         "groq-sdk": "^0.37.0",
@@ -95,6 +96,7 @@
         "socket.io": "^4.8.1",
         "swagger-ui-express": "^5.0.1",
         "tunnel-ssh": "^5.2.0",
+        "twitter-text": "^3.1.0",
         "typeorm": "^0.3.26",
         "xlsx": "^0.18.5"
     },
@@ -115,6 +117,7 @@
         "@types/passport-github2": "^1.2.9",
         "@types/supertest": "^6.0.2",
         "@types/tunnel-ssh": "^5.0.4",
+        "@types/twitter-text": "^3.1.10",
         "eslint": "^9.18.0",
         "eslint-config-prettier": "^10.0.1",
         "eslint-plugin-prettier": "^5.2.2",
@@ -123,6 +126,7 @@
         "jest": "^30.0.0",
         "lint-staged": "^16.2.4",
         "prettier": "^3.4.2",
+        "sonarqube-scanner": "^4.3.2",
         "source-map-support": "^0.5.21",
         "supertest": "^7.0.0",
         "ts-jest": "^29.2.5",
@@ -164,6 +168,10 @@
             "!**/enums/**",
             "!**/migrations/**",
             "!**/seeds/**",
+            "!**/*.module.ts",
+            "!**/*.config.ts",
+            "!**/config/**",
+            "!**/constants/**",
             "!main.ts",
             "!**/*.spec.ts",
             "!**/*-key.ts",
@@ -175,4 +183,4 @@
             "^src/(.*)$": "<rootDir>/$1"
         }
     }
-}
+}

simple-socket-test.html

@@ -489,6 +489,7 @@ <h2>Event Logs</h2>
         const message = {
           content: content,
           message_type: messageType,
+          image_url: "https://yapperdev.blob.core.windows.net/profile-images/test-team-1765575149782-standard.jpg",
         };
 
         if (messageType === "reply" && replyToId) {

sonar-project.properties

@@ -0,0 +1,27 @@
+# SonarQube Configuration
+sonar.projectKey=x-backend-replica
+sonar.projectName=X Backend Replica
+sonar.projectVersion=1.0
+
+# Source code location
+sonar.sources=src
+sonar.tests=src
+sonar.test.inclusions=**/*.spec.ts
+
+# Exclude files from analysis
+sonar.exclusions=**/node_modules/**,**/dist/**,**/coverage/**,**/*.spec.ts,**/migrations/**,**/seeds/**,**/databases/**,**/*.swagger.ts
+
+# Exclude infrastructure code from coverage (DTOs, Entities, Modules, Configs)
+sonar.coverage.exclusions=**/*.dto.ts,**/*.entity.ts,**/*.module.ts,**/config/**,**/migrations/**,**/seeds/**,**/databases/**,**/*.config.ts,**/constants/**,**/*.interface.ts,**/*.enum.ts
+
+# TypeScript specific settings
+sonar.typescript.lcov.reportPaths=coverage/lcov.info
+
+# Encoding
+sonar.sourceEncoding=UTF-8
+
+# SonarQube server URL (default local)
+sonar.host.url=http://localhost:9000
+
+# Authentication (you'll need to generate a token after SonarQube starts)
+sonar.login=squ_3ee91cb3e490cdd73f98c3640cd764b17b18b912

src/app.module.ts

@@ -27,7 +27,7 @@ import { Tweet } from './tweets/entities/tweet.entity';
 import { UserFollows } from './user/entities/user-follows.entity';
 import { TweetLike } from './tweets/entities/tweet-like.entity';
 import { TweetReply } from './tweets/entities/tweet-reply.entity';
-import { FcmModule } from './fcm/fcm.module';
+import { FcmModule } from './expo/expo.module';
 import { TrendModule } from './trend/trend.module';
 import { ScheduleModule } from '@nestjs/schedule';
 

src/app.service.ts

@@ -189,7 +189,6 @@ export class AppService {
         let replies_count = 0;
         for (const reply_data of TestDataConstants.TEST_REPLIES) {
             const replier = created_users[reply_data.replier_index];
-            const original_user = created_users[reply_data.original_user_index];
             const original_tweet =
                 all_tweets[reply_data.original_user_index][reply_data.original_tweet_index];
 

src/auth/auth.controller.ts

@@ -406,7 +406,8 @@ export class AuthController {
     @ApiResponse(google_oauth_swagger.responses.success)
     @ApiResponse(google_oauth_swagger.responses.InternalServerError)
     @Get('google')
-    googleLogin() {}
+    // eslint-disable-next-line @typescript-eslint/no-empty-function
+    googleLogin() {} // Intentionally empty - GoogleAuthGuard handles the OAuth redirect
 
     @ApiOperation(google_mobile_swagger.operation)
     @ApiBody({ type: MobileGoogleAuthDto })
@@ -505,7 +506,8 @@ export class AuthController {
     @ApiResponse(facebook_oauth_swagger.responses.success)
     @ApiResponse(facebook_oauth_swagger.responses.InternalServerError)
     @Get('facebook')
-    facebookLogin() {}
+    // eslint-disable-next-line @typescript-eslint/no-empty-function
+    facebookLogin() {} // Intentionally empty - FacebookAuthGuard handles the OAuth redirect
 
     @UseGuards(FacebookAuthGuard)
     @ApiOperation(facebook_callback_swagger.operation)
@@ -561,7 +563,8 @@ export class AuthController {
     @ApiResponse(github_oauth_swagger.responses.success)
     @ApiResponse(github_oauth_swagger.responses.InternalServerError)
     @Get('github')
-    async githubLogin() {}
+    // eslint-disable-next-line @typescript-eslint/no-empty-function
+    async githubLogin() {} // Intentionally empty - GitHubAuthGuard handles the OAuth redirect
 
     @ApiOperation(github_mobile_swagger.operation)
     @ApiBody({ type: MobileGitHubAuthDto })

src/auth/auth.service.ts

@@ -137,11 +137,11 @@ export class AuthService {
         const { name, birth_date, email, captcha_token } = dto;
 
         // Verify CAPTCHA first
-        // try {
-        //     await this.captcha_service.validateCaptcha(captcha_token);
-        // } catch (error) {
-        //     throw new BadRequestException(ERROR_MESSAGES.CAPTCHA_VERIFICATION_FAILED);
-        // }
+        try {
+            await this.captcha_service.validateCaptcha(captcha_token);
+        } catch (error) {
+            throw new BadRequestException(ERROR_MESSAGES.CAPTCHA_VERIFICATION_FAILED);
+        }
 
         const existing_user = await this.user_repository.findByEmail(email);
         if (existing_user) {
@@ -343,7 +343,7 @@ export class AuthService {
     }
 
     async sendResetPasswordEmail(identifier: string) {
-        const { identifier_type, user_id } = await this.checkIdentifier(identifier);
+        const { user_id } = await this.checkIdentifier(identifier);
         const user = await this.user_repository.findById(user_id);
         if (!user) {
             throw new NotFoundException(ERROR_MESSAGES.USER_NOT_FOUND);
@@ -371,7 +371,7 @@ export class AuthService {
     }
 
     async verifyResetPasswordOtp(identifier: string, token: string) {
-        const { identifier_type, user_id } = await this.checkIdentifier(identifier);
+        const { user_id } = await this.checkIdentifier(identifier);
         const is_valid = await this.verification_service.validateOtp(user_id, token, 'password');
 
         if (!is_valid) {
@@ -412,7 +412,7 @@ export class AuthService {
     }
 
     async resetPassword(identifier: string, new_password: string, token: string) {
-        const { identifier_type, user_id } = await this.checkIdentifier(identifier);
+        const { user_id } = await this.checkIdentifier(identifier);
         const token_data = await this.verification_service.validatePasswordResetToken(token);
 
         if (!token_data) {

src/auth/guards/jwt.guard.ts

@@ -1,10 +1,36 @@
 import { ExecutionContext, Injectable, UnauthorizedException } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
+import { RedisService } from 'src/redis/redis.service';
 
 @Injectable()
 export class JwtAuthGuard extends AuthGuard('jwt') {
-    override canActivate(context: ExecutionContext) {
-        return super.canActivate(context);
+    constructor(private readonly redis_service: RedisService) {
+        super();
+    }
+
+    override async canActivate(context: ExecutionContext) {
+        const can_activate = await super.canActivate(context);
+
+        if (!can_activate) {
+            return false;
+        }
+
+        const request = context.switchToHttp().getRequest();
+        const user = request.user;
+
+        let is_deleted = false;
+        if (user) {
+            try {
+                is_deleted = await this.redis_service.exists(`deleted_user:${user.id}`);
+            } catch (error) {
+                console.warn('Failed to check deleted user in Redis:', error.message);
+            }
+            if (is_deleted) {
+                throw new UnauthorizedException('User account has been deleted');
+            }
+        }
+
+        return true;
     }
 
     override handleRequest(err: any, user: any, info: any) {

src/auth/guards/ws-jwt.guard.ts

@@ -13,7 +13,7 @@ interface IAuthenticatedSocket extends Socket {
 
 @Injectable()
 export class WsJwtGuard implements CanActivate {
-    constructor(private jwt_service: JwtService) {}
+    constructor(private readonly jwt_service: JwtService) {}
 
     async canActivate(context: ExecutionContext): Promise<boolean> {
         try {

src/auth/strategies/facebook.strategy.ts

@@ -8,8 +8,8 @@ import { FacebookLoginDTO } from '../dto/facebook-login.dto';
 @Injectable()
 export class FacebookStrategy extends PassportStrategy(Strategy) {
     constructor(
-        private config_service: ConfigService,
-        private auth_service: AuthService
+        private readonly config_service: ConfigService,
+        private readonly auth_service: AuthService
     ) {
         super({
             clientID: config_service.get('FACEBOOK_CLIENT_ID') || '',

src/auth/strategies/github.strategy.ts

@@ -8,8 +8,8 @@ import { GitHubUserDto } from '../dto/github-user.dto';
 @Injectable()
 export class GitHubStrategy extends PassportStrategy(Strategy, 'github') {
     constructor(
-        private config_service: ConfigService,
-        private auth_service: AuthService
+        private readonly config_service: ConfigService,
+        private readonly auth_service: AuthService
     ) {
         super({
             clientID: config_service.get('GITHUB_CLIENT_ID') || '',

src/auth/strategies/google.strategy.ts

@@ -7,8 +7,8 @@ import { AuthService } from '../auth.service';
 @Injectable()
 export class GoogleStrategy extends PassportStrategy(Strategy) {
     constructor(
-        private config_service: ConfigService,
-        private auth_service: AuthService
+        private readonly config_service: ConfigService,
+        private readonly auth_service: AuthService
     ) {
         super({
             clientID: config_service.get('GOOGLE_CLIENT_ID') || '',

src/auth/username.service.ts

@@ -104,8 +104,8 @@ export class UsernameService {
 
     private cleanName(name: string): string {
         return name
-            .replace(/[^a-zA-Z0-9]/g, '') // Remove special characters
-            .replace(/\s+/g, ''); // Remove spaces
+            .replaceAll(/[^a-zA-Z0-9]/g, '') // Remove special characters
+            .replaceAll(/\s+/g, ''); // Remove spaces
     }
 
     private truncateToMaxLength(str: string): string {

src/azure-storage/azure-storage.service.ts

@@ -8,7 +8,7 @@ export class AzureStorageService implements OnModuleInit {
     private blob_service_client: BlobServiceClient;
     private profile_image_container_name: string;
 
-    constructor(private configService: ConfigService) {}
+    constructor(private readonly configService: ConfigService) {}
 
     onModuleInit() {
         const connection_string = this.configService.get<string>('AZURE_STORAGE_CONNECTION_STRING');

src/background-jobs/ai-summary/ai-summary.processor.spec.ts

@@ -130,7 +130,7 @@ describe('AiSummaryProcessor', () => {
             mock_tweet_summary_repository.save.mockRejectedValue(new Error('Save Error'));
 
             await expect(processor.handleGenerateSummary(mock_job)).rejects.toThrow();
-        });
+        }, 10000);
 
         it('should process job data correctly', async () => {
             const existing_summary = {

src/background-jobs/ai-summary/ai-summary.service.ts

@@ -1,9 +1,10 @@
-import { Injectable } from '@nestjs/common';
 import { InjectQueue } from '@nestjs/bull';
-import type { Queue } from 'bull';
 import { BackgroundJobsService } from '../background-jobs';
-import { JOB_DELAYS, JOB_NAMES, JOB_PRIORITIES, QUEUE_NAMES } from '../constants/queue.constants';
-import type { GenerateTweetSummaryDto } from './ai-summary.dto';
+import { QUEUE_NAMES } from '../constants/queue.constants';
+import { Injectable, Logger } from '@nestjs/common';
+import type { Queue } from 'bull';
+import { JOB_DELAYS, JOB_NAMES, JOB_PRIORITIES } from '../constants/queue.constants';
+import { GenerateTweetSummaryDto } from './ai-summary.dto';
 
 @Injectable()
 export class AiSummaryJobService extends BackgroundJobsService<GenerateTweetSummaryDto> {
@@ -19,12 +20,32 @@ export class AiSummaryJobService extends BackgroundJobsService<GenerateTweetSumm
         );
     }
 
+    protected getJobId(dto: GenerateTweetSummaryDto): string {
+        // Unique job per tweet
+        return `tweet-summary:${dto.tweet_id}`;
+    }
+
+    // Override queueJob to customize cleanup for fixed job_id
     async queueGenerateSummary(dto: GenerateTweetSummaryDto) {
-        return this.queueJob(
-            dto,
-            JOB_PRIORITIES.MEDIUM,
-            JOB_DELAYS.IMMEDIATE,
-            'Failed to queue AI summary generation:'
-        );
+        try {
+            const job_id = this.getJobId(dto);
+
+            const job = await this.queue.add(this.job_name, dto, {
+                jobId: job_id,
+                priority: JOB_PRIORITIES.MEDIUM,
+                delay: JOB_DELAYS.IMMEDIATE,
+                attempts: 3,
+                backoff: { type: 'exponential', delay: 2000 },
+
+                // Keep job while running to enforce single-job lock
+                removeOnComplete: false,
+                removeOnFail: true,
+            });
+
+            return { success: true, job_id: job.id };
+        } catch (error) {
+            this.logger.error('Failed to queue AI summary generation:', error);
+            return { success: false, error: error.message };
+        }
     }
 }