Merge pull request #639 from SELab-2/development

Deployment

Author: thomasdejaeghere

backend/api/openapi.yml

@@ -2555,6 +2555,7 @@ components:
       required:
         - email
         - password
+        - userType
       additionalProperties: false
       properties:
         email:
@@ -2564,6 +2565,11 @@ components:
         password:
           type: string
           description: User's password.
+        userType:
+          type: string
+          enum: [student, teacher]
+          default: student
+          description: User's type in the system.
 
     RegisterResponse:
       type: object

backend/extra/seedDatabase.ts

@@ -80,7 +80,7 @@ export async function seedDatabase(): Promise<void> {
       const teacherInput: Teacher = new Teacher(
         email,
         firstName,
-        lastName,
+        'T. '+lastName,
         passwordHash,
         schoolName,
       )
@@ -113,7 +113,7 @@ export async function seedDatabase(): Promise<void> {
       const studentInput: Student = new Student(
         email,
         firstName,
-        lastName,
+        'S. '+lastName,
         passwordHash,
         schoolName,
       )
@@ -231,12 +231,11 @@ export async function seedDatabase(): Promise<void> {
     const visibilityOptions = [
       VisibilityType.PRIVATE,
       VisibilityType.GROUP,
-      VisibilityType.PUBLIC
     ];
 
     for (const { id: assignmentId, classId } of assignments) {
-      const students = await userRep.getByClassId(classId);
-      const teachers = await userRep.getByClassId(classId);
+      const students = await userRep.getStudentsByClassId(classId);
+      const teachers = await userRep.getTeachersByClassId(classId);
       const teacherIds = teachers.map(t => t.id);
 
       // Select 5–6 students for threads
@@ -258,7 +257,6 @@ export async function seedDatabase(): Promise<void> {
 
           const visibility = faker.helpers.arrayElement(visibilityOptions);
 
-
           const thread = new QuestionThread(
             student.id!,
             assignmentId,
@@ -288,27 +286,6 @@ export async function seedDatabase(): Promise<void> {
           await messageRep.create(teacherMessage);
         }
       }
-
-      // Bonus: Add 2 public/global threads for this assignment
-      for (let k = 0; k < 2; k++) {
-        const globalThread = new QuestionThread(
-          faker.helpers.arrayElement(students).id!,
-          assignmentId,
-          `step-${faker.number.int({ min: 1, max: 5 })}`,
-          false,
-          VisibilityType.PUBLIC,
-          []
-        );
-        const savedThread = await threadRep.create(globalThread) as { id: string };
-
-        const msg = new Message(
-          faker.helpers.arrayElement(teacherIds)!,
-          new Date(),
-          savedThread.id!,
-          faker.lorem.sentence()
-        );
-        await messageRep.create(msg);
-      }
     }
   } catch (err) {
     console.error('Error during DB seeding:', err);

backend/src/application/auth.ts

@@ -1,7 +1,7 @@
 import bcrypt from "bcryptjs";
 import jwt from "jsonwebtoken";
 import { AuthenticationTokenPayload, TokenResponse } from "./types";
-import { User } from "../core/entities/user";
+import { User, UserType } from "../core/entities/user";
 import { GetUser, GetUserInput } from "../core/services/user";
 
 // TODO - Consider allowing only one active token per user (probably not)
@@ -33,7 +33,12 @@ export class AuthenticationManager {
         this.refreshExpiresIn = refreshExpiresIn;
     }
 
-    async authenticate(email: string, password: string, refreshToken?: string): Promise<TokenResponse | null> {
+    async authenticate(
+        email: string,
+        password: string,
+        userType?: UserType,
+        refreshToken?: string,
+    ): Promise<TokenResponse | null> {
         if (refreshToken) {
             const refreshResult = this.refreshAccessToken(refreshToken);
             if (refreshResult) {
@@ -43,14 +48,13 @@ export class AuthenticationManager {
         const input: GetUserInput = { email: email };
         let user = undefined;
         try {
-            user = (await this.getUserService.execute(input)) as User;
+            user = (await this.getUserService.execute("", input)) as User;
         } catch (e) {
             return null;
         }
-        if (user && (await bcrypt.compare(password, user.passwordHash))) {
+        if (user && userType && user.userType === userType && (await bcrypt.compare(password, user.passwordHash))) {
             return this.generateTokens(user.id!);
         }
-        console.log("not supposed to be here");
         return null;
     }
 

backend/src/application/controller.ts

@@ -1,5 +1,5 @@
 import { createErrorHandler, defaultResponder, ResponderFunction } from "./helpersExpress";
-import { ApiError, Request, Response, ErrorCode } from "./types";
+import { ApiError, Request, Response, ErrorCode, AuthenticatedRequestBody } from "./types";
 import { logger } from "../config/logger";
 import { Service, Services } from "../config/service";
 
@@ -60,6 +60,7 @@ export abstract class Controller {
         data: T,
         statusCode: number,
         operationName: string,
+        userId: string,
     ): Promise<Response> {
         if (!service) {
             this.logger.warn(`${operationName} operation not implemented`);
@@ -69,7 +70,7 @@ export abstract class Controller {
             });
         }
         this.logger.info(`Executing service: ${operationName}`, { statusCode });
-        const body = await service.execute(data);
+        const body = await service.execute(userId, data);
         return this.respond(statusCode, body);
     }
 
@@ -80,7 +81,13 @@ export abstract class Controller {
      * @returns Response with status 200 and entity data
      */
     public async getOne<T>(req: Request, data: T): Promise<Response> {
-        return this._executeService(this.services.get, data, 200, "Get");
+        return this._executeService(
+            this.services.get,
+            data,
+            200,
+            "Get",
+            (req.body as AuthenticatedRequestBody).authenticatedUserId,
+        );
     }
 
     /**
@@ -90,7 +97,13 @@ export abstract class Controller {
      * @returns Response with status 200 and list of entities
      */
     public async getAll<T>(req: Request, data: T): Promise<Response> {
-        return this._executeService(this.services.getAll, data, 200, "GetAll");
+        return this._executeService(
+            this.services.getAll,
+            data,
+            200,
+            "GetAll",
+            (req.body as AuthenticatedRequestBody).authenticatedUserId,
+        );
     }
 
     /**
@@ -101,7 +114,13 @@ export abstract class Controller {
      * @returns Response with status 200 and list of child entities
      */
     public async getChildren<T>(req: Request, data: T, service: Service<T>): Promise<Response> {
-        return this._executeService(service, data, 200, "GetChildren");
+        return this._executeService(
+            service,
+            data,
+            200,
+            "GetChildren",
+            (req.body as AuthenticatedRequestBody).authenticatedUserId,
+        );
     }
 
     /**
@@ -112,7 +131,13 @@ export abstract class Controller {
      * @returns Response with status 201 and created child entity data
      */
     public async addChild<T>(req: Request, data: T, service: Service<T>): Promise<Response> {
-        return this._executeService(service, data, 201, "AddChild");
+        return this._executeService(
+            service,
+            data,
+            201,
+            "AddChild",
+            (req.body as AuthenticatedRequestBody).authenticatedUserId,
+        );
     }
 
     /**
@@ -123,7 +148,13 @@ export abstract class Controller {
      * @returns Response with status 204 (No Content)
      */
     public async removeChild<T>(req: Request, data: T, service: Service<T>): Promise<Response> {
-        return this._executeService(service, data, 204, "RemoveChild");
+        return this._executeService(
+            service,
+            data,
+            204,
+            "RemoveChild",
+            (req.body as AuthenticatedRequestBody).authenticatedUserId,
+        );
     }
 
     /**
@@ -133,7 +164,13 @@ export abstract class Controller {
      * @returns Response with status 200 and updated entity data
      */
     public async update<T>(req: Request, data: T): Promise<Response> {
-        return this._executeService(this.services.update, data, 204, "Update");
+        return this._executeService(
+            this.services.update,
+            data,
+            204,
+            "Update",
+            (req.body as AuthenticatedRequestBody).authenticatedUserId,
+        );
     }
 
     /**
@@ -143,7 +180,13 @@ export abstract class Controller {
      * @returns Response with status 204 (No Content)
      */
     public async delete<T>(req: Request, data: T): Promise<Response> {
-        return this._executeService(this.services.remove, data, 204, "Delete");
+        return this._executeService(
+            this.services.remove,
+            data,
+            204,
+            "Delete",
+            (req.body as AuthenticatedRequestBody).authenticatedUserId,
+        );
     }
 
     /**
@@ -153,6 +196,12 @@ export abstract class Controller {
      * @returns Response with status 201 and created entity data
      */
     public async create<T>(req: Request, data: T): Promise<Response> {
-        return this._executeService(this.services.create, data, 201, "Create");
+        return this._executeService(
+            this.services.create,
+            data,
+            201,
+            "Create",
+            (req.body as AuthenticatedRequestBody).authenticatedUserId,
+        );
     }
 }

backend/src/application/middleware/loginMiddleware.ts

@@ -1,4 +1,5 @@
 import { Request as ExpressRequest, Response as ExpressResponse } from "express";
+import { UserType } from "../../core/entities/user";
 import { AuthenticationManager } from "../auth";
 import { defaultErrorHandler, defaultResponder, responseToExpress } from "../helpersExpress";
 import { ErrorCode } from "../types";
@@ -21,18 +22,23 @@ export function loginMiddleware(
             return;
         }
 
-        const { email, password, refreshToken } = req.body || {};
-        if (!((email && password) || (!email && !password && refreshToken))) {
+        const { email, password, userType, refreshToken } = req.body || {};
+        if (!((email && password && userType) || (!email && !password && !userType && refreshToken))) {
             const response = defaultErrorHandler({
                 code: ErrorCode.BAD_REQUEST,
-                message: "Email and password or refresh token are required",
+                message: "Email, password and userType or refresh token are required",
             });
             responseToExpress(response, res);
             return;
         }
 
         try {
-            const tokens = await authManager.authenticate(email || "", password || "", refreshToken);
+            const tokens = await authManager.authenticate(
+                email || "",
+                password || "",
+                userType as UserType,
+                refreshToken,
+            );
             if (!tokens) {
                 const response = defaultErrorHandler({
                     code: ErrorCode.UNAUTHORIZED,

backend/src/application/resources/taskResource.ts

@@ -79,6 +79,7 @@ export function taskRoutes(
                 controller,
                 extractor: extractors.getTask,
                 handler: (req, data) => controller.getOne(req, data),
+                middleware,
             },
             {
                 app,
@@ -87,6 +88,7 @@ export function taskRoutes(
                 controller,
                 extractor: extractors.getTask,
                 handler: (req, data) => controller.delete(req, data),
+                middleware,
             },
             {
                 app,

backend/src/application/types.ts

@@ -84,6 +84,11 @@ export interface TokenResponse {
     refreshToken: string;
 }
 
+export interface AuthenticatedRequestBody {
+    authenticatedUserId: string;
+    [key: string]: string;
+}
+
 /* ************* Path/Routing Types ************* */
 
 /**

backend/src/config/service.ts

@@ -1,6 +1,6 @@
 //TODO if application layer always asks for an object in return to we need to specify ReturnType?
 export interface Service<T> {
-    execute: (input: T) => Promise<object>;
+    execute: (userId: string, input: T) => Promise<object>;
 }
 
 //TODO can we abstract the params type in services to for a Params as abstracted class or interface?