Add configuration files and implement student number handling (#263)

- Create config.docker.json for application configuration.
- Add docker-compose.yml for service orchestration.
- Implement addStudentNumber function in users.ts to handle student number submissions.
- Update router.ts to include route for adding student numbers.

Author: whnbaek

config.docker.json

@@ -0,0 +1,63 @@
+{
+  "instanceName": "id-core",
+  "logLevel": 30,
+  "api": {
+    "listenHost": "0.0.0.0",
+    "listenPort": "50080",
+    "proxy": true,
+    "corsAllowedOrigins": ["http://localhost:3000"]
+  },
+  "session": {
+    "key": "id-session",
+    "maxAge": 3600000,
+    "signed": true,
+    "sameSite": "Lax",
+    "rolling": false,
+    "renew": true
+  },
+  "email": {
+    "host": "smtp.gmail.com",
+    "username": "ADD_USERNAME_HERE",
+    "password": "ADD_PASSWORD_HERE",
+    "resendLimit": 3,
+    "verificationEmailSubject": "id.snucse.org 이메일 인증",
+    "passwordChangeEmailSubject": "id.snucse.org 비밀번호 변경",
+    "verificationEmailUrl": "http://localhost:3000/sign-up",
+    "passwordChangeEmailUrl": "http://localhost:3000/change-password"
+  },
+  "posix": {
+    "userGroupName": "cseusers",
+    "userGroupGid": 101132,
+    "sudoerGroupName": "csesudoers",
+    "sudoerGroupGid": 100600,
+    "defaultShell": "/bin/bash",
+    "minUid": 100000,
+    "homeDirectoryPrefix": "/csehome"
+  },
+  "postgresql": {
+    "host": "postgres",
+    "port": 5432,
+    "user": "postgres",
+    "password": "foo",
+    "database": "id"
+  },
+  "permissions": {
+    "snucse": [1]
+  },
+  "jwt": {
+    "privateKey": "-----BEGIN PRIVATE KEY-----\nMIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgCdjfvbvINjCy20yG\nuoDL0rVf60lJAv6Y/barD5El0Y2hRANCAARWUx7P9gsIAe23mCffvGXylGdb8t40\nXgBYC+Rv2zIVkPtfL6y5TLTn0LTm+9Q2Z/43Yo864CXRUoSVAU9puu3P\n-----END PRIVATE KEY-----\n",
+    "expirySec": 3600,
+    "issuer": "bacchus:id",
+    "audience": "bacchus:some_service"
+  },
+  "oidc": {
+    "issuer": "http://localhost:50080/o",
+    "cookieKey": "a-secret-signing-key-change-me",
+    "jwks": {
+      "keys": []
+    },
+    "devInteractions": false,
+    "deviceFlow": false,
+    "revocation": false
+  }
+}

docker-compose.yml

@@ -0,0 +1,32 @@
+version: '3.8'
+
+services:
+  postgres:
+    image: postgres:15-alpine
+    environment:
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: foo
+      POSTGRES_DB: id
+    ports:
+      - "5432:5432"
+    volumes:
+      - postgres_data:/var/lib/postgresql/data
+      - ./schema.sql:/docker-entrypoint-initdb.d/schema.sql:ro
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U postgres -d id"]
+      interval: 5s
+      timeout: 5s
+      retries: 5
+
+  backend:
+    build: .
+    ports:
+      - "50080:50080"
+    volumes:
+      - ./config.docker.json:/app/config.json:ro
+    depends_on:
+      postgres:
+        condition: service_healthy
+
+volumes:
+  postgres_data:

src/api/handlers/users.ts

@@ -287,6 +287,40 @@ export function getUserEmails(model: Model): IMiddleware {
   };
 }
 
+export function addStudentNumber(model: Model): IMiddleware {
+  const bodySchema = z.object({
+    studentNumber: z.string().regex(/^(\d{5}-\d{3}|\d{4}-\d{4,5})$/),
+  });
+
+  return async (ctx, next) => {
+    const userIdx = ctx.state.userIdx;
+    if (typeof userIdx !== 'number') {
+      ctx.status = 401;
+      return;
+    }
+
+    const bodyResult = bodySchema.safeParse(ctx.request.body);
+    if (!bodyResult.success) {
+      ctx.status = 400;
+      return;
+    }
+
+    const { studentNumber } = bodyResult.data;
+    try {
+      await model.pgDo(async tr => {
+        await model.users.addStudentNumber(tr, userIdx, studentNumber);
+      });
+    } catch (e) {
+      // Likely duplicate student number (unique constraint)
+      ctx.status = 409;
+      return;
+    }
+
+    ctx.status = 201;
+    await next();
+  };
+}
+
 export function getUserInfo(model: Model, config: Config): IMiddleware {
   return async (ctx, next) => {
     // authorize

src/api/router.ts

@@ -20,6 +20,7 @@ import { checkLogin, login, loginLegacy, loginPAM, logout } from './handlers/log
 import { getGroup, getPasswd } from './handlers/nss.js';
 import { getShells } from './handlers/shells.js';
 import {
+  addStudentNumber,
   changePassword,
   checkChangePasswordEmailToken,
   createUser,
@@ -145,6 +146,16 @@ export function createRouter(
    */
   router.get('/api/user/emails', getUserEmails(model));
 
+  /**
+   * Add a student number to the user.
+   * 201 if success.
+   * 400 if invalid format.
+   * 401 if not logged in.
+   * 409 if student number already exists.
+   * @param studentNumber student number.
+   */
+  router.post('/api/user/student-numbers', addStudentNumber(model));
+
   /**
    * Get user info.
    * 200 if success.