epicweb-dev
diff --git a/‎exercises/99.final/01.solution/src/db/index.ts‎
Lines changed: 275 additions & 56 deletions b/‎exercises/99.final/01.solution/src/db/index.ts‎
Lines changed: 275 additions & 56 deletions
diff --git a/‎exercises/99.final/01.solution/src/db/migrations.ts‎
Lines changed: 34 additions & 0 deletions b/‎exercises/99.final/01.solution/src/db/migrations.ts‎
Lines changed: 34 additions & 0 deletions
diff --git a/‎exercises/99.final/01.solution/src/db/schema.ts‎
Lines changed: 15 additions & 5 deletions b/‎exercises/99.final/01.solution/src/db/schema.ts‎
Lines changed: 15 additions & 5 deletions
diff --git a/‎exercises/99.final/01.solution/src/index.ts‎
Lines changed: 78 additions & 4 deletions b/‎exercises/99.final/01.solution/src/index.ts‎
Lines changed: 78 additions & 4 deletions
@@ -9,6 +9,8 @@ const migrations = [
 		name: 'initial_schema',
 		up: async (db: D1Database) => {
 			console.log('Starting initial schema migration...')
+
+			// TODO: maybe cascade deletes?
 			try {
 				await db.batch([
 					db.prepare(sql`
@@ -18,9 +20,39 @@ const migrations = [
 							applied_at INTEGER DEFAULT (CURRENT_TIMESTAMP) NOT NULL
 						);
 					`),
+					db.prepare(sql`
+						CREATE TABLE IF NOT EXISTS users (
+							id integer PRIMARY KEY AUTOINCREMENT NOT NULL,
+							email text NOT NULL UNIQUE,
+							created_at integer DEFAULT (CURRENT_TIMESTAMP) NOT NULL,
+							updated_at integer DEFAULT (CURRENT_TIMESTAMP) NOT NULL
+						);
+					`),
+					// OAuth Access tokens. If user_id is null then it's not yet been claimed
+					db.prepare(sql`
+						CREATE TABLE IF NOT EXISTS access_tokens (
+							id integer PRIMARY KEY AUTOINCREMENT NOT NULL,
+							token_value text NOT NULL UNIQUE,
+							user_id integer,
+							created_at integer DEFAULT (CURRENT_TIMESTAMP) NOT NULL,
+							updated_at integer DEFAULT (CURRENT_TIMESTAMP) NOT NULL
+						);
+					`),
+					// A OTP emailed to the user to allow them to claim an access_token
+					db.prepare(sql`
+						CREATE TABLE IF NOT EXISTS validation_tokens (
+							id integer PRIMARY KEY AUTOINCREMENT NOT NULL,
+							token_value text NOT NULL,
+							email text NOT NULL,
+							access_token_id integer NOT NULL,
+							created_at integer DEFAULT (CURRENT_TIMESTAMP) NOT NULL,
+							updated_at integer DEFAULT (CURRENT_TIMESTAMP) NOT NULL
+						);
+					`),
 					db.prepare(sql`
 						CREATE TABLE IF NOT EXISTS entries (
 							id integer PRIMARY KEY AUTOINCREMENT NOT NULL,
+							user_id integer NOT NULL,
 							title text NOT NULL,
 							content text NOT NULL,
 							mood text,
@@ -35,6 +67,7 @@ const migrations = [
 					db.prepare(sql`
 						CREATE TABLE IF NOT EXISTS tags (
 							id integer PRIMARY KEY AUTOINCREMENT NOT NULL,
+							user_id integer NOT NULL,
 							name text NOT NULL UNIQUE,
 							description text,
 							created_at integer DEFAULT (CURRENT_TIMESTAMP) NOT NULL,
@@ -44,6 +77,7 @@ const migrations = [
 					db.prepare(sql`
 						CREATE TABLE IF NOT EXISTS entry_tags (
 							id integer PRIMARY KEY AUTOINCREMENT NOT NULL,
+							user_id integer NOT NULL,
 							entry_id integer NOT NULL,
 							tag_id integer NOT NULL,
 							created_at integer DEFAULT (CURRENT_TIMESTAMP) NOT NULL,
 
@@ -11,9 +11,17 @@ const timestampSchema = z.preprocess((val) => {
 	return val
 }, z.number())
 
+export const userSchema = z.object({
+	id: z.coerce.number(),
+	email: z.string(),
+	createdAt: timestampSchema,
+	updatedAt: timestampSchema,
+})
+
 // Schema Validation
 export const entrySchema = z.object({
 	id: z.coerce.number(),
+	userId: z.coerce.number(),
 	title: z.string(),
 	content: z.string(),
 	mood: z.string().nullable(),
@@ -28,15 +36,16 @@ export const entrySchema = z.object({
 export const newEntrySchema = z.object({
 	title: z.string(),
 	content: z.string(),
-	mood: z.string().nullable().default(null),
-	location: z.string().nullable().default(null),
-	weather: z.string().nullable().default(null),
-	isPrivate: z.number().default(1),
-	isFavorite: z.number().default(0),
+	mood: z.string().optional().nullable().default(null),
+	location: z.string().optional().nullable().default(null),
+	weather: z.string().optional().nullable().default(null),
+	isPrivate: z.number().optional().default(1),
+	isFavorite: z.number().optional().default(0),
 })
 
 export const tagSchema = z.object({
 	id: z.coerce.number(),
+	userId: z.coerce.number(),
 	name: z.string(),
 	description: z.string().nullable(),
 	createdAt: timestampSchema,
@@ -50,6 +59,7 @@ export const newTagSchema = z.object({
 
 export const entryTagSchema = z.object({
 	id: z.coerce.number(),
+	userId: z.coerce.number(),
 	entryId: z.coerce.number(),
 	tagId: z.coerce.number(),
 	createdAt: timestampSchema,
 
@@ -1,11 +1,16 @@
 /// <reference path="../types/worker-configuration.d.ts" />
 
+import { OAuthProvider } from '@cloudflare/workers-oauth-provider'
 import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js'
 import { McpAgent } from 'agents/mcp'
-import { DB, type Env } from './db'
+import { DB } from './db'
 import { initializeTools } from './tools.ts'
+import { type Env } from './types'
 
-export class EpicMeMCP extends McpAgent {
+type State = {}
+type Props = { accessToken: string }
+
+export class EpicMeMCP extends McpAgent<Env, State, Props> {
 	db!: DB
 	server = new McpServer(
 		{
@@ -32,10 +37,79 @@ You can also help users add tags to their entries and get all tags for an entry.
 	}
 
 	async init() {
-		initializeTools(this.server, this.db)
+		initializeTools(this)
 	}
 }
 
-export default EpicMeMCP.mount('/mcp', {
+const epicMeMcpMount = EpicMeMCP.mount('/mcp', {
 	binding: 'EPIC_ME_MCP_OBJECT',
 })
+
+// Default handler for non-MCP routes
+const defaultHandler = {
+	fetch: async (request: Request, env: Env) => {
+		const url = new URL(request.url)
+		if (url.pathname.endsWith('/authorize')) {
+			try {
+				const oauthReqInfo = await env.OAUTH_PROVIDER.parseAuthRequest(request)
+
+				const client = await env.OAUTH_PROVIDER.lookupClient(
+					oauthReqInfo.clientId,
+				)
+				if (!client) {
+					return new Response('Invalid client', { status: 400 })
+				}
+
+				const userId = 'EpicMeMCP'
+				// TODO: make this like crypto nice or whatever
+				const accessToken = Math.random().toString(16).slice(2)
+
+				const result = await env.OAUTH_PROVIDER.completeAuthorization({
+					request: oauthReqInfo,
+					userId,
+					props: { accessToken },
+					scope: ['full'],
+					metadata: {
+						grantDate: new Date().toISOString(),
+					},
+				})
+
+				// Redirect to the client with the authorization code
+				return new Response(null, {
+					status: 302,
+					headers: {
+						Location: result.redirectTo,
+					},
+				})
+			} catch (error) {
+				console.error('Authorization error:', error)
+				return new Response(
+					error instanceof Error ? error.message : 'Authorization failed',
+					{ status: 400 },
+				)
+			}
+		}
+
+		// Default response for non-authorization requests
+		return new Response('Not Found', { status: 404 })
+	},
+}
+
+// Create OAuth provider instance
+const oauthProvider = new OAuthProvider({
+	apiRoute: '/mcp',
+	// @ts-expect-error
+	apiHandler: epicMeMcpMount,
+	// @ts-expect-error
+	defaultHandler,
+	authorizeEndpoint: '/authorize',
+	tokenEndpoint: '/oauth/token',
+	clientRegistrationEndpoint: '/oauth/register',
+	scopesSupported: ['full'],
+})
+
+export default {
+	fetch: (request: Request, env: Env, ctx: ExecutionContext) => {
+		return oauthProvider.fetch(request, env, ctx)
+	},
+}