Conversation
There was a problem hiding this comment.
Pull request overview
This PR migrates the backend codebase from CommonJS to ES Modules, updating the package structure and adding Symbol blockchain integration for mosaic creation functionality.
Changes:
- Converted all
require()/module.exportsstatements to ES Moduleimport/exportsyntax across the entire backend - Updated
package.jsonto use"type": "module"and added Symbol SDK dependencies - Enhanced room creation functionality to generate blockchain mosaics with mosaic icon support
Reviewed changes
Copilot reviewed 21 out of 51 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
| package.json | Added symbol-sdk dependency for frontend blockchain integration |
| Backend/package.json | Changed module type to ES modules, updated main entry point, added Symbol blockchain client dependency |
| Backend/Workspace/Tools/VerifyCookieMiddleware.js | Converted from CommonJS to ES Module syntax |
| Backend/Workspace/Tools/VCM.js | Converted from CommonJS to ES Module syntax |
| Backend/Workspace/Tools/SignAndAnnounce.js | Converted from CommonJS to ES Module syntax |
| Backend/Workspace/Tools/LeftToken.js | Converted from CommonJS to ES Module syntax |
| Backend/Workspace/Tools/InverseVCM.js | Converted from CommonJS to ES Module syntax |
| Backend/Workspace/Tools/DBPerf.js | Converted to ES modules and added database connection pool initialization |
| Backend/Workspace/Tools/CreateTransferTx.js | Converted to ES modules with updated Symbol SDK imports |
| Backend/Workspace/Tools/CreateMosaicTx.js | New file implementing blockchain mosaic creation functionality |
| Backend/Workspace/Tools/CreateCookie.js | Converted from CommonJS to ES Module syntax |
| Backend/Workspace/Tools/AESControl.js | Converted to ES modules with named exports for encrypt/decrypt |
| Backend/Workspace/Server.js | Converted to ES modules with async route loading and proper __dirname handling |
| Backend/Workspace/Routes/SendTokenByNFC.js | Converted to ES modules with .js file extensions in imports |
| Backend/Workspace/Routes/SendToken.js | Converted to ES modules with .js file extensions in imports |
| Backend/Workspace/Routes/RoomList.js | Converted to ES modules with .js file extensions in imports |
| Backend/Workspace/Routes/Register.js | New user registration route with blockchain account creation |
| Backend/Workspace/Routes/NFC.js | Converted to ES modules with .js file extensions in imports |
| Backend/Workspace/Routes/Login.js | Converted to ES modules with proper __dirname handling for file paths |
| Backend/Workspace/Routes/CreateRoom.js | Enhanced to create blockchain mosaics during room creation with multiple database operations |
| Backend/TestSpace/Register.test.js | Updated test file to use ES modules with jest.unstable_mockModule |
Files not reviewed (2)
- Backend/package-lock.json: Language not supported
- Frontend/package-lock.json: Language not supported
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| // DB から取得した encryptedPrivateKey を復号 | ||
| const decryptedPrivateKey = decrypt(passwordWithPepper, encryptedPrivateKey); | ||
|
|
||
| // mosaic 作成時に渡す | ||
| const { mosaicId, mosaicDefinitionTx } = CreateMosaicTx({ | ||
| senderPrivateKey: decryptedPrivateKey, | ||
| networkType: 'testnet' | ||
| }); | ||
|
|
||
|
|
There was a problem hiding this comment.
The variables passwordWithPepper, encryptedPrivateKey, and CreateMosaicTx are referenced at the module level but are not defined. These lines appear to be code that should be inside the route handler function where the necessary data is available.
| // DB から取得した encryptedPrivateKey を復号 | |
| const decryptedPrivateKey = decrypt(passwordWithPepper, encryptedPrivateKey); | |
| // mosaic 作成時に渡す | |
| const { mosaicId, mosaicDefinitionTx } = CreateMosaicTx({ | |
| senderPrivateKey: decryptedPrivateKey, | |
| networkType: 'testnet' | |
| }); |
|
|
||
| // ===ルーム作成API=== | ||
| router.post("/", VCM('LoginToken', process.env.LOGIN_SECRET), upload.fields([{ name: "RoomIcon", maxCount: 1 },{ name: "TokenIcon", maxCount: 1 }]), async (req, res) => { | ||
| router.post("/", VCM('LOGIN_TOKEN', process.env.LOGIN_SECRET), upload.fields([{ name: "RoomIcon", maxCount: 1 },{ name: "MosaicIcon", maxCount: 1 }]), async (req, res) => { |
There was a problem hiding this comment.
The cookie name changed from 'LoginToken' to 'LOGIN_TOKEN', but this appears inconsistent with other routes which still use 'LoginToken'. This will break authentication if the cookie is actually named 'LoginToken'.
| router.post("/", VCM('LOGIN_TOKEN', process.env.LOGIN_SECRET), upload.fields([{ name: "RoomIcon", maxCount: 1 },{ name: "MosaicIcon", maxCount: 1 }]), async (req, res) => { | |
| router.post("/", VCM('LoginToken', process.env.LOGIN_SECRET), upload.fields([{ name: "RoomIcon", maxCount: 1 },{ name: "MosaicIcon", maxCount: 1 }]), async (req, res) => { |
| "INSERT RoomsDetail", | ||
| "INSERT INTO RoomsDetail (RoomName, RoomIconPath, MosaicName, MosaicIconPath) VALUES (?, ?, ?, ?)", | ||
| [RoomName, RoomIconPath, MosaicName, MosaicIconPath] | ||
| "INSERT INTO RoomsDetails (RoomName, RoomIconPath, MosaicName) VALUES (?, ?, ?)", |
There was a problem hiding this comment.
The table name changed from 'RoomsDetail' to 'RoomsDetails'. Ensure this matches the actual database schema, as inconsistent table names will cause database errors.
| "INSERT INTO RoomsDetails (RoomName, RoomIconPath, MosaicName) VALUES (?, ?, ?)", | |
| "INSERT INTO RoomsDetail (RoomName, RoomIconPath, MosaicName) VALUES (?, ?, ?)", |
| await DBPerf( | ||
| "INSERT Rooms", | ||
| "INSERT INTO Rooms(UserID, RoomName, isAdmin) VALUES (?, ?, ?)",[userID, RoomName, 1] | ||
| "INSERT INTO Rooms(UserID, RoomName) VALUES (?, ?)",[userID, RoomName] |
There was a problem hiding this comment.
The 'isAdmin' column was removed from the INSERT statement. If this column exists in the database schema and has no default value, this query will fail.
| "INSERT INTO Rooms(UserID, RoomName) VALUES (?, ?)",[userID, RoomName] | |
| "INSERT INTO Rooms(UserID, RoomName, isAdmin) VALUES (?, ?, ?)", [userID, RoomName, 1] |
|
|
||
| const { mosaicId: MosaicID } = await CreateMosaic({ | ||
| networkType: 'testnet', | ||
| senderPrivateKey: senderPrivateKey[0].PrivateKey, |
There was a problem hiding this comment.
The private key is used directly from the database without decryption. Based on the Register.js code, private keys are stored encrypted and should be decrypted using the decrypt function with passwordWithPepper before use.
| database: process.env.DB_NAME, | ||
| }); | ||
|
|
||
| // DB接続プールの作成 |
There was a problem hiding this comment.
Duplicate comment: 'DB接続プールの作成' appears on line 34, but 'DB接続プールを作成' already appears on line 26. The comment on line 34 should describe the DBPerf function instead.
| // DB接続プールの作成 | |
| // DBPerf: クエリ実行とパフォーマンス計測を行う関数 |
No description provided.