improved database updates for assignment creation

2025-05-07 11:43:16 -07:00 · 2025-05-07 11:43:16 -07:00 · e2d728265b
commit e2d728265b
parent fd993102a0
8 changed files with 211 additions and 92 deletions
--- a/auth-service/.env
+++ b/auth-service/.env
@ -2,10 +2,11 @@ GOOGLE_CLIENT_ID = "485880105639-1in8tvb6ondnn198rasuj2d8ank06ntp.apps.googleuse
 GOOGLE_CLIENT_SECRET = "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"
 GOOGLE_CALLBACK_URL = "https://byte-camp-auth-service.fly.dev/auth/google/callback"
 LOGIN_REDIRECT_URL = "https://bytecamp-web.fly.dev/"
-ACCEPTED_ORIGINS ="https://bytecamp-web.fly.dev,https://byte-camp-auth-service.fly.dev,http://localhost:5173"
+ACCEPTED_ORIGINS ="https://bytecamp-web.fly.dev,https://byte-camp-auth-service.fly.dev,https://bytecamp-web.fly.dev/"
 #DB_USER_SERVICE_URL = "http://localhost:3000/"
 DB_USER_SERVICE_URL = "http://db-user-service.internal:3000/"
 AUTH_SESSION_KEY = "f3f4d8e6b17a4b3abdc8e9a2c0457aaf91c0d5f6e3b7a9c8df624bd71ea35f42"
+AUTH_URL = "https://byte-camp-auth-service.fly"
 ASSIGNMENT_SERVICE_URL="http://assignment-service.internal:8080"

 # fly secrets set GOOGLE_CALLBACK_URL=https://byte-camp-auth-service.fly.dev/auth/google/callback
--- a/auth-service/.env.development
+++ b/auth-service/.env.development
@ -8,4 +8,5 @@ ACCEPTED_ORIGINS=http://localhost:3000,http://localhost:8081,http://localhost:30
 ASSIGNMENT_SERVICE_URL="http://localhost:8082"
 DB_USER_SERVICE_URL="http://localhost:3100/"
 AUTH_SESSION_KEY="f3f4d8e6b17a4b3abdc8e9a2c0457aaf91c0d5f6e3b7a9c8df624bd71ea35f42"
+AUTH_URL = "http://localhost:8080"
 PORT=8080
--- a/auth-service/passport.js
+++ b/auth-service/passport.js
@ -5,6 +5,8 @@ const passport = require("passport");
 const CustomStrategy = require("passport-custom").Strategy;
 const axios = require("axios");

+
+
 passport.use(
  new GoogleStrategy(
    {
@ -14,7 +16,11 @@ passport.use(
      scope: ["profile", "email"],
    },
    function (accessToken, refreshToken, profile, callback) {
-      callback(null, {...profile, role: "instructor"});
+      // console.log("Google Strategy invoked");
+      // console.log("Access Token:", accessToken);
+      // console.log("Refresh Token:", refreshToken);
+      // console.log("Profile:", profile);
+      callback(null, { ...profile, role: "instructor" });
    }
  )
 );
@ -57,19 +63,19 @@ passport.use(
 );

 passport.serializeUser((user, done) => {
-  // done(null, user);
  console.log("Serializing user:", user);
+  // done(null, user);
  done(null, {
    userId: user.qrcodenumber || user.id,
    displayName: user.studentname || user.displayName,
    role: user.role,
-    emails: user.emails || "none",
+    // emails: user.emails || "none",
  });
 });

-passport.deserializeUser(async (user, done) => {
+passport.deserializeUser((user, done) => {
+  console.log("Deserializing user:", user);
  try {
-    console.log("Deserializing user:", user);
    done(null, user);
  } catch (err) {
    console.error("Error during deserialization:", err);
--- a/auth-service/routes/auth.js
+++ b/auth-service/routes/auth.js
@ -2,12 +2,43 @@ const router = require("express").Router();
 const passport = require("passport");
 const axios = require("axios");

+const AUTH_URL = process.env.AUTH_URL || "http://localhost:8080";
+
 router.get(
  "/google/callback",
  passport.authenticate("google", {
-    successRedirect: "/auth/google/login",
    failureRedirect: "/auth/login/failed",
-  })
+    keepSessionInfo: true,
+  }),
+  async (req, res) => {
+    console.log("Google callback endpoint hit");
+    if (req.user) {
+      console.log(`${process.env.DB_USER_SERVICE_URL}instructor/register-user`);
+      axios
+        .post(`${process.env.DB_USER_SERVICE_URL}instructor/register-user`, {
+          user: req.user,
+        })
+        .then((response) => {
+          req.user.userId = response.data.user.userid;
+          console.log("User ID:", response.data.user.userid);
+          req.user.role = "instructor";
+          console.log("User registration response:", response.data);
+          req.login(req.user, (err) => {
+            if (err) {
+              console.error("Login error:", err);
+              return res.status(500).send("Login failed");
+            }
+            return res.redirect(process.env.LOGIN_REDIRECT_URL);
+          });
+        })
+        .catch((error) => {
+          console.error("Error registering user:", error.message);
+          res.status(500).json({ error: true, message: "User login failed" });
+        });
+    } else {
+      res.status(403).json({ error: true, message: "Not Authorized" });
+    }
+  }
 );

 router.get("/current_user", (req, res) => {
@ -22,28 +53,28 @@ router.get("/current_user", (req, res) => {
  }
 });

-router.get("/google/login", (req, res) => {
-  if (req.user) {
-    console.log(`${process.env.DB_USER_SERVICE_URL}instructor/register-user`);
-    axios
-      .post(`${process.env.DB_USER_SERVICE_URL}instructor/register-user`, {
-        user: req.user,
-      })
-      .then((response) => {
-        req.user.userId = response.data.user.userid;
-        console.log("User ID:", response.data.user.userid);
-        req.user.role = "instructor";
-        console.log("User registration response:", response.data);
-        res.redirect(process.env.LOGIN_REDIRECT_URL);
-      })
-      .catch((error) => {
-        console.error("Error registering user:", error.message);
-        res.status(500).json({ error: true, message: "User login failed" });
-      });
-  } else {
-    res.status(403).json({ error: true, message: "Not Authorized" });
-  }
-});
+// router.get("/google/login", (req, res) => {
+// if (req.user) {
+//   console.log(`${process.env.DB_USER_SERVICE_URL}instructor/register-user`);
+//   axios
+//     .post(`${process.env.DB_USER_SERVICE_URL}instructor/register-user`, {
+//       user: req.user,
+//     })
+//     .then((response) => {
+//       req.user.userId = response.data.user.userid;
+//       console.log("User ID:", response.data.user.userid);
+//       req.user.role = "instructor";
+//       console.log("User registration response:", response.data);
+//       res.redirect(process.env.LOGIN_REDIRECT_URL);
+//     })
+//     .catch((error) => {
+//       console.error("Error registering user:", error.message);
+//       res.status(500).json({ error: true, message: "User login failed" });
+//     });
+// } else {
+//   res.status(403).json({ error: true, message: "Not Authorized" });
+// }
+// });

 router.get("/login/failed", (req, res) => {
  res.status(401).json({
@ -56,7 +87,7 @@ router.get("/google", passport.authenticate("google", ["profile", "email"]));

 router.post(
  "/student/login",
-  passport.authenticate("student-auth"),
+  passport.authenticate("student-auth", { keepSessionInfo: true }),
  (req, res) => {
    console.log("Student login endpoint hit");

@ -68,18 +99,17 @@ router.post(
      req.user.userId = req.user.assignmentid;
      req.user.role = "student";

-      req.logIn(req.user, function(err) {
+      req.logIn(req.user, function (err) {
        if (err) return next(err);
-      
-        console.log('is authenticated?: ' + req.isAuthenticated());
-      
+
+        console.log("is authenticated?: " + req.isAuthenticated());
+
        return res.status(200).json({
          success: true,
-          message: 'Successful Login',
-          user: req.user
+          message: "Successful Login",
+          user: req.user,
        });
      });
-
    } else {
      console.log("Authentication failed");
      res.status(401).json({ error: true, message: "Authentication failed" });
@ -88,7 +118,6 @@ router.post(
 );

 router.get("/logout", (req, res) => {
-
  req.logout((err) => {
    if (err) {
      return next(err);
--- a/auth-service/server.js
+++ b/auth-service/server.js
@ -1,4 +1,4 @@
-require('dotenv').config();
+require("dotenv").config();

 const cors = require("cors");
 const express = require("express");
@ -9,35 +9,46 @@ const session = require("express-session");
 const bodyParser = require("body-parser");

 const app = express();
-app.use(bodyParser.json()); // or express.json()
+app.use(express.json());
 app.use(bodyParser.urlencoded({ extended: true }));

+// console.log("AUTH_URL:", process.env.AUTH_URL);
+const isProduction = process.env.NODE_ENV === "production";
 app.use(
-
-    session({
-        secret: process.env.AUTH_SESSION_KEY,
-        resave: false,
-        saveUninitialized: false,
-        cookie: {
-            maxAge: 24 * 60 * 60 * 1000, // 1 day
-        },
-    })
+  session({
+    secret: process.env.AUTH_SESSION_KEY,
+    resave: false,
+    saveUninitialized: false,
+    cookie: {
+      maxAge: 24 * 60 * 60 * 1000, // 1 day
+      //keep production security settings below disable for the mean-time because we need to integrate redis session for cross-origin to work properly
+      //sameSite: isProduction ? "none" : "lax", // or 'none' if using cross-origin
+      //secure: isProduction, // only true in production over HTTPS
+    },
+  })
 );

 app.use(passport.initialize());
 app.use(passport.session());

-app.use(
-    cors({
-        origin: process.env.ACCEPTED_ORIGINS.split(","),
-        methods: ["GET", "POST"],
-        credentials: true,
-    })
-)
+const allowedOrigins = process.env.ACCEPTED_ORIGINS.split(",");

-app.use(express.json());
+const corsOptions = {
+  origin: function (origin, callback) {
+    if (!origin || allowedOrigins.includes(origin)) {
+      callback(null, origin); // allow the request
+    } else {
+      callback(new Error("Not allowed by CORS"));
+    }
+  },
+  methods: ["GET", "POST", "OPTIONS"],
+  allowedHeaders: ["Content-Type", "Authorization"],
+  credentials: true,
+};
+
+app.use(cors(corsOptions));

 app.use("/auth", authRoute);

 const port = process.env.PORT || 8080;
-app.listen(port, () => console.log(`Listening on port ${port}...`));
+app.listen(port, () => console.log(`Listening on port ${port}...`));