Merge branch 'main' into ashley/overall-cleanup

Author: ashleynhs

.gitignore

@@ -6,4 +6,5 @@ package-lock.json
 yarn.lock
 *.DS_Store
 *.pem
+dumps/
 firebase-admin-service-account.json

package.json

@@ -25,9 +25,11 @@
   },
   "homepage": "https://github.com/cuappdev/resell-backend#readme",
   "devDependencies": {
-    "@types/express": "^4.17.13",
+    "@types/body-parser": "^1.19.6",
+    "@types/express": "^4.17.25",
     "@types/faker": "^5.5.5",
     "@types/jest": "^27.0.2",
+    "@types/multer": "^2.0.0",
     "@types/node": "^16.9.0",
     "@types/node-fetch": "^2.6.1",
     "@types/swagger-ui-express": "^4.1.7",
@@ -46,12 +48,15 @@
     "@tensorflow-models/universal-sentence-encoder": "^1.3.3",
     "@tensorflow/tfjs": "^4.2.0",
     "@tensorflow/tfjs-node": "^4.22.0",
-    "class-validator": "^0.14.0",
+    "body-parser": "^2.2.2",
+    "class-transformer": "^0.5.1",
+    "class-validator": "^0.14.3",
     "cors": "^2.8.6",
     "dotenv": "^10.0.0",
-    "express": "^4.17.2",
+    "express": "^4.22.1",
     "faker": "^5.5.3",
     "firebase-admin": "^13.1.0",
+    "multer": "^2.0.2",
     "node-fetch": "^2.6.1",
     "pg": "^8.7.1",
     "pgvector": "^0.2.0",

src/api/controllers/NotifController.ts

@@ -62,6 +62,14 @@ export class NotifController {
     return this.notifService.sendRequestMatchNotification(matchRequest);
   }
 
+  @Post("markAsRead/id/:id")
+  async markAsRead(
+    @CurrentUser() user: UserModel,
+    @Params() params: { id: string },
+  ) {
+    return this.notifService.markAsRead(user.firebaseUid, params.id);
+  }
+
   @Delete("id/:id")
   async deleteNotification(
     @CurrentUser() user: UserModel,

src/api/controllers/ReportController.ts

@@ -19,7 +19,6 @@ import {
   GetReportsResponse,
 } from "../../types/ApiResponses";
 import { ReportModel } from "../../models/ReportModel";
-import { report } from "process";
 import { UuidParam } from "../validators/GenericRequests";
 
 @JsonController("report/")

src/api/middlewares/ErrorHandler.ts

@@ -13,15 +13,15 @@ export class ErrorHandler implements ExpressErrorMiddlewareInterface {
     error: Error,
     request: express.Request,
     response: express.Response,
-    next: (err?: any) => any,
+    next: (err?: unknown) => unknown,
   ): void {
     handleError(error, request, response, next);
   }
 }
 
 function handleError(
   error: Error,
-  request: express.Request,
+  _request: express.Request,
   response: express.Response,
   next: express.NextFunction,
 ) {

src/api/middlewares/FirebaseAuth.ts

@@ -0,0 +1,43 @@
+import {
+  Action,
+  ForbiddenError,
+  NotFoundError,
+  UnauthorizedError,
+} from "routing-controllers";
+import { firebaseAdmin } from "../../firebase";
+import { getManager } from "typeorm";
+import { UserModel } from "../../models/UserModel";
+
+export const FirebaseCurrentUserChecker = async (
+  action: Action,
+): Promise<UserModel> => {
+  const authHeader = action.request.headers["authorization"];
+  if (!authHeader) {
+    throw new UnauthorizedError("No authorization token provided");
+  }
+  const token = authHeader.split(" ")[1];
+  if (!token) {
+    throw new UnauthorizedError("Invalid authorization token format");
+  }
+
+  try {
+    // Verify the token using Firebase Admin SDK
+    const decodedToken = await firebaseAdmin.auth().verifyIdToken(token);
+    const userId = decodedToken.uid;
+    const email = decodedToken.email;
+    // Enforce Cornell email domain restriction
+    if (email && !email.endsWith("@cornell.edu")) {
+      throw new ForbiddenError("Only Cornell email addresses are allowed");
+    }
+    // Fetch and return the user from the database
+    const user = await getManager().findOne(UserModel, {
+      firebaseUid: userId,
+    });
+    if (!user) {
+      throw new NotFoundError("User not found");
+    }
+    return user;
+  } catch (error) {
+    throw new UnauthorizedError("Invalid or expired authorization token");
+  }
+};

src/api/validators/GenericRequests.ts

@@ -1,4 +1,4 @@
-import { IsEmail, IsNumber, IsString, IsUUID } from "class-validator";
+import { IsEmail, IsString, IsUUID } from "class-validator";
 
 import { Uuid } from "../../types";
 

src/app.ts

@@ -1,56 +1,71 @@
-import "reflect-metadata";
+// Load environment and Firebase configuration first
 import "dotenv/config";
+import "./firebase";
+import "reflect-metadata";
 
-import dotenv from "dotenv";
 import {
   createExpressServer,
-  ForbiddenError,
-  UnauthorizedError,
   useContainer as routingUseContainer,
-  HttpError,
 } from "routing-controllers";
-
 import { getManager, useContainer } from "typeorm";
 import { Container } from "typeorm-typedi-extensions";
-import { Express } from "express";
+import { Express, Request, Response } from "express";
 import * as swaggerUi from "swagger-ui-express";
-import * as path from "path";
-import * as admin from "firebase-admin";
-
-dotenv.config();
-
-const serviceAccountPath = process.env.FIREBASE_SERVICE_ACCOUNT_PATH || "";
-const serviceAccount = require(serviceAccountPath);
-
-if (!serviceAccountPath) {
-  throw new Error(
-    "FIREBASE_SERVICE_ACCOUNT_PATH environment variable is not set.",
-  );
-}
-
-if (!admin.apps.length) {
-  admin.initializeApp({
-    credential: admin.credential.cert(serviceAccount),
-  });
-}
-
-export { admin }; // Export the admin instance
+import swaggerDocument from "../swagger.json";
 
 import { controllers } from "./api/controllers";
 import { middlewares } from "./api/middlewares";
-import { UserModel } from "./models/UserModel";
-import { ReportController } from "./api/controllers/ReportController";
+import { FirebaseCurrentUserChecker } from "./api/middlewares/FirebaseAuth";
 import resellConnection from "./utils/DB";
-import { ReportService } from "./services/ReportService";
-import { reportToString } from "./utils/Requests";
-
-dotenv.config();
 
+const port = process.env.PORT ?? 3000;
+const app: Express = createExpressServer({
+  cors: true,
+  routePrefix: "/api/",
+  controllers: controllers,
+  middlewares: middlewares,
+  defaults: {
+    paramOptions: {
+      required: true, // Make all params required by default
+    },
+  },
+  validation: true,
+  development: process.env.NODE_ENV !== "production",
+  defaultErrorHandler: false,
+  currentUserChecker: FirebaseCurrentUserChecker,
+});
+
+/**
+ * Setup Swagger docs
+ */
+app.use("/api-docs", swaggerUi.serve, swaggerUi.setup(swaggerDocument));
+console.log(
+  `Swagger documentation available at http://localhost:${port}/api-docs`,
+);
+
+/**
+ * Health check endpoint
+ */
+app.get("/health", async (_req: Request, res: Response) => {
+  const manager = getManager();
+  try {
+    await manager.query("SELECT 1");
+    res.status(200).json({ status: "healthy", database: "Connected" });
+  } catch (error) {
+    res
+      .status(500)
+      .json({ status: "Error", database: "Not connected", error: error });
+  }
+});
+
+// Setup dependency injection containers
+routingUseContainer(Container);
+useContainer(Container);
+
+// Initialize and start application
 async function main() {
-  routingUseContainer(Container);
-  useContainer(Container);
-
-  await resellConnection().catch((error: any) => {
+  // Initialize database connection
+  await resellConnection().catch((error: unknown) => {
     console.log(error);
     throw new Error("Connection to DB failed. Check console output");
   });

src/firebase.ts

@@ -0,0 +1,17 @@
+import * as firebaseAdmin from "firebase-admin";
+const serviceAccountPath = process.env.FIREBASE_SERVICE_ACCOUNT_PATH || "";
+const serviceAccount = require(serviceAccountPath);
+
+if (!serviceAccountPath) {
+  throw new Error(
+    "FIREBASE_SERVICE_ACCOUNT_PATH environment variable is not set.",
+  );
+}
+
+if (!firebaseAdmin.apps.length) {
+  firebaseAdmin.initializeApp({
+    credential: firebaseAdmin.credential.cert(serviceAccount),
+  });
+}
+
+export { firebaseAdmin };

src/services/NotifService.ts

@@ -237,6 +237,22 @@ export class NotifService {
     });
   }
 
+  async markAsRead(userId: string, notifId: string) {
+    return this.transactions.readWrite(async (transactionalEntityManager) => {
+      const notifRepository = Repositories.notification(
+        transactionalEntityManager,
+      );
+      const notif = await notifRepository.findOne({ where: { id: notifId } });
+      if (!notif) {
+        throw new NotFoundError("Notification not found");
+      }
+      if (notif.userId !== userId) {
+        throw new NotFoundError("Notification not found");
+      }
+      return await notifRepository.markAsRead(notifId);
+    });
+  }
+
   async deleteNotification(userId: string, notifId: string) {
     return this.transactions.readWrite(async (transactionalEntityManager) => {
       const notifRepository = Repositories.notification(