Merge pull request #13 from ChangePlusPlusVandy/lyton/22

feat: basic auth with auth0
ChangePlusPlusVandy · Nov 17, 2024 · 303a675 · 303a675
2 parents 95b86b1 + 5963288
commit 303a675
Show file tree

Hide file tree

Showing 21 changed files with 393 additions and 28 deletions.
diff --git a/.gitignore b/.gitignore
@@ -30,3 +30,5 @@
 npm-debug.log*
 yarn-debug.log*
 yarn-error.log*
+
+**/**/.env
diff --git a/api/package-lock.json b/api/package-lock.json
diff --git a/api/package.json b/api/package.json
@@ -5,8 +5,8 @@
   "main": "src/server.ts",
   "scripts": {
     "build": "tsc",
-    "start": "nodemon ./dist/server.js",
-    "dev": "nodemon ./src/server.ts",
+    "start": "node src/index.ts",
+    "dev": "npx ts-node-dev --respawn --pretty --transpile-only src/server.ts",
     "test": "echo \"Error: no test specified\" && exit 1",
     "prettier": "npx prettier --write .",
     "format": "prettier --check ."
@@ -19,6 +19,7 @@
     "cors": "^2.8.5",
     "dotenv": "^16.4.5",
     "express": "^4.21.0",
+    "express-oauth2-jwt-bearer": "^1.6.0",
     "mongodb": "^6.9.0",
     "mongoose": "^8.4.1",
     "ts-node-dev": "^2.0.0",

diff --git a/api/src/controllers/auth0-errors.ts b/api/src/controllers/auth0-errors.ts
@@ -0,0 +1,35 @@
+import { Request, Response, NextFunction } from "express";
+import {
+  InvalidTokenError,
+  UnauthorizedError,
+} from "express-oauth2-jwt-bearer";
+
+export const errorHandler = (
+  error: any,
+  request: Request,
+  response: Response,
+  next: NextFunction,
+) => {
+  console.log("Auth Error");
+
+  if (error instanceof InvalidTokenError) {
+    const message = "Bad credentials";
+
+    response.status(error.status).json({ message });
+
+    return;
+  }
+
+  if (error instanceof UnauthorizedError) {
+    const message = "Requires authentication";
+
+    response.status(error.status).json({ message });
+
+    return;
+  }
+
+  const status = 500;
+  const message = "Internal Server Error";
+
+  response.status(status).json({ message });
+};
diff --git a/api/src/controllers/auth0-middleware.ts b/api/src/controllers/auth0-middleware.ts
@@ -0,0 +1,21 @@
+import { auth } from "express-oauth2-jwt-bearer";
+import dotenv from "dotenv";
+import path from "path";
+
+dotenv.config({ path: path.resolve(__dirname, "../.env") });
+
+const auth0Domain = process.env.AUTH0_DOMAIN;
+const auth0Audience = process.env.AUTH0_AUDIENCE;
+
+try {
+  if (!auth0Domain || !auth0Audience) {
+    throw new Error("AUTH0_DOMAIN or AUTH0_AUDIENCE is not set");
+  }
+} catch (error) {
+  console.error(error);
+}
+
+export const validateAccessToken = auth({
+  issuerBaseURL: `https://${auth0Domain}`,
+  audience: auth0Audience,
+});
diff --git a/api/src/controllers/auth0-notFound.ts b/api/src/controllers/auth0-notFound.ts
@@ -0,0 +1,11 @@
+import { Request, Response, NextFunction } from "express";
+
+export const notFoundHandler = (
+  request: Request,
+  response: Response,
+  next: NextFunction,
+) => {
+  const message = "Not Found";
+
+  response.status(404).json({ message });
+};
diff --git a/api/src/routes/user.ts b/api/src/routes/user.ts
@@ -2,9 +2,13 @@ import express from "express";
 import mongoose from "mongoose";
 import dbConnect from "../config/db";
 import sgMail from "@sendgrid/mail";
+// import { validateAccessToken } from "../controllers/auth0-middleware";
 
 const router = express.Router();
 
+// TODO: Add auth0 middleware
+// router.use(validateAccessToken);
+
 // Call the dbConnect function to connect to MongoDB
 dbConnect();
 
@@ -67,9 +71,15 @@ router.post("/create-user", async (req: any, res: any) => {
 // Test route to check if the API is working
 router.post("/test", async (req: any, res: any) => {
   console.log("Received group data:");
-  const { name } = req.body;
 
-  return res.status(200).json({ name });
+  let name;
+  if (req.body.name === undefined) {
+    name = "empty";
+  } else {
+    ({ name } = req.body);
+  }
+
+  return res.status(200).json(`Your name is ${name}`);
 });
 
 router.post("/send-email", async (req: any, res: any) => {

diff --git a/api/src/routes/workshop.ts b/api/src/routes/workshop.ts
@@ -1,11 +1,15 @@
 import express from "express";
 import mongoose from "mongoose";
 import dbConnect from "../config/db"; // Import the dbConnect function
+// import { validateAccessToken } from "../controllers/auth0-middleware";
 
 import { createWorkshop, getWorkshop } from "../controllers/workshopController";
 
 const router = express.Router();
 
+// TODO: Add auth0 middleware
+// router.use(validateAccessToken);
+
 // Call the dbConnect function to connect to MongoDB
 dbConnect();
 
@@ -51,6 +55,12 @@ router.get(
   },
 );
 
+router.post("/testId/:id", async (req: any, res: any) => {
+  res
+    .status(200)
+    .json({ message: "Workshop test successful", id: req.params.id });
+});
+
 // POPULATE VERSION (if details of mentor/mentee objects are needed on the frontend like name or picture)
 
 // import express from 'express';

diff --git a/api/src/server.ts b/api/src/server.ts
@@ -1,11 +1,14 @@
 import dotenv from "dotenv";
+import path from "path";
+
 dotenv.config({ path: path.resolve(__dirname, "../.env") });
 
 import express from "express";
 import bodyParser from "body-parser";
 import connectDB from "./config/db";
+import { errorHandler } from "./controllers/auth0-errors";
+import { notFoundHandler } from "./controllers/auth0-notFound";
 import * as routes from "./routes/index";
-import path from "path";
 
 var cors = require("cors");
 
@@ -19,6 +22,9 @@ app.use("/workshop", routes.workshop);
 
 connectDB();
 
+app.use(notFoundHandler);
+app.use(errorHandler);
+
 app.listen(process.env.PORT || 8000, () =>
   console.log(`Server running on port ${process.env.PORT || 8000}`),
 );
diff --git a/app/.env b/app/.env
diff --git a/app/.env.example b/app/.env.example
@@ -0,0 +1,6 @@
+REACT_APP_API_URL = http://127.0.0.1:8000
+
+# auth
+REACT_APP_AUTH0_DOMAIN=##check notion##
+REACT_APP_AUTH0_CLIENT_ID=##check notion##
+REACT_APP_AUTH0_CALLBACK_URL=http://localhost:3000/callback
diff --git a/app/package-lock.json b/app/package-lock.json
diff --git a/app/package.json b/app/package.json
@@ -3,6 +3,7 @@
   "version": "0.1.0",
   "private": true,
   "dependencies": {
+    "@auth0/auth0-react": "^2.2.4",
     "@testing-library/jest-dom": "^5.17.0",
     "@testing-library/react": "^13.4.0",
     "@testing-library/user-event": "^13.5.0",
@@ -27,7 +28,9 @@
     "start": "react-scripts start",
     "build": "react-scripts build",
     "test": "react-scripts test",
-    "eject": "react-scripts eject"
+    "eject": "react-scripts eject",
+    "format": "npx prettier --write \"src/**/*.{js,jsx,ts,tsx}\"",
+    "format-check": "npx prettier --check \"src/**/*.{js,jsx,ts,tsx}\""
   },
   "eslintConfig": {
     "extends": [
@@ -46,5 +49,8 @@
       "last 1 firefox version",
       "last 1 safari version"
     ]
+  },
+  "devDependencies": {
+    "prettier": "^3.3.3"
   }
 }