[#Issue 250] Delete PII for Users using TypeScript.

package.json

@@ -28,6 +28,13 @@
   "devDependencies": {
     "@flydotio/dockerfile": "^0.4.0",
     "cross-env": "^7.0.3",
+    "encoding": "^0.1.13",
     "husky": "^8.0.3"
+  },
+  "dependencies": {
+    "@octokit/core": "^6.1.2",
+    "dotenv": "^16.4.5",
+    "next": "^14.3.0-canary.16",
+    "unstyled-table": "^0.0.6-beta-4"
   }
 }

packages/app/package.json

@@ -51,12 +51,12 @@
     "clsx": "^1.2.1",
     "cmdk": "^0.2.0",
     "lucide-react": "^0.259.0",
-    "next": "13.4.9",
+    "next": "^13.5.6",
     "next-auth": "^4.22.1",
     "next-themes": "^0.2.1",
     "nextjs-toploader": "^1.4.2",
-    "openai": "^3.3.0",
-    "postcss": "8.4.25",
+    "openai": "^4.36.0",
+    "postcss": "^8.4.38",
     "prettier": "2.8.8",
     "prettier-plugin-go-template": "0.0.13",
     "prettier-plugin-java": "2.2.0",
@@ -89,7 +89,7 @@
     "@typescript-eslint/eslint-plugin": "^5.61.0",
     "@typescript-eslint/parser": "^5.61.0",
     "autoprefixer": "10.4.14",
-    "cypress": "^12.17.2",
+    "cypress": "^13.7.3",
     "eslint": "8.44.0",
     "eslint-config-next": "13.4.9",
     "eslint-config-prettier": "^8.8.0",

packages/app/src/app/api/auth/[...nextauth]/route.ts

@@ -1,56 +1,62 @@
 import { PrismaAdapter } from "@next-auth/prisma-adapter";
 import NextAuth, { AuthOptions, DefaultSession } from "next-auth";
 import GithubProvider from "next-auth/providers/github";
-import { env } from "@/env.mjs";
-import { prisma } from "@/lib/prisma";
-import type { UserRole } from "@prisma/client";
-import randomstring from "randomstring";
+import { env } from "@/env.mjs"; // Import environment variables
+import { prisma } from "@/lib/prisma"; 
+import type { UserRole } from "@prisma/client"; 
+import randomstring from "randomstring"; 
 
+// Extend the Session interface to include additional properties
 declare module "next-auth" {
   interface Session extends DefaultSession {
     user: {
       id: string;
       role: UserRole;
+      token: string;
     } & DefaultSession["user"];
   }
 }
 
+// Define options for authentication
 export const nextAuthOptions = {
-  adapter: PrismaAdapter(prisma),
+  adapter: PrismaAdapter(prisma), // Use PrismaAdapter for session storage
   session: {
-    strategy: "jwt",
+    strategy: "jwt", // Use JWT for session management
   },
-  secret: env.NEXTAUTH_SECRET,
+  secret: env.NEXTAUTH_SECRET, // Set the secret for signing cookies
   providers: [
-    GithubProvider({
-      clientId: env.GITHUB_CLIENT_ID,
-      clientSecret: env.GITHUB_CLIENT_SECRET,
+    GithubProvider({ // Configure GitHub authentication provider
+      clientId: env.GITHUB_CLIENT_ID, // GitHub client ID
+      clientSecret: env.GITHUB_CLIENT_SECRET, // GitHub client secret
     }),
   ],
   callbacks: {
-    async signIn(options) {
+    async signIn(options) { // Callback function executed on sign in
+      // Generate a random code
       const racerCode = randomstring.generate({
         length: 4,
         charset: "numeric",
       });
+      // Modify user email and name
       options.user.email = `${options.user.id}@example.com`;
       options.user.name = `Racer ${racerCode}`;
-      return true;
+      return true; // Continue sign in process
     },
-    async jwt({ token, user }) {
-      const dbUser = await prisma.user.findFirst({
+    async jwt({ token, user }) { // Callback function executed on JWT creation
+      const dbUser = await prisma.user.findFirst({ // Find user in database
         where: {
-          email: token.email,
+          email: token.email, // Match user by email
         },
       });
 
-      if (!dbUser) {
-        if (user) {
-          token.id = user.id;
+      if (!dbUser) { // If user not found in database
+        if (user) { // If user exists
+          token.id = user.id; // Set token ID
         }
-        return token;
+        return token; // Return token
       }
 
+      // Return user data from database
       return {
         id: dbUser.id,
         name: dbUser.name,
@@ -59,20 +65,22 @@ export const nextAuthOptions = {
         picture: dbUser.image,
       };
     },
-    async session({ token, session }) {
-      if (token) {
+    async session({ token, session }) { // Callback function executed on session creation
+      if (token) { // If token exists
+        // Set session user properties
         session.user.id = token.id;
         session.user.name = token.name;
         session.user.email = token.email;
         session.user.role = token.role;
         session.user.image = token.picture;
       }
-
-      return session;
+      return session; // Return session
     },
   },
-} satisfies AuthOptions;
+} as AuthOptions; // Define nextAuthOptions as AuthOptions type
 
+// Create NextAuth handler with options
 const handler = NextAuth(nextAuthOptions);
 
+// Export NextAuth handler for both GET and POST requests
 export { handler as GET, handler as POST };

packages/app/src/app/page.tsx

@@ -6,7 +6,7 @@ async function getGitHubStars(): Promise<string | null> {
   try {
     const headers = {
       Accept: "application/vnd.github+json",
-      Authorization: getGitHubAuthorizationToken(),
+      Authorization: getGitHubAuthorizationToken(), 
     };
     const response = await fetch(siteConfig.api.github.githubStars, {
       headers,

packages/app/src/app/privacy/page.tsx

@@ -1,15 +1,55 @@
 import { Heading } from "@/components/ui/heading";
 
-function PrivacyPage({}) {
+// Privacy Policy text
+const privacyPolicyText = `
+When you log in to our game using your GitHub token, we collect the following information:
+
+GitHub Token: We collect your GitHub token to authenticate your login and provide you access to our game.
+Username: We may collect your GitHub username to personalize your gaming experience and to identify you within the game.
+Email Address: If you grant us access, we may collect your email address associated with your GitHub account for communication purposes and to provide you with important updates about our game.
+Usage Data: We may collect information about your interactions with our game, such as gameplay activity and performance metrics, to improve our services and provide you with a better gaming experience.
+How We Use Your Information
+
+We use the information we collect for the following purposes:
+
+Authentication: We use your GitHub token to authenticate your login and provide you access to our game.
+Personalization: We may use your GitHub username to personalize your gaming experience and to address you within the game.
+Communication: If you provide us with your email address, we may use it to communicate with you, respond to your inquiries, and send you important updates about our game.
+Improvement: We may use usage data to analyze trends, track user engagement, and improve our game's features and performance.
+Data Sharing and Disclosure
+
+We do not sell, trade, or otherwise transfer your personal information to third parties. However, we may share your information with trusted third-party service providers who assist us in operating our game and website, conducting our business, or servicing you, as long as those parties agree to keep this information confidential. We may also disclose your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property, or safety.
+
+Data Retention
+
+We will retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.
+
+Your Rights
+
+You have the right to access, correct, update, or delete your personal information. You may also have the right to restrict or object to certain processing of your information. To exercise these rights, please contact us using the contact information provided below.
+
+Changes to This Privacy Policy
+
+We reserve the right to modify this Privacy Policy at any time. If we make material changes to this policy, we will notify you here or by means of a notice on our website prior to the change becoming effective.
+
+Contact Us
+
+If you have any questions or concerns about this Privacy Policy or our practices regarding your personal information, please contact us at [email protected].
+`;
+
+function PrivacyPage() {
   return (
     <div className="pt-12 pb-12">
       <Heading
         title="Privacy Policies"
         description="Privacy policies for Code Racer"
       />
-      {/* ADD PRIVACY POLICY */}
+      <div className="max-w-3xl mx-auto px-4">
+        <pre className="whitespace-pre-line">{privacyPolicyText}</pre>
+      </div>
     </div>
   );
 }
 
 export default PrivacyPage;
+

packages/app/src/app/terms/page.tsx

@@ -1,64 +1,58 @@
 import { Heading } from "@/components/ui/heading";
-const page = () => {
-  return (
-    <>
-      <Heading title="Terms" />
-    <div>
-      <h1>CodeRacer - Terms of Service</h1>
-      <p><strong>Effective Date:</strong> [Date]</p>
+
+// Terms Policy text
+const termsPolicyText = `
+Welcome to CodeRacer! These Terms of Service ("Terms") constitute a legal agreement between you and CodeRacer. Please read these Terms carefully before using our platform, which is accessible at https://code-racer-eight.vercel.app. By using CodeRacer, you agree to be bound by these Terms.
 
-      <p>Welcome to CodeRacer! These Terms of Service ("Terms") constitute a legal agreement between you and CodeRacer. Please read these Terms carefully before using our platform, which is accessible at <a href="https://code-racer-eight.vercel.app/">https://code-racer-eight.vercel.app/</a>. By using CodeRacer, you agree to be bound by these Terms.</p>
+      1. User Accounts
+      1.1. Account Creation: To use certain features of CodeRacer, you must create an account by logging in with your GitHub account.
+      1.2. Account Responsibility: You are responsible for maintaining the confidentiality of your account information and for all activities that occur under your account.
+
+
+      2. Use of the Platform
+      2.1. Open Source: CodeRacer is an open-source platform, and its source code is available on GitHub for review and contributions.
+      2.2. Coding Practice: CodeRacer is designed for coding practice in various languages and supports multiplayer modes.
+      2.3. Privacy: We do not collect or store user data beyond what is necessary for GitHub authentication and platform functionality. For more details, please refer to our Privacy Policy.
+
+
+      3. Intellectual Property
+      3.1. Ownership: Users retain ownership of the code they create and submit on CodeRacer. CodeRacer retains ownership of the platform and its underlying software.
 
-      <h2>1. User Accounts</h2>
-      <p>
-        <strong>1.1. Account Creation:</strong> To use certain features of CodeRacer, you must create an account by logging in with your GitHub account.
-      </p>
-      <p>
-        <strong>1.2. Account Responsibility:</strong> You are responsible for maintaining the confidentiality of your account information and for all activities that occur under your account.
-      </p>
+     4. CodeRacer Community
+     4.1. Community Standards: Users are expected to maintain a respectful and inclusive environment while using the platform.
 
-      <h2>2. Use of the Platform</h2>
-      <p>
-        <strong>2.1. Open Source:</strong> CodeRacer is an open-source platform, and its source code is available on GitHub for review and contributions.
-      </p>
-      <p>
-        <strong>2.2. Coding Practice:</strong> CodeRacer is designed for coding practice in various languages and supports multiplayer modes.
-      </p>
-      <p>
-        <strong>2.3. Privacy:</strong> We do not collect or store user data beyond what is necessary for GitHub authentication and platform functionality. For more details, please refer to our Privacy Policy.
-      </p>
 
-      <h2>3. Intellectual Property</h2>
-      <p>
-        <strong>3.1. Ownership:</strong> Users retain ownership of the code they create and submit on CodeRacer. CodeRacer retains ownership of the platform and its underlying software.
-      </p>
+    5. Termination
+
+      5.1. Termination Rights: CodeRacer reserves the right to terminate or suspend your access to the platform at any time for violations of these Terms or for any other reason.
 
-      <h2>4. CodeRacer Community</h2>
-      <p>
-        <strong>4.1. Community Standards:</strong> Users are expected to maintain a respectful and inclusive environment while using the platform.
-      </p>
 
-      <h2>5. Termination</h2>
-      <p>
-        <strong>5.1. Termination Rights:</strong> CodeRacer reserves the right to terminate or suspend your access to the platform at any time for violations of these Terms or for any other reason.
-      </p>
+     6. Limitation of Liability
+     6.1. Disclaimer: CodeRacer is provided "as is," and we make no warranties or representations about the accuracy or reliability of the platform. Your use of CodeRacer is at your own risk.
+
 
-      <h2>6. Limitation of Liability</h2>
-      <p>
-        <strong>6.1. Disclaimer:</strong> CodeRacer is provided "as is," and we make no warranties or representations about the accuracy or reliability of the platform. Your use of CodeRacer is at your own risk.
-      </p>
+      7. Changes to Terms
+      7.1. Updates: CodeRacer may update these Terms from time to time. We will notify you of any changes, and your continued use of the platform after such changes will constitute your acceptance of the revised Terms.
+
 
-      <h2>7. Changes to Terms</h2>
-      <p>
-        <strong>7.1. Updates:</strong> CodeRacer may update these Terms from time to time. We will notify you of any changes, and your continued use of the platform after such changes will constitute your acceptance of the revised Terms.
-      </p>
+      8. Contact Us
+      8.1. Questions: If you have any questions or concerns about these Terms, please contact us at [email protected].
+
+`;
 
-      <h2>8. Contact Us</h2>
-      <p>
-        <strong>8.1. Questions:</strong> If you have any questions or concerns about these Terms, please contact us at <a href="mailto:[email protected]">[email protected]</a>.
-      </p>
+function TermsPage() {
+  return (
+    <div className="pt-12 pb-12">
+      <Heading
+        title="Terms"
+        description="Terms for Code Racer"
+      />
+      <div className="max-w-3xl mx-auto px-4">
+        <pre className="whitespace-pre-line">{termsPolicyText}</pre>
+      </div>
     </div>
   );
-};
+}
+
+export default TermsPage;
 
-export default page;

packages/app/src/app/users/(user-profile)/(components)/actions.ts

@@ -7,13 +7,44 @@ import { getCurrentUser } from "@/lib/session";
 import { prisma } from "@/lib/prisma";
 import { validatedCallback } from "@/lib/validatedCallback";
 
+//import { Octokit } from "@octokit/core";
+
+
 export const deleteUserAction = validatedCallback({
-  inputValidation: z.object({}),
-  callback: async (_) => {
+  inputValidation: z.object({}), // Input validation schema (empty object in this case)
+  callback: async (_) => { // Main callback function
+    // Retrieve the current user
     const user = await getCurrentUser();
 
+    // If user doesn't exist, throw an UnauthorizedError
     if (!user) throw new UnauthorizedError();
 
+  /*THIS IS THE CODE I ATTEMPED TO ADD TO DELETE THE USER'S GITHUB TOKEN USING GITHUB API
+    // Initialize Octokit with user's token
+    const octokit = new Octokit({
+      auth: user.token,
+    });
+
+    // Make a request to delete an application grant using Octokit
+    await octokit.request("DELETE /applications/${user.token}/grant", {
+      client_id: "Iv1.8a61f9b3a7aba766",
+      access_token: "e72e16c7e42f292c6912e7710c838347ae178b4a",
+      headers: {
+        "X-GitHub-Api-Version": "2022-11-28"
+      }
+    });
+    */
+
+
+    // Update user data with an empty object
+    await prisma.user.update({
+      where: {
+        id: user.id,
+      },
+      data: {},
+    });
+
+    // Delete the user from the database
     await prisma.user.delete({
       where: {
         id: user.id,
@@ -22,6 +53,9 @@ export const deleteUserAction = validatedCallback({
   },
 });
 
+
+
+
 export const updateUserProfile = validatedCallback({
   inputValidation: z.object({
     displayName: z.string(),