Merge pull request #6 from La-404-Devinci/fix/jwt-tabs-typo

Fix/jwt tabs typo

Author: Kan-A-Pesh

.github/workflows/lint.yml

@@ -0,0 +1,27 @@
+on:
+    pull_request:
+        branches:
+            - master
+            - main
+            - features/*
+            - feature/*
+            - fix/*
+
+jobs:
+    lint:
+        runs-on: ubuntu-latest
+        steps:
+            - name: Checkout
+              uses: actions/checkout@v2
+            - name: Setup Node.js
+              uses: actions/setup-node@v2
+              with:
+                  node-version: "20"
+            - name: Install dependencies (Backend)
+              run: cd ./backend && npm install
+            - name: Lint (Backend)
+              run: cd ./backend && npm run lint
+            - name: Install dependencies (Frontend)
+              run: cd ./frontend && npm install
+            - name: Lint (Frontend)
+              run: cd ./frontend && npm run lint

backend/.env.example

@@ -0,0 +1 @@
+PORT=3000

backend/.eslintrc.json

@@ -3,34 +3,19 @@
         "es2021": true,
         "node": true
     },
-    "extends": [
-        "eslint:recommended",
-        "plugin:@typescript-eslint/recommended"
-    ],
+    "extends": ["eslint:recommended", "plugin:@typescript-eslint/recommended"],
     "parser": "@typescript-eslint/parser",
     "parserOptions": {
         "ecmaVersion": "latest",
         "sourceType": "module"
     },
-    "plugins": [
-        "@typescript-eslint"
-    ],
+    "plugins": ["@typescript-eslint"],
     "rules": {
-        "indent": [
-            "error",
-            4
-        ],
-        "linebreak-style": [
-            "error",
-            "unix"
-        ],
-        "quotes": [
-            "error",
-            "double"
-        ],
-        "semi": [
-            "error",
-            "always"
-        ]
+        "indent": ["error", 4],
+        "linebreak-style": ["error", "unix"],
+        "quotes": ["error", "double"],
+        "semi": ["error", "always"],
+        "no-unused-vars": "off",
+        "@typescript-eslint/no-unused-vars": ["warn"]
     }
 }

backend/.gitignore

@@ -3,4 +3,5 @@ dist
 out
 build
 .env
-.*.local.env
+.*.local.env
+index.js

backend/auth/tokenUtils.ts

@@ -0,0 +1,85 @@
+import Token from "../models/Token";
+import * as jwt from "jsonwebtoken";
+
+/**
+ * Generate a JWT token
+ *
+ * @param data The data to be encoded in the token
+ * @param exp The expiration time of the token in seconds
+ * @returns The generated JWT token
+ */
+const generateJwtToken = (data: Token, exp: number): string => {
+    const secret: string = process.env.JWT_SECRET ?? "";
+    const token = jwt.sign(data, secret, { expiresIn: exp });
+    return token;
+};
+
+/**
+ * Check if a JWT token is valid
+ *
+ * @param token The token to be verified
+ * @param targetEmail The email to be verified
+ * @returns The decoded token
+ */
+const verifyJwtToken = (token: string, targetEmail: string): Token | null => {
+    try {
+        const secret: string = process.env.JWT_SECRET ?? "";
+        const decodedToken = jwt.verify(token, secret) as jwt.JwtPayload;
+        if (decodedToken.devinciEmail === targetEmail) {
+            return decodedToken as Token;
+        }
+        return null;
+    } catch (error) {
+        return null;
+    }
+};
+
+/**
+ * Generate an authorization token (valid for 15 minutes)
+ *
+ * @param devinciEmail The email of the user
+ * @returns The generated authorization token
+ */
+const generateAuthorizationToken = (devinciEmail: string): string => {
+    const authorizationExpiration = 60 * 15; // 15 minutes
+    return generateJwtToken({ devinciEmail, type: "authorization" }, authorizationExpiration);
+};
+
+/**
+ * Generate an authentication token (valid for 14 days)
+ *
+ * @param devinciEmail The email of the user
+ * @returns The generated authentication token
+ */
+const generateAuthenticationToken = (devinciEmail: string): string => {
+    const authenticationExpiration = 60 * 60 * 24 * 14; // 14 days
+    return generateJwtToken({ devinciEmail, type: "authentication" }, authenticationExpiration);
+};
+
+/**
+ * Check if a JWT token is valid
+ *
+ * @param token The token to be verified
+ * @param targetEmail The email to be verified
+ * @returns Whether the token is valid
+ */
+const verifyAuthorizationToken = (token: string, targetEmail: string): boolean => {
+    const decodedToken = verifyJwtToken(token, targetEmail);
+    if (decodedToken === null) return false;
+    return decodedToken.type === "authorization";
+};
+
+/**
+ * Check if a JWT token is valid
+ *
+ * @param token The token to be verified
+ * @param targetEmail The email to be verified
+ * @returns Whether the token is valid
+ */
+const verifyAuthenticationToken = (token: string, targetEmail: string): boolean => {
+    const decodedToken = verifyJwtToken(token, targetEmail);
+    if (decodedToken === null) return false;
+    return decodedToken.type === "authentication";
+};
+
+export { generateAuthorizationToken, generateAuthenticationToken, verifyAuthorizationToken, verifyAuthenticationToken };

backend/controllers/Account.ts

@@ -0,0 +1,98 @@
+import type express from "express";
+
+class AccountController {
+    /**
+     * Send a magic link to the user's email
+     * @server HTTP
+     *
+     * @param req The Express request object
+     * @param res The Express response object
+     */
+    public static async sendMagicLink(req: express.Request, res: express.Response) {
+        // TODO: Send a magic link containing the AUTHORIZATION token to the user's email
+        /**
+         * VALIDATION
+         * * Validate the user email (must be a Devinci email)
+         *
+         * PROCESS
+         * * Generate an AUTHORIZATION token
+         * * Send the magic link to the user's email
+         *
+         * RESPONSE
+         * * Send a success message
+         * * Send an error message if the email is invalid
+         */
+    }
+
+    /**
+     * Log the user
+     * @server HTTP
+     *
+     * @param req The Express request object
+     * @param res The Express response object
+     */
+    public static async login(req: express.Request, res: express.Response) {
+        // TODO: Log the user
+        /**
+         * VALIDATION
+         * * Validate AUTHORIZATION token
+         *
+         * PROCESS
+         * * Generate an AUTHENTICATION token
+         *
+         * RESPONSE
+         * * Send the AUTHENTICATION token
+         * * Send an error message if the AUTHORIZATION token is invalid
+         * * Send an error message if the AUTHORIZATION token is expired
+         */
+    }
+
+    // Admin routes
+    /**
+     * Mute/unmute a user
+     * @server HTTP
+     *
+     * @param req The Express request object
+     * @param res The Express response object
+     */
+    public static async muteUser(req: express.Request, res: express.Response) {
+        // TODO: Mute/unmute a user
+        /**
+         * VALIDATION
+         * * Check if the user is an admin
+         * * Validate the user ID
+         *
+         * PROCESS
+         * * Mute/unmute the user
+         *
+         * RESPONSE
+         * * Send a success message
+         * * Send an error message if the user ID is invalid
+         */
+    }
+
+    /**
+     * Ban/unban a user
+     * @server HTTP
+     *
+     * @param req The Express request object
+     * @param res The Express response object
+     */
+    public static async banUser(req: express.Request, res: express.Response) {
+        // TODO: Ban/unban a user
+        /**
+         * VALIDATION
+         * * Check if the user is an admin
+         * * Validate the user ID
+         *
+         * PROCESS
+         * * Ban/unban the user
+         *
+         * RESPONSE
+         * * Send a success message
+         * * Send an error message if the user ID is invalid
+         */
+    }
+}
+
+export default AccountController;