Merge branch 'main' into search-page

GenerateNU · Apr 17, 2024 · 94042cb · 94042cb
2 parents b2a7d6d + 3ab8425
commit 94042cb
Show file tree

Hide file tree

Showing 172 changed files with 5,821 additions and 3,459 deletions.
diff --git a/.github/workflows/backend.yml b/.github/workflows/backend.yml
@@ -6,11 +6,13 @@ on:
   push:
     paths:
       - backend/**
+      - config/**
       - .github/workflows/backend.yml
   pull_request:
     types: [opened]
     paths:
       - backend/**
+      - config/**
       - .github/workflows/backend.yml
 
 concurrency:

diff --git a/.github/workflows/cli.yml b/.github/workflows/cli.yml
@@ -6,11 +6,13 @@ on:
   push:
     paths:
       - cli/**
+      - config/**
       - .github/workflows/cli.yml
   pull_request:
     types: [opened]
     paths:
       - cli/**
+      - config/**
       - .github/workflows/cli.yml
 
 concurrency:

diff --git a/.github/workflows/club_scraper.yml → .github/workflows/mock_data.yml b/.github/workflows/club_scraper.yml → .github/workflows/mock_data.yml
@@ -1,25 +1,25 @@
-name: Club Scraper
+name: Mock Data
 
 permissions: read-all
 
 on:
   push:
     paths:
-      - scraper/club/**
-      - .github/workflows/club_scraper.yml
+      - mock_data/**
+      - .github/workflows/mock_data.yml
   pull_request:
     types: [opened]
     paths:
-      - scraper/club/**
-      - .github/workflows/club_scraper.yml
+      - mock_data/**
+      - .github/workflows/mock_data.yml
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
 env:
   CARGO_TERM_COLOR: always
-  MANIFEST_PATH: ./scraper/clubs/Cargo.toml
+  MANIFEST_PATH: ./mock_data/Cargo.toml
 
 jobs:
   test:

diff --git a/.gitignore b/.gitignore
@@ -2,7 +2,7 @@
 .DS_Store
 
 # Cli
-sac-cli
+sac
 
 # VSCode
 .vscode
@@ -22,3 +22,5 @@ backend/tests/api/__debug_*
 frontend/sac-mobile/ios/
 frontend/sac-mobile/android/
 tmp/
+ios
+android
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -131,7 +131,7 @@
 
 ### SAC CLI
 
-   To install use `./install.sh` and then run `sac-cli` to see all commands.
+   To install use `./install.sh` and then run `sac` to see all commands.
 
 # Git Flow
 

diff --git a/backend/go.mod b/backend/go.mod
@@ -4,7 +4,7 @@ go 1.22.2
 
 require (
 	github.com/afex/hystrix-go v0.0.0-20180502004556-fa1af6a1f4f5
-	github.com/aws/aws-sdk-go v1.50.5
+	github.com/aws/aws-sdk-go v1.51.21
 	github.com/garrettladley/mattress v0.4.0
 	github.com/go-playground/validator/v10 v10.19.0
 	github.com/goccy/go-json v0.10.2

diff --git a/backend/go.sum b/backend/go.sum
@@ -8,8 +8,8 @@ github.com/awnumar/memcall v0.2.0 h1:sRaogqExTOOkkNwO9pzJsL8jrOV29UuUW7teRMfbqtI
 github.com/awnumar/memcall v0.2.0/go.mod h1:S911igBPR9CThzd/hYQQmTc9SWNu3ZHIlCGaWsWsoJo=
 github.com/awnumar/memguard v0.22.5 h1:PH7sbUVERS5DdXh3+mLo8FDcl1eIeVjJVYMnyuYpvuI=
 github.com/awnumar/memguard v0.22.5/go.mod h1:+APmZGThMBWjnMlKiSM1X7MVpbIVewen2MTkqWkA/zE=
-github.com/aws/aws-sdk-go v1.50.5 h1:H2Aadcgwr7a2aqS6ZwcE+l1mA6ZrTseYCvjw2QLmxIA=
-github.com/aws/aws-sdk-go v1.50.5/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
+github.com/aws/aws-sdk-go v1.51.21 h1:UrT6JC9R9PkYYXDZBV0qDKTualMr+bfK2eboTknMgbs=
+github.com/aws/aws-sdk-go v1.51.21/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=

diff --git a/backend/src/auth/jwt.go b/backend/src/auth/jwt.go
@@ -22,7 +22,7 @@ type CustomClaims struct {
 func From(c *fiber.Ctx) (*CustomClaims, *errors.Error) {
 	rawClaims := c.Locals("claims")
 	if rawClaims == nil {
-		return nil, nil
+		return nil, &errors.Forbidden
 	}
 
 	claims, ok := rawClaims.(*CustomClaims)

diff --git a/backend/src/auth/jwt_mock.go b/backend/src/auth/jwt_mock.go
@@ -0,0 +1,36 @@
+package auth
+
+import (
+	"github.com/GenerateNU/sac/backend/src/errors"
+	"github.com/golang-jwt/jwt"
+)
+
+type JWTMockClient struct{}
+
+func NewJWTMockClient() JWTClientInterface {
+	return &JWTMockClient{}
+}
+
+func (c *JWTMockClient) GenerateTokenPair(accessClaims, refreshClaims Claims) (*Token, *errors.Error) {
+	return &Token{}, nil
+}
+
+func (c *JWTMockClient) GenerateToken(claims Claims, tokenType JWTType) ([]byte, *errors.Error) {
+	return []byte{}, nil
+}
+
+func (c *JWTMockClient) RefreshToken(token, refreshToken string, tokenType JWTType, newClaims jwt.MapClaims) ([]byte, *errors.Error) {
+	return []byte{}, nil
+}
+
+func (c *JWTMockClient) ExtractClaims(tokenString string, tokenType JWTType) (jwt.MapClaims, *errors.Error) {
+	return jwt.MapClaims{}, nil
+}
+
+func (c *JWTMockClient) ParseToken(tokenString string, tokenType JWTType) (*jwt.Token, *errors.Error) {
+	return &jwt.Token{}, nil
+}
+
+func (c *JWTMockClient) IsTokenValid(tokenString string, tokenType JWTType) (bool, *errors.Error) {
+	return true, nil
+}
diff --git a/backend/src/auth/password.go b/backend/src/auth/password.go
@@ -0,0 +1,39 @@
+package auth
+
+import (
+	"regexp"
+	"strings"
+
+	"github.com/GenerateNU/sac/backend/src/constants"
+	"github.com/GenerateNU/sac/backend/src/errors"
+)
+
+func ValidatePassword(password string) *errors.Error {
+	if len(password) < 8 {
+		return &errors.InvalidPasswordNotLongEnough
+	}
+
+	if !hasDigit(password) {
+		return &errors.InvalidPasswordNoDigit
+	}
+
+	if !hasSpecialChar(password) {
+		return &errors.InvalidPasswordNoSpecialCharacter
+	}
+
+	return nil
+}
+
+func hasDigit(str string) bool {
+	return regexp.MustCompile(`[0-9]`).MatchString(str)
+}
+
+func hasSpecialChar(str string) bool {
+	for _, c := range constants.SPECIAL_CHARACTERS {
+		if strings.Contains(str, string(c)) {
+			return true
+		}
+	}
+
+	return false
+}
diff --git a/backend/src/constants/auth.go b/backend/src/constants/auth.go
@@ -3,6 +3,8 @@ package constants
 import "time"
 
 const (
-	ACCESS_TOKEN_EXPIRY  time.Duration = time.Hour * 24 * 30 // temporary TODO: change to 60 minutes
-	REFRESH_TOKEN_EXPIRY time.Duration = time.Hour * 24 * 30
+	ACCESS_TOKEN_EXPIRY  time.Duration = time.Minute * 24 * 30 // temporary TODO: change to 60 minutes
+	REFRESH_TOKEN_EXPIRY time.Duration = time.Minute * 24 * 30
 )
+
+var SPECIAL_CHARACTERS = []rune{' ', '!', '"', '#', '$', '%', '&', '\'', '(', ')', '*', '+', ',', '-', '.', '/', ':', ';', '<', '=', '>', '?', '@', '[', '\\', ']', '^', '_', '`', '{', '|', '}', '~'} // see https://owasp.org/www-community/password-special-characters
diff --git a/backend/src/controllers/tag.go b/backend/src/controllers/tag.go
@@ -1,7 +1,6 @@
 package controllers
 
 import (
-	"github.com/GenerateNU/sac/backend/src/constants"
 	"github.com/GenerateNU/sac/backend/src/errors"
 	"github.com/GenerateNU/sac/backend/src/models"
 	"github.com/GenerateNU/sac/backend/src/services"
@@ -32,7 +31,7 @@ func NewTagController(tagService services.TagServiceInterface) *TagController {
 // @Failure     500   {object}      errors.Error
 // @Router		/tags  [get]
 func (t *TagController) GetTags(c *fiber.Ctx) error {
-	tags, err := t.tagService.GetTags(c.Query("limit", constants.DEFAULT_LIMIT_STRING), c.Query("page", constants.DEFAULT_PAGE_STRING))
+	tags, err := t.tagService.GetTags()
 	if err != nil {
 		return err.FiberError(c)
 	}

diff --git a/backend/src/database/super.go b/backend/src/database/super.go
@@ -22,6 +22,7 @@ func SuperUser(superUserSettings config.SuperUserSettings) (*models.User, *error
 		PasswordHash:    *passwordHash,
 		FirstName:       "SAC",
 		LastName:        "Super",
+		Major0:          models.ComputerScience,
 		College:         models.KCCS,
 		GraduationCycle: models.May,
 		GraduationYear:  2025,

diff --git a/backend/src/email/resend_mock.go b/backend/src/email/resend_mock.go
@@ -0,0 +1,25 @@
+package email
+
+import "github.com/GenerateNU/sac/backend/src/errors"
+
+type ResendMockClient struct{}
+
+func NewResendMockClient() EmailClientInterface {
+	return &ResendMockClient{}
+}
+
+func (c *ResendMockClient) SendPasswordResetEmail(name, email, token string) *errors.Error {
+	return nil
+}
+
+func (c *ResendMockClient) SendEmailVerification(email, code string) *errors.Error {
+	return nil
+}
+
+func (c *ResendMockClient) SendWelcomeEmail(name, email string) *errors.Error {
+	return nil
+}
+
+func (c *ResendMockClient) SendPasswordChangedEmail(name, email string) *errors.Error {
+	return nil
+}
diff --git a/backend/src/errors/auth.go b/backend/src/errors/auth.go
@@ -99,4 +99,16 @@ var (
 		StatusCode: fiber.StatusNotFound,
 		Message:    "otp not found",
 	}
+	InvalidPasswordNotLongEnough = Error{
+		StatusCode: fiber.StatusBadRequest,
+		Message:    "password must be at least 8 characters long",
+	}
+	InvalidPasswordNoDigit = Error{
+		StatusCode: fiber.StatusBadRequest,
+		Message:    "password must contain at least one digit",
+	}
+	InvalidPasswordNoSpecialCharacter = Error{
+		StatusCode: fiber.StatusBadRequest,
+		Message:    "password must contain at least one special character",
+	}
 )
diff --git a/backend/src/errors/common.go b/backend/src/errors/common.go
@@ -43,6 +43,10 @@ var (
 		StatusCode: fiber.StatusUnauthorized,
 		Message:    "unauthorized",
 	}
+	Forbidden = Error{
+		StatusCode: fiber.StatusForbidden,
+		Message:    "forbidden",
+	}
 	FailedToSignToken = Error{
 		StatusCode: fiber.StatusInternalServerError,
 		Message:    "failed to sign token",

diff --git a/backend/src/file/aws_mock.go b/backend/src/file/aws_mock.go
@@ -0,0 +1,26 @@
+package file
+
+import (
+	"mime/multipart"
+
+	"github.com/GenerateNU/sac/backend/src/errors"
+	"github.com/GenerateNU/sac/backend/src/models"
+)
+
+type AWSMockClient struct{}
+
+func NewAWSMockClient() FileClientInterface {
+	return &AWSMockClient{}
+}
+
+func (c *AWSMockClient) UploadFile(folder string, fileHeader *multipart.FileHeader, allowedTypes []FileType) (*models.FileInfo, *errors.Error) {
+	return nil, nil
+}
+
+func (c *AWSMockClient) DeleteFile(fileURL string) *errors.Error {
+	return nil
+}
+
+func (c *AWSMockClient) GetFileURL(fileURL string) *string {
+	return nil
+}
diff --git a/backend/src/file/file.go b/backend/src/file/file.go
@@ -128,11 +128,10 @@ func (aw *AWSClient) UploadFile(folder string, fileHeader *multipart.FileHeader,
 		Body:   bytes.NewReader(file),
 	})
 	if s3Err != nil {
-		fmt.Printf("Failed to upload data to %s/%s, %v\n", bucket, key, err)
 		return nil, &errors.FailedToUploadFile
 	}
 
-	fileURL := fmt.Sprintf("https://%s.s3.amazonaws.com/%s", bucket, key)
+	fileURL := fmt.Sprintf("https://s3.amazonaws.com/%s/%s", bucket, key)
 	return &models.FileInfo{
 		FileName:  *fileName,
 		FileType:  fileHeader.Header.Get("Content-Type"),
@@ -146,7 +145,7 @@ func (aw *AWSClient) DeleteFile(fileURL string) *errors.Error {
 	svc := s3.New(aw.session)
 
 	bucket := aw.Settings.BUCKET_NAME.Expose()
-	key := fileURL[len(fmt.Sprintf("https://s3.amazonaws.com/%s", bucket)):]
+	key := fileURL[len(fmt.Sprintf("https://s3.amazonaws.com/%s/", bucket)):]
 
 	_, err := svc.DeleteObject(&s3.DeleteObjectInput{
 		Bucket: aws.String(bucket),

diff --git a/backend/src/middleware/auth.go b/backend/src/middleware/auth.go
@@ -17,14 +17,14 @@ import (
 
 func getExcludedPaths() []map[string]string {
 	return []map[string]string{
-		{"/api/v1/auth/login": "POST"},
-		{"/api/v1/auth/refresh": "POST"},
 		{"/api/v1/users/": "POST"},
+		{"/api/v1/auth/login": "POST"},
 		{"/api/v1/auth/logout": "POST"},
-		{"/api/v1/auth/forgot-password": "POST"},
+		{"/api/v1/auth/refresh": "POST"},
 		{"/api/v1/auth/send-code/": "POST"},
 		{"/api/v1/auth/verify-email": "POST"},
 		{"/api/v1/auth/verify-reset": "POST"},
+		{"/api/v1/auth/forgot-password": "POST"},
 	}
 }
 
@@ -63,6 +63,14 @@ func (m *AuthMiddlewareService) Authenticate(c *fiber.Ctx) error {
 		}
 	}
 
+	if c.Method() == "OPTIONS" {
+		return c.Next()
+	}
+	// if a get request but not /api/v1/users/ or /api/v1/users/me
+	if c.Method() == "GET" && c.Path() != "/api/v1/users/" && c.Path() != "/api/v1/users/me" {
+		return c.Next()
+	}
+
 	accessToken := GetAuthroizationToken(c)
 	if accessToken == nil {
 		return errors.Unauthorized.FiberError(c)
@@ -106,7 +114,7 @@ func (m *AuthMiddlewareService) Authorize(requiredPermissions ...auth.Permission
 
 		for _, requiredPermission := range requiredPermissions {
 			if !slices.Contains(userPermissions, requiredPermission) {
-				return errors.Unauthorized.FiberError(c)
+				return errors.Forbidden.FiberError(c)
 			}
 		}
 

diff --git a/backend/src/middleware/club.go b/backend/src/middleware/club.go
@@ -40,5 +40,5 @@ func (m *AuthMiddlewareService) ClubAuthorizeById(c *fiber.Ctx) error {
 		return c.Next()
 	}
 
-	return errors.Unauthorized.FiberError(c)
+	return errors.Forbidden.FiberError(c)
 }
diff --git a/backend/src/middleware/user.go b/backend/src/middleware/user.go
@@ -31,5 +31,5 @@ func (m *AuthMiddlewareService) UserAuthorizeById(c *fiber.Ctx) error {
 		return c.Next()
 	}
 
-	return errors.Unauthorized.FiberError(c)
+	return errors.Forbidden.FiberError(c)
 }