Changing README and removing some hosting information

ggalmeida0 · Aug 28, 2023 · a81b4d6 · a81b4d6
1 parent e6966a7
commit a81b4d6
Show file tree

Hide file tree

Showing 12 changed files with 102 additions and 69 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,11 +1,15 @@
 #Vercel
 .vercel
 
+# Env variables
+.env
+
 # Service
 service/node_modules
-service/lambda
+service/lambda/lambda.zip
 service/dist
 service/lambda.logs
+service/env/dev-env-vars.json
 
 # Infra
 infra/*.js

diff --git a/README.md b/README.md
@@ -13,26 +13,63 @@
 
 To connect your local environment to the AWS account run `aws configure` and provide the credentials.
 
+## Deploy infrastructure
+
+### Create secrets in the AWS secret mananager console:
+
+1. Google OAuth Secrets (Needed for login with Google):
+
+   - Secret name: `googlecloud`
+   - Secret key: `BIO_GOOGLE_OAUTH_CLIENT_SECRET`
+   - Secret value: **Your Google OAuth Client Secret** ([Documentation](https://developers.google.com/identity/protocols/oauth2))
+
+2. OpenAI Secrets (Needed for using GPT as the LLM)
+
+   - Secret name: `openai`
+   - Secret key: `OPENAI_API_KEY`
+   - Secret value: **Your OpenAI API Key** ([Get it here](https://platform.openai.com))
+
+### Build service lambda code.
+
+Inside `service` directory, `npm run prod-build`
+
+### Setup the Environment Variables
+
+Add these in a .env file inside the root of the repo.
+
+- `GOOGLE_CLIENT_ID`: Your Google OAuth client id (should be in the same page as the client secret). Will be used by Congnito to perform Google login.
+- `OAUTH_CALLBACK_URL`: A comma separated list of URLs. These are the acceptable URLs to be redirected after performing OAuth, include localhost URLs.
+
+### Deploy cloud resources
+
+Inside the `infra` directory run `npx cdk deploy`. This will deploy all AWS resources.
+
 ## Running the service API locally
 
 We can use the SAM cli to spin up a local lambda and API gateway instance. This way we don't have to waste time deploying while we are developing.
 
-Go inside the `service` directory and run `npm start` to spin it up.
+### Setup the local lambda env vars:
 
-There is not local database setup, so all data interaction will be with the prod DDB. There are ways to setup DDB locally when we need to however.
+Create a file `service/env/dev-env-vars.json` with the form:
 
-## Running the UI
-
-To bring up the UI server in the web run `npm run web` inside the `ui` folder. This will run the web version of the UI with webpack.
+```json
+{
+  "Parameters": {
+    "USER_POOL_CLIENT_ID": "<Your user pool client id in AWS>",
+    "USER_POOL_ID": "<Your user pool id in AWS>"
+  }
+}
+```
 
-# Deploying to AWS
+Go inside the `service` directory and run `npm start` to spin it up.
 
-Once done developing locally we can deploy infrastructure and lambda code changes to the cloud.
+There is not local database setup, so all data interaction will be with the deployed DDB. There are [ways](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DynamoDBLocal.html) to setup DDB locally however.
 
-## Deploying lambda code
+## Running the UI
 
-Inside the `service` directory run `npm run deploy`. This will also deploy the infra changes.
+Go to `ui` folder, `npm i` to install dependencies. To bring up the UI server in the web run `npm run web` inside the `ui` folder. This will run the web version of the UI with webpack.
 
-## Deploy infra
+To deploy the UI or use the UI with a deployed backend, we need to set the appropiate environment variables:
 
-Inside the `infra` directory run `npx cdk deploy`. This will only deploy infra change, not lambda code.
+- `PROD_API_ENDPOINT` (Lambda function URL)
+- `UI_PROD_AUTH_REDIRECT_URI` (Domain to redirect to after OAuth is completed)
diff --git a/infra/README.md b/infra/README.md
diff --git a/infra/jest.config.js b/infra/jest.config.js
diff --git a/infra/lib/bio-stack.ts b/infra/lib/bio-stack.ts
@@ -10,11 +10,16 @@ import { Function, FunctionUrlAuthType } from 'aws-cdk-lib/aws-lambda';
 import { HttpMethod } from 'aws-cdk-lib/aws-events';
 import { CorsHttpMethod, HttpApi } from '@aws-cdk/aws-apigatewayv2-alpha';
 import { HttpLambdaIntegration } from '@aws-cdk/aws-apigatewayv2-integrations-alpha';
+import { getFromEnvironment } from './environment';
+import { configDotenv } from 'dotenv';
 
 export class BioStack extends cdk.Stack {
   constructor(scope: Construct, id: string, props?: cdk.StackProps) {
     super(scope, id, props);
-    const isDevEnv = !!process.env.IS_DEV_ENV;
+
+    configDotenv({ path: '../..' });
+    const { isDevEnv } = getFromEnvironment();
+
     const { userPool, client } = this.setupAuth();
     this.setupDatabase();
     this.setupService(userPool, client, isDevEnv);
@@ -152,24 +157,20 @@ export class BioStack extends cdk.Stack {
       },
     });
 
-    const callbackUrls = [
-      'http://localhost:19006/',
-      'https://app.windieting.ai',
-      'exp://192.168.1.243:19000',
-      'exp://192.168.1.114:19000',
-    ];
+    const { oAuthCallbackUrls: callbackUrls, googleClientId: clientId } =
+      getFromEnvironment();
+
     const client = userPool.addClient('BioAuthClient', {
       supportedIdentityProviders: [UserPoolClientIdentityProvider.GOOGLE],
       oAuth: {
-        callbackUrls: callbackUrls,
+        callbackUrls,
       },
     });
     const provider = new cdk.aws_cognito.UserPoolIdentityProviderGoogle(
       this,
       'Google',
       {
-        clientId:
-          '49839729668-9ptmk3o21cq41ekv1e1shkeqivgjrcjl.apps.googleusercontent.com',
+        clientId,
         clientSecretValue: googleClientSecret,
         userPool: userPool,
         scopes: ['email', 'openid'],

diff --git a/infra/lib/environment.ts b/infra/lib/environment.ts
@@ -0,0 +1,18 @@
+export type Environment = {
+  googleClientId: string;
+  isDevEnv: boolean;
+  oAuthCallbackUrls: string[];
+};
+
+export function getFromEnvironment(): Environment {
+  const googleClientId = process.env['GOOGLE_CLIENT_ID'];
+  const isDevEnv = !!process.env.IS_DEV_ENV;
+  const oAuthCallbackUrls = process.env.OAUTH_CALLBACK_URLS?.split(',');
+  if (googleClientId == null) {
+    throw new Error('Please set GOOGLE_CLIENT_ID. More details in README.md');
+  }
+  if (oAuthCallbackUrls == null) {
+    throw new Error('Please set OAUTH_CALLBACK_URL. More details in README.md');
+  }
+  return { googleClientId, isDevEnv, oAuthCallbackUrls };
+}
diff --git a/infra/package-lock.json b/infra/package-lock.json
diff --git a/infra/package.json b/infra/package.json
@@ -26,6 +26,7 @@
     "@aws-cdk/aws-apigatewayv2-integrations-alpha": "^2.81.0-alpha.0",
     "aws-cdk-lib": "^2.81.0",
     "constructs": "^10.0.0",
+    "dotenv": "^16.3.1",
     "source-map-support": "^0.5.21"
   }
 }
diff --git a/infra/test/infra.test.ts b/infra/test/infra.test.ts
diff --git a/service/lambda/bio-service.zip b/service/lambda/bio-service.zip
diff --git a/service/src/utils/authToken.ts b/service/src/utils/authToken.ts
@@ -1,10 +1,6 @@
 import { APIGatewayProxyEventV2 } from 'aws-lambda';
 import UnauthorizedError from '../errors/UnauthorizedError';
 
-const authorizedIssuers = [
-  'https://cognito-idp.eu-west-1.amazonaws.com/eu-west-1_123456789',
-];
-
 const base64UrlDecode = (str: string) => {
   const preProcessedStr =
     str.replace(/-/g, '+').replace(/_/g, '/') +

diff --git a/ui/app.config.js b/ui/app.config.js
@@ -1,3 +1,7 @@
+const prodApiEndpoint = process.env.PROD_API_ENDPOINT;
+const prodAuthRedirectUri = process.env.UI_PROD_AUTH_REDIRECT_URI;
+const easProjectId = process.env.EAS_PROJECT_ID;
+
 export default {
   expo: {
     name: 'bio',
@@ -27,12 +31,11 @@ export default {
     },
     extra: {
       env: process.env.EXPO_ENV,
-      prodApiEndpoint:
-        'https://uudihltgbu4wqxm3nckfe7ylgi0kzccx.lambda-url.us-east-2.on.aws',
+      prodApiEndpoint,
       webLocalApiEndpoint: 'http://localhost:3000',
-      prodAuthRedirectUri: 'https://app.windieting.ai',
+      prodAuthRedirectUri,
       eas: {
-        projectId: 'ea90ed3d-b94c-43c6-990a-d5e9decd48ff',
+        projectId: easProjectId,
       },
     },
   },