Trpc

api/package.json

@@ -6,9 +6,11 @@
     "start": "node dist/app.js",
     "dev": "tsc-watch --onSuccess \"npm start\"",
     "build": "tsc",
-    "lint": "eslint . --ext ts,tsx --report-unused-disable-directives --max-warnings 0 && tsc --noEmit"
+    "lint": "eslint . --ext ts,tsx --report-unused-disable-directives --max-warnings 0 && tsc --noEmit",
+    "prepare": "ts-patch install && typia patch"
   },
   "dependencies": {
+    "@trpc/server": "^10.45.1",
     "@vendia/serverless-express": "^4.10.1",
     "axios": "^1.6.5",
     "connect-mongodb-session": "^5.0.0",
@@ -20,7 +22,8 @@
     "morgan": "^1.10.0",
     "passport": "^0.7.0",
     "passport-google-oauth": "^2.0.0",
-    "typescript": "^5.3.3"
+    "typia": "^5.5.7",
+    "zod": "^3.22.4"
   },
   "devDependencies": {
     "@types/connect-mongodb-session": "^2.4.2",
@@ -35,6 +38,9 @@
     "@typescript-eslint/parser": "^6.19.0",
     "eslint": "^8.56.0",
     "eslint-config-prettier": "^9.1.0",
-    "tsc-watch": "^6.0.4"
+    "ts-node": "^10.9.2",
+    "ts-patch": "^3.1.2",
+    "tsc-watch": "^6.0.4",
+    "typescript": "^5.4.2"
   }
 }

api/src/app.ts

@@ -11,6 +11,7 @@ import session from 'express-session';
 import MongoDBStore from 'connect-mongodb-session';
 import dotenv from 'dotenv-flow';
 import serverlessExpress from '@vendia/serverless-express';
+import * as trpcExpress from '@trpc/server/adapters/express';
 import mongoose, { Mongoose } from 'mongoose';
 // load env
 dotenv.config();
@@ -19,15 +20,13 @@ dotenv.config();
 import { DB_NAME, COLLECTION_NAMES } from './helpers/mongo';
 
 // Custom Routes
-import coursesRouter from './controllers/courses';
-import professorsRouter from './controllers/professors';
-import scheduleRouter from './controllers/schedule';
 import reviewsRouter from './controllers/reviews';
-import usersRouter from './controllers/users';
 import roadmapRouter from './controllers/roadmap';
-import reportsRouter from './controllers/reports';
+import authRouter from './controllers/auth';
 
 import { SESSION_LENGTH } from './config/constants';
+import { createContext } from './helpers/trpc';
+import { appRouter } from './controllers';
 
 // instantiate app
 const app = express();
@@ -91,15 +90,19 @@ app.use(function (req, res, next) {
  */
 
 // Enable custom routes
-const router = express.Router();
-router.use('/courses', coursesRouter);
-router.use('/professors', professorsRouter);
-router.use('/schedule', scheduleRouter);
-router.use('/reviews', reviewsRouter);
-router.use('/users', usersRouter);
-router.use('/roadmap', roadmapRouter);
-router.use('/reports', reportsRouter);
-app.use('/api', router);
+const expressRouter = express.Router();
+expressRouter.use('/reviews', reviewsRouter);
+expressRouter.use('/roadmap', roadmapRouter);
+expressRouter.use('/users/auth', authRouter);
+expressRouter.use(
+  '/trpc',
+  trpcExpress.createExpressMiddleware({
+    router: appRouter,
+    createContext,
+  }),
+);
+
+app.use('/api', expressRouter);
 
 /**
  * Error Handler

api/src/controllers/auth.ts

@@ -0,0 +1,91 @@
+import express, { Request, Response } from 'express';
+import passport from 'passport';
+import { SESSION_LENGTH } from '../config/constants';
+import { User } from 'express-session';
+
+const router = express.Router();
+
+/**
+ * Called after successful authentication
+ * @param req Express Request Object
+ * @param res Express Response Object
+ */
+function successLogin(req: Request, res: Response) {
+  console.log('Logged in', req.user);
+  // set the user cookie
+  res.cookie('user', req.user, {
+    maxAge: SESSION_LENGTH,
+  });
+  // redirect browser to the page they came from
+  const returnTo = req.session.returnTo ?? '/';
+  delete req.session.returnTo;
+  res.redirect(returnTo!);
+}
+
+/**
+ * Initiate authentication with Google
+ */
+router.get('/google', function (req, res) {
+  req.session.returnTo = req.headers.referer;
+  passport.authenticate('google', {
+    scope: ['https://www.googleapis.com/auth/userinfo.profile', 'https://www.googleapis.com/auth/userinfo.email'],
+    state: req.headers.host,
+  })(req, res);
+});
+
+/**
+ * Callback for Google authentication
+ */
+router.get('/google/callback', function (req, res) {
+  const returnTo = req.session.returnTo;
+  const host: string = req.query.state as string;
+  // all staging auths will redirect their callback to prod since all callback URLs must be registered
+  // with google cloud for security reasons and it isn't feasible to register the callback URLs for all
+  // staging instances
+  // if we are not on a staging instance (on prod or local) but original host is a staging instance, redirect back to host
+  if (host.startsWith('staging-') && !req.headers.host?.startsWith('staging')) {
+    // req.url doesn't include /api/users part, only /auth/google/callback? and whatever params after that
+    res.redirect('https://' + host + '/api/users' + req.url);
+    return;
+  }
+  passport.authenticate(
+    'google',
+    { failureRedirect: '/', session: true },
+    // provides user information to determine whether or not to authenticate
+    function (err: Error, user: User | false | null) {
+      if (err) console.error(err);
+      else if (!user) console.error('Invalid login data');
+      else {
+        // manually login
+        req.login(user, function (err) {
+          if (err) console.error(err);
+          else {
+            // check if user is an admin
+            const allowedUsers = JSON.parse(process.env.ADMIN_EMAILS ?? '[]');
+            if (allowedUsers.includes(user.email)) {
+              console.log('AUTHORIZED AS ADMIN');
+              req.session.passport!.admin = true;
+            }
+            req.session.returnTo = returnTo;
+            successLogin(req, res);
+          }
+        });
+      }
+    },
+  )(req, res);
+});
+
+/**
+ * Endpoint to logout
+ */
+router.get('/logout', function (req, res) {
+  console.log('Logging out', req.user);
+  req.session.destroy(function (err) {
+    if (err) console.log(err);
+    // clear the user cookie
+    res.clearCookie('user');
+    res.redirect('back');
+  });
+});
+
+export default router;

api/src/controllers/courses.ts

@@ -2,69 +2,71 @@
  @module CoursesRoute
 */
 
-import express, { Request } from 'express';
 import { getCourseQuery } from '../helpers/gql';
-const router = express.Router();
+import { publicProcedure, router } from '../helpers/trpc';
+import typia from 'typia';
 
-/**
- * PPAPI proxy for course data
- */
-router.get('/api', (req: Request<never, unknown, never, { courseID: string }, never>, res) => {
-  const r = fetch(process.env.PUBLIC_API_URL + 'courses/' + encodeURIComponent(req.query.courseID), {
-    headers: {
-      'Content-Type': 'application/json',
-      Accept: 'application/json',
-    },
-  });
-  console.log(req.query.courseID);
-
-  r.then((response) => response.json()).then((data) => res.send(data.payload));
-});
-
-/**
- * PPAPI proxy for course data
- */
-router.post('/api/batch', (req: Request<never, unknown, { courses: string[] }, never>, res) => {
-  if (req.body.courses.length == 0) {
-    res.json({});
-  } else {
-    const r = fetch(process.env.PUBLIC_API_GRAPHQL_URL, {
-      method: 'POST',
+const coursesRouter = router({
+  /**
+   * PPAPI proxy for getting course data
+   */
+  get: publicProcedure.input(typia.createAssert<{ courseID: number }>()).query(async ({ input }) => {
+    const r = fetch(process.env.PUBLIC_API_URL + 'courses/' + encodeURIComponent(input.courseID), {
       headers: {
         'Content-Type': 'application/json',
+        Accept: 'application/json',
       },
-      body: JSON.stringify({
-        query: getCourseQuery(req.body.courses),
-      }),
     });
+    console.log(input.courseID);
 
-    r.then((response) => response.json()).then((data) =>
-      res.json(
-        Object.fromEntries(
-          Object.values(data.data)
-            .filter((x) => x !== null)
-            .map((x) => [(x as { id: string }).id, x]),
-        ),
-      ),
-    );
-  }
-});
+    return r.then((response) => response.json()).then((data) => data.payload);
+  }),
 
-/**
- * PPAPI proxy for grade distribution
- */
-router.get('/api/grades', (req: Request<never, unknown, never, { department: string; number: string }>, res) => {
-  const r = fetch(
-    process.env.PUBLIC_API_URL +
-      'grades/raw?department=' +
-      encodeURIComponent(req.query.department) +
-      '&courseNumber=' +
-      req.query.number,
-  );
+  /**
+   * PPAPI proxy for batch course data
+   */
+  batch: publicProcedure.input(typia.createAssert<{ courses: string[] }>()).mutation(async ({ input }) => {
+    if (input.courses.length == 0) {
+      return {};
+    } else {
+      const r = fetch(process.env.PUBLIC_API_GRAPHQL_URL!, {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json',
+        },
+        body: JSON.stringify({
+          query: getCourseQuery(input.courses),
+        }),
+      });
+
+      return r
+        .then((response) => response.json())
+        .then((data) =>
+          Object.fromEntries(
+            Object.values(data.data)
+              .filter((x) => x !== null)
+              .map((x) => [(x as { id: string }).id, x]),
+          ),
+        );
+    }
+  }),
+
+  /**
+   * PPAPI proxy for grade distribution
+   */
+  grades: publicProcedure
+    .input(typia.createAssert<{ department: string; number: string }>())
+    .query(async ({ input }) => {
+      const r = fetch(
+        process.env.PUBLIC_API_URL +
+          'grades/raw?department=' +
+          encodeURIComponent(input.department) +
+          '&courseNumber=' +
+          input.number,
+      );
 
-  r.then((response) => response.json()).then((data) => {
-    res.send(data.payload);
-  });
+      return r.then((response) => response.json()).then((data) => data.payload);
+    }),
 });
 
-export default router;
+export default coursesRouter;

api/src/controllers/index.ts

@@ -0,0 +1,22 @@
+import { publicProcedure, router } from '../helpers/trpc';
+import coursesRouter from './courses';
+import professorsRouter from './professors';
+import reportsRouter from './reports';
+import scheduleRouter from './schedule';
+import usersRouter from './users';
+
+export const appRouter = router({
+  greeting: publicProcedure.query(({ ctx }) => {
+    console.log(ctx.req.session.passport?.user);
+    return 'hello ' + ctx.req.session.passport?.user.name;
+  }),
+  courses: coursesRouter,
+  professors: professorsRouter,
+  reports: reportsRouter,
+  schedule: scheduleRouter,
+  users: usersRouter,
+});
+
+// Export only the type of a router!
+// This prevents us from importing server code on the client.
+export type AppRouter = typeof appRouter;