@intranefr/superbackend 1.7.7 → 1.7.9

package/autochangelog/src/app.js

@@ -0,0 +1,181 @@
+const express = require("express");
+const cors = require("cors");
+const helmet = require("helmet");
+const morgan = require("morgan");
+const rateLimit = require("express-rate-limit");
+const path = require("path");
+const logger = require("../utils/logger");
+
+// Import autochangelog-specific routes
+const projectRoutes = require("./routes/project.routes");
+const repositoryRoutes = require("./routes/repository.routes");
+const changelogRoutes = require("./routes/changelog.routes");
+const githubAuthRoutes = require("./routes/github-auth.routes"); // GitHub OAuth routes
+
+const app = express();
+
+// Security middleware
+app.use(
+  helmet({
+    crossOriginEmbedderPolicy: false,
+    contentSecurityPolicy: {
+      directives: {
+        defaultSrc: ["'self'"],
+        styleSrc: [
+          "'self'",
+          "'unsafe-inline'",
+          "https://cdn.tailwindcss.com",
+          "https://cdn.jsdelivr.net",
+        ],
+        scriptSrc: [
+          "'self'",
+          "'unsafe-inline'",
+          "'unsafe-eval'",
+          "https://cdn.tailwindcss.com",
+          "https://unpkg.com",
+          "https://cdn.jsdelivr.net",
+        ],
+        imgSrc: ["'self'", "data:", "https:", "http:"],
+        connectSrc: ["'self'", "https://api.github.com"],
+        fontSrc: [
+          "'self'",
+          "https://fonts.gstatic.com",
+          "https://cdn.jsdelivr.net",
+        ],
+        objectSrc: ["'none'"],
+        mediaSrc: ["'self'"],
+        frameSrc: ["'none'"],
+      },
+    },
+  }),
+);
+
+// CORS configuration
+app.use(
+  cors({
+    origin: process.env.FRONTEND_URL || "http://localhost:3000",
+    credentials: true,
+    methods: ["GET", "POST", "PUT", "DELETE", "OPTIONS"],
+    allowedHeaders: ["Content-Type", "Authorization", "X-Requested-With"],
+  }),
+);
+
+// Rate limiting
+const globalRateLimit = rateLimit({
+  windowMs: 15 * 60 * 1000, // 15 minutes
+  max: 1000, // limit each IP to 1000 requests per windowMs
+  message: {
+    success: false,
+    message: "Too many requests from this IP, please try again later.",
+  },
+  standardHeaders: true,
+  legacyHeaders: false,
+});
+
+app.use(globalRateLimit);
+
+// Body parsing middleware
+app.use(express.json({ limit: "10mb" }));
+app.use(express.urlencoded({ extended: true, limit: "10mb" }));
+
+// Static files
+app.use(express.static(path.join(__dirname, "../public")));
+
+// View engine setup
+app.set("view engine", "ejs");
+app.set("views", path.join(__dirname, "../views"));
+
+// Logging middleware
+if (process.env.NODE_ENV === "development") {
+  app.use(morgan("dev"));
+} else {
+  app.use(
+    morgan("combined", {
+      stream: {
+        write: (message) => logger.info(message.trim()),
+      },
+    }),
+  );
+}
+
+// Request logging middleware
+app.use((req, res, next) => {
+  logger.info(`${req.method} ${req.path} - ${req.ip}`);
+  next();
+});
+
+// Health check endpoint
+app.get("/health", (req, res) => {
+  res.json({
+    success: true,
+    message: "AutoChangelog API is running",
+    timestamp: new Date().toISOString(),
+    uptime: process.uptime(),
+  });
+});
+
+// Landing page route
+app.get("/", (req, res) => {
+  res.render("index", {
+    title: "AutoChangelog - Automated Changelog Generation",
+    user: req.user || null,
+  });
+});
+
+// Auth pages (EJS views - API calls go to /api/auth/* provided by SuperBackend)
+app.get("/auth/login", (req, res) => {
+  res.render("login", { title: "Login - AutoChangelog" });
+});
+
+app.get("/auth/register", (req, res) => {
+  res.render("register", { title: "Create Account - AutoChangelog" });
+});
+
+app.get("/auth/logout", (req, res) => {
+  res.redirect("/auth/login");
+});
+
+// Dashboard route
+app.get("/dashboard", (req, res) => {
+  res.render("dashboard", {
+    title: "Dashboard - AutoChangelog",
+    user: req.user || null,
+  });
+});
+
+// AutoChangelog-specific API routes
+// Note: SuperBackend provides /api/auth/*, /api/users/*, /api/orgs/*, /api/billing/*
+// SuperBackend middleware is mounted in server.js AFTER this app is built,
+// so we must NOT have a catch-all 404 here — it's registered in server.js instead
+app.use("/api/projects", projectRoutes);
+app.use("/api/repositories", repositoryRoutes);
+app.use("/api/changelogs", changelogRoutes);
+app.use("/auth", githubAuthRoutes); // GitHub OAuth: /auth/github and /auth/github/callback
+
+// GitHub webhook endpoint (public)
+app.post("/api/webhooks/github", (req, res) => {
+  logger.info("GitHub webhook received");
+  res.status(200).json({ success: true, message: "Webhook received" });
+});
+
+// Global error handler
+app.use((err, req, res, next) => {
+  logger.error("Unhandled error:", err);
+
+  const errorResponse = {
+    success: false,
+    message:
+      process.env.NODE_ENV === "production"
+        ? "Internal server error"
+        : err.message,
+  };
+
+  if (process.env.NODE_ENV !== "production") {
+    errorResponse.stack = err.stack;
+    errorResponse.details = err;
+  }
+
+  res.status(err.status || 500).json(errorResponse);
+});
+
+module.exports = app;

package/autochangelog/src/config/database.js

@@ -0,0 +1,26 @@
+const mongoose = require("mongoose");
+const logger = require("../../utils/logger");
+
+const connectDB = async () => {
+  try {
+    const conn = await mongoose.connect(process.env.MONGODB_URI);
+
+    logger.info(`MongoDB Connected: ${conn.connection.host}`);
+  } catch (error) {
+    logger.error("Database connection error:", error);
+    process.exit(1);
+  }
+};
+
+const disconnectDB = async () => {
+  try {
+    await mongoose.disconnect();
+    logger.info("MongoDB disconnected");
+  } catch (error) {
+    logger.error("Error disconnecting from MongoDB:", error);
+  }
+};
+
+module.exports = connectDB;
+module.exports.connectDB = connectDB;
+module.exports.disconnectDB = disconnectDB;

package/autochangelog/src/controllers/auth.js

@@ -0,0 +1,488 @@
+const bcrypt = require('bcryptjs');
+const jwt = require('jsonwebtoken');
+const User = require('../models/User');
+const GitHubService = require('../services/github');
+const logger = require('../../utils/logger');
+
+// Register a new user
+const register = async (req, res) => {
+  try {
+    const { email, password, name } = req.body;
+
+    // Validation
+    if (!email || !password) {
+      return res.status(400).json({
+        success: false,
+        message: 'Email and password are required.',
+      });
+    }
+
+    if (password.length < 6) {
+      return res.status(400).json({
+        success: false,
+        message: 'Password must be at least 6 characters long.',
+      });
+    }
+
+    // Check if user already exists
+    const existingUser = await User.findOne({ email: email.toLowerCase() });
+    if (existingUser) {
+      return res.status(400).json({
+        success: false,
+        message: 'User with this email already exists.',
+      });
+    }
+
+    // Create new user
+    const user = new User({
+      email: email.toLowerCase(),
+      password,
+      name,
+    });
+
+    await user.save();
+
+    // Generate JWT token
+    const token = jwt.sign(
+      { userId: user._id },
+      process.env.JWT_SECRET,
+      { expiresIn: process.env.JWT_EXPIRES_IN || '7d' }
+    );
+
+    logger.info(`User registered successfully: ${user.email}`);
+    
+    res.status(201).json({
+      success: true,
+      message: 'User registered successfully.',
+      data: {
+        user: user.toJSON(),
+        token,
+      },
+    });
+  } catch (error) {
+    logger.error('Registration error:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Internal server error.',
+    });
+  }
+};
+
+// Login user
+const login = async (req, res) => {
+  try {
+    const { email, password } = req.body;
+
+    // Validation
+    if (!email || !password) {
+      return res.status(400).json({
+        success: false,
+        message: 'Email and password are required.',
+      });
+    }
+
+    // Find user
+    const user = await User.findOne({ email: email.toLowerCase() });
+    if (!user) {
+      return res.status(401).json({
+        success: false,
+        message: 'Invalid email or password.',
+      });
+    }
+
+    // Check if account is active
+    if (!user.isActive) {
+      return res.status(401).json({
+        success: false,
+        message: 'Account is inactive.',
+      });
+    }
+
+    // Check password
+    const isPasswordValid = await user.comparePassword(password);
+    if (!isPasswordValid) {
+      // Increment login attempts
+      await user.incLoginAttempts();
+      return res.status(401).json({
+        success: false,
+        message: 'Invalid email or password.',
+      });
+    }
+
+    // Reset login attempts on successful login
+    await user.resetLoginAttempts();
+    
+    // Update last login
+    await user.updateOne({ lastLogin: new Date() });
+
+    // Generate JWT token
+    const token = jwt.sign(
+      { userId: user._id },
+      process.env.JWT_SECRET,
+      { expiresIn: process.env.JWT_EXPIRES_IN || '7d' }
+    );
+
+    logger.info(`User logged in successfully: ${user.email}`);
+    
+    res.json({
+      success: true,
+      message: 'Login successful.',
+      data: {
+        user: user.toJSON(),
+        token,
+      },
+    });
+  } catch (error) {
+    logger.error('Login error:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Internal server error.',
+    });
+  }
+};
+
+// GitHub OAuth login
+const githubLogin = async (req, res) => {
+  try {
+    const authUrl = GitHubService.getAuthURL();
+    res.json({
+      success: true,
+      data: {
+        authUrl,
+      },
+    });
+  } catch (error) {
+    logger.error('GitHub login error:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Internal server error.',
+    });
+  }
+};
+
+// GitHub OAuth callback
+const githubCallback = async (req, res) => {
+  try {
+    const { code, state } = req.query;
+
+    if (!code) {
+      return res.status(400).json({
+        success: false,
+        message: 'Authorization code not provided.',
+      });
+    }
+
+    // Exchange code for access token
+    const tokenResponse = await GitHubService.getAccessToken(code);
+    
+    if (!tokenResponse.access_token) {
+      return res.status(400).json({
+        success: false,
+        message: 'Failed to get access token from GitHub.',
+      });
+    }
+
+    const accessToken = tokenResponse.access_token;
+
+    // Get user information from GitHub
+    const githubUser = await GitHubService.getUser(accessToken);
+
+    // Find or create user in our database
+    let user = await User.findOne({ githubId: githubUser.id });
+
+    if (!user) {
+      // Check if user exists with email
+      user = await User.findOne({ email: githubUser.email });
+
+      if (user) {
+        // Update existing user with GitHub info
+        user.githubId = githubUser.id;
+        user.githubUsername = githubUser.login;
+        user.githubAccessToken = accessToken;
+        user.githubRefreshToken = tokenResponse.refresh_token;
+        user.githubEmail = githubUser.email;
+        user.name = user.name || githubUser.name || githubUser.login;
+        user.avatar = githubUser.avatar_url;
+      } else {
+        // Create new user
+        user = new User({
+          email: githubUser.email,
+          name: githubUser.name || githubUser.login,
+          githubId: githubUser.id,
+          githubUsername: githubUser.login,
+          githubAccessToken: accessToken,
+          githubRefreshToken: tokenResponse.refresh_token,
+          githubEmail: githubUser.email,
+          avatar: githubUser.avatar_url,
+          // Password is not required for GitHub auth, but we'll set a random one
+          password: Math.random().toString(36).slice(-8),
+        });
+      }
+
+      await user.save();
+    } else {
+      // Update existing GitHub user
+      user.githubAccessToken = accessToken;
+      user.githubRefreshToken = tokenResponse.refresh_token;
+      user.name = user.name || githubUser.name || githubUser.login;
+      user.avatar = githubUser.avatar_url;
+      await user.save();
+    }
+
+    // Generate JWT token
+    const token = jwt.sign(
+      { userId: user._id },
+      process.env.JWT_SECRET,
+      { expiresIn: process.env.JWT_EXPIRES_IN || '7d' }
+    );
+
+    logger.info(`User logged in via GitHub: ${user.email}`);
+    
+    res.json({
+      success: true,
+      message: 'GitHub authentication successful.',
+      data: {
+        user: user.toJSON(),
+        token,
+      },
+    });
+  } catch (error) {
+    logger.error('GitHub callback error:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Internal server error.',
+    });
+  }
+};
+
+// Get current user profile
+const getProfile = async (req, res) => {
+  try {
+    const user = await User.findById(req.user._id).select('-password -githubAccessToken -githubRefreshToken');
+    
+    if (!user) {
+      return res.status(404).json({
+        success: false,
+        message: 'User not found.',
+      });
+    }
+
+    res.json({
+      success: true,
+      data: {
+        user: user.toJSON(),
+      },
+    });
+  } catch (error) {
+    logger.error('Get profile error:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Internal server error.',
+    });
+  }
+};
+
+// Update user profile
+const updateProfile = async (req, res) => {
+  try {
+    const { name, email, preferences } = req.body;
+
+    const user = await User.findById(req.user._id);
+    if (!user) {
+      return res.status(404).json({
+        success: false,
+        message: 'User not found.',
+      });
+    }
+
+    // Update fields
+    if (name) user.name = name;
+    if (email && email !== user.email) {
+      // Check if email is already taken
+      const existingUser = await User.findOne({ email: email.toLowerCase(), _id: { $ne: user._id } });
+      if (existingUser) {
+        return res.status(400).json({
+          success: false,
+          message: 'Email is already taken.',
+        });
+      }
+      user.email = email.toLowerCase();
+    }
+    if (preferences) {
+      user.preferences = { ...user.preferences, ...preferences };
+    }
+
+    await user.save();
+
+    logger.info(`User profile updated: ${user.email}`);
+    
+    res.json({
+      success: true,
+      message: 'Profile updated successfully.',
+      data: {
+        user: user.toJSON(),
+      },
+    });
+  } catch (error) {
+    logger.error('Update profile error:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Internal server error.',
+    });
+  }
+};
+
+// Change password
+const changePassword = async (req, res) => {
+  try {
+    const { currentPassword, newPassword } = req.body;
+
+    if (!currentPassword || !newPassword) {
+      return res.status(400).json({
+        success: false,
+        message: 'Current password and new password are required.',
+      });
+    }
+
+    if (newPassword.length < 6) {
+      return res.status(400).json({
+        success: false,
+        message: 'New password must be at least 6 characters long.',
+      });
+    }
+
+    const user = await User.findById(req.user._id);
+    if (!user) {
+      return res.status(404).json({
+        success: false,
+        message: 'User not found.',
+      });
+    }
+
+    // Check current password
+    const isCurrentPasswordValid = await user.comparePassword(currentPassword);
+    if (!isCurrentPasswordValid) {
+      return res.status(400).json({
+        success: false,
+        message: 'Current password is incorrect.',
+      });
+    }
+
+    // Update password
+    user.password = newPassword;
+    await user.save();
+
+    logger.info(`Password changed for user: ${user.email}`);
+    
+    res.json({
+      success: true,
+      message: 'Password changed successfully.',
+    });
+  } catch (error) {
+    logger.error('Change password error:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Internal server error.',
+    });
+  }
+};
+
+// Logout (client-side token removal, server-side we can implement token blacklisting if needed)
+const logout = async (req, res) => {
+  try {
+    // In a more sophisticated implementation, you might want to blacklist the token
+    // For now, we'll just return success and let the client handle token removal
+    
+    logger.info(`User logged out: ${req.user.email}`);
+    
+    res.json({
+      success: true,
+      message: 'Logout successful.',
+    });
+  } catch (error) {
+    logger.error('Logout error:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Internal server error.',
+    });
+  }
+};
+
+// Refresh token
+const refreshToken = async (req, res) => {
+  try {
+    const user = await User.findById(req.user._id);
+    if (!user || !user.isActive) {
+      return res.status(401).json({
+        success: false,
+        message: 'Invalid user or inactive account.',
+      });
+    }
+
+    // Generate new token
+    const token = jwt.sign(
+      { userId: user._id },
+      process.env.JWT_SECRET,
+      { expiresIn: process.env.JWT_EXPIRES_IN || '7d' }
+    );
+
+    res.json({
+      success: true,
+      message: 'Token refreshed successfully.',
+      data: {
+        token,
+      },
+    });
+  } catch (error) {
+    logger.error('Refresh token error:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Internal server error.',
+    });
+  }
+};
+
+// Delete account
+const deleteAccount = async (req, res) => {
+  try {
+    const user = await User.findById(req.user._id);
+    if (!user) {
+      return res.status(404).json({
+        success: false,
+        message: 'User not found.',
+      });
+    }
+
+    // TODO: Handle cleanup of user data (projects, repositories, changelogs)
+    // For now, we'll just deactivate the account
+    user.isActive = false;
+    user.email = `deleted_${Date.now()}_${user.email}`;
+    await user.save();
+
+    logger.info(`User account deactivated: ${user.email}`);
+    
+    res.json({
+      success: true,
+      message: 'Account deactivated successfully.',
+    });
+  } catch (error) {
+    logger.error('Delete account error:', error);
+    res.status(500).json({
+      success: false,
+      message: 'Internal server error.',
+    });
+  }
+};
+
+module.exports = {
+  register,
+  login,
+  githubLogin,
+  githubCallback,
+  getProfile,
+  updateProfile,
+  changePassword,
+  logout,
+  refreshToken,
+  deleteAccount,
+};