@studious-lms/server 1.0.1 → 1.0.3

package/src/middleware/auth.ts

@@ -0,0 +1,191 @@
+import { TRPCError } from '@trpc/server';
+import { prisma } from '../lib/prisma';
+import type { MiddlewareContext } from '../types/trpc';
+
+export const createAuthMiddleware = (t: any) => {
+
+  // Auth middleware
+  const isAuthed = t.middleware(async ({ next, ctx }: MiddlewareContext) => {
+    const startTime = Date.now();
+    // Get user from request headers
+    const userHeader = ctx.req.headers['x-user'];
+
+    if (!userHeader) {
+      throw new TRPCError({
+        code: 'UNAUTHORIZED',
+        message: 'Not authenticated - no token found',
+      });
+    }
+
+    try {
+      const token = typeof userHeader === 'string' ? userHeader : userHeader[0];
+
+      // Find user by session token
+      const user = await prisma.user.findFirst({
+        where: {
+          sessions: {
+            some: {
+              id: token
+            }
+          }
+        },
+        select: {
+          id: true,
+          username: true,
+          // institutionId: true,
+        }
+      });
+
+      if (!user) {
+        throw new TRPCError({
+          code: 'UNAUTHORIZED',
+          message: 'Invalid or expired session',
+        });
+      }
+
+      console.log(user)
+
+      return next({
+        ctx: {
+          ...ctx,
+          user,
+        },
+      });
+    } catch (error) {
+      console.log(error)
+      throw new TRPCError({
+        code: 'UNAUTHORIZED',
+        message: 'Invalid user data',
+      });
+    }
+  });
+
+  // Add computed flags middleware
+  const addComputedFlags = t.middleware(async ({ next, ctx }: MiddlewareContext) => {
+    if (!ctx.user) {
+      throw new TRPCError({
+        code: 'UNAUTHORIZED',
+        message: 'Not authenticated',
+      });
+    }
+
+    // Get all classes where user is a teacher
+    const teacherClasses = await prisma.class.findMany({
+      where: {
+        teachers: {
+          some: {
+            id: ctx.user.id
+          }
+        }
+      },
+      select: {
+        id: true
+      }
+    });
+
+    return next({
+      ctx: {
+        ...ctx,
+        isTeacher: teacherClasses.length > 0,
+        teacherClassIds: teacherClasses.map((c: { id: string }) => c.id)
+      }
+    });
+  });
+
+  // Student middleware
+  const isMemberInClass = t.middleware(async ({ next, ctx, input }: MiddlewareContext) => {
+    if (!ctx.user) {
+      throw new TRPCError({
+        code: 'UNAUTHORIZED',
+        message: 'Not authenticated',
+      });
+    }
+
+    const classId = (input as { classId: string })?.classId;
+
+    if (!classId) {
+      throw new TRPCError({
+        code: 'BAD_REQUEST',
+        message: 'classId is required',
+      });
+    }
+
+    const isMember = await prisma.class.findFirst({
+      where: {
+        id: classId,
+        OR: [
+          {
+            students: {
+              some: {
+                id: ctx.user.id
+              }
+            }
+          },
+          {
+            teachers: {
+              some: {
+                id: ctx.user.id
+              }
+            }
+          }
+        ]
+      }
+    });
+
+    if (!isMember) {
+      throw new TRPCError({
+        code: 'FORBIDDEN',
+        message: 'Not a member in this class',
+      });
+    }
+
+    return next();
+  });
+
+  // Teacher middleware
+  const isTeacherInClass = t.middleware(async ({ next, ctx, input }: MiddlewareContext) => {
+    if (!ctx.user) {
+      throw new TRPCError({
+        code: 'UNAUTHORIZED',
+        message: 'Not authenticated',
+      });
+    }
+
+    const classId = input.classId;
+    if (!classId) {
+      throw new TRPCError({
+        code: 'BAD_REQUEST',
+        message: 'classId is required',
+      });
+    }
+
+    const isTeacher = await prisma.class.findFirst({
+      where: {
+        id: classId,
+        teachers: {
+          some: {
+            id: ctx.user.id
+          }
+        }
+      }
+    });
+
+
+
+    if (!isTeacher) {
+      throw new TRPCError({
+        code: 'FORBIDDEN',
+        message: 'Not a teacher in this class',
+      });
+    }
+
+    return next();
+  });
+
+  return {
+    isAuthed,
+    addComputedFlags,
+    isMemberInClass,
+    isTeacherInClass,
+  };
+}; 

package/src/middleware/logging.ts

@@ -0,0 +1,54 @@
+import type { MiddlewareContext } from '../types/trpc';
+import { logger } from '../utils/logger';
+
+export const createLoggingMiddleware = (t: any) => {
+  return t.middleware(async ({ path, type, next, ctx }: MiddlewareContext) => {
+    const start = Date.now();
+    const requestId = crypto.randomUUID();
+
+    // Log request
+    logger.info('tRPC Request', {
+      requestId,
+      path,
+      type,
+      // input,
+      timestamp: new Date().toISOString(),
+    });
+
+    try {
+      const result = await next();
+      const durationMs = Date.now() - start;
+
+      // Log successful response
+      logger.info('tRPC Response', {
+        requestId,
+        path,
+        type,
+        durationMs,
+        ok: result.ok,
+        timestamp: new Date().toISOString(),
+      });
+
+      return result;
+    } catch (error) {
+      const durationMs = Date.now() - start;
+
+      // Log error response
+      logger.error('tRPC Error' + path, {
+        requestId,
+        path,
+        type,
+        durationMs,
+        error: error instanceof Error ? {
+          path,
+          name: error.name,
+          message: error.message,
+          stack: error.stack,
+        } : error,
+        timestamp: new Date().toISOString(),
+      });
+
+      throw error;
+    }
+  });
+}; 

package/src/routers/_app.ts

@@ -0,0 +1,34 @@
+import { createTRPCRouter } from "../trpc";
+import { classRouter } from "./class";
+import { announcementRouter } from "./announcement";
+import { assignmentRouter } from "./assignment";
+import { userRouter } from "./user";
+import { createCallerFactory } from "../trpc";
+import type { inferRouterInputs, inferRouterOutputs } from "@trpc/server";
+import { sectionRouter } from "./section";
+import { attendanceRouter } from "./attendance";
+import { eventRouter } from "./event";
+import { authRouter } from "./auth";
+import { agendaRouter } from "./agenda";
+import { fileRouter } from "./file";
+
+export const appRouter = createTRPCRouter({
+  class: classRouter,
+  announcement: announcementRouter,
+  assignment: assignmentRouter,
+  user: userRouter,
+  section: sectionRouter,
+  attendance: attendanceRouter,
+  event: eventRouter,
+  auth: authRouter,
+  agenda: agendaRouter,
+  file: fileRouter,
+});
+
+// Export type router type definition
+export type AppRouter = typeof appRouter;
+export type RouterInputs = inferRouterInputs<AppRouter>;
+export type RouterOutputs = inferRouterOutputs<AppRouter>;
+
+// Export caller
+export const createCaller = createCallerFactory(appRouter); 

package/src/routers/agenda.ts

@@ -0,0 +1,79 @@
+import { z } from "zod";
+import { createTRPCRouter, protectedProcedure } from "../trpc";
+import { prisma } from "../lib/prisma";
+import { TRPCError } from "@trpc/server";
+import { addDays, startOfDay, endOfDay } from "date-fns";
+
+export const agendaRouter = createTRPCRouter({
+  get: protectedProcedure
+    .input(z.object({
+      weekStart: z.string(),
+    }))
+    .query(async ({ ctx, input }) => {
+      if (!ctx.user) {
+        throw new TRPCError({
+          code: "UNAUTHORIZED",
+          message: "You must be logged in to get your agenda",
+        });
+      }
+
+      const weekStart = startOfDay(new Date(input.weekStart));
+      const weekEnd = endOfDay(addDays(weekStart, 6));
+
+      const [personalEvents, classEvents] = await Promise.all([
+        // Get personal events
+        prisma.event.findMany({
+          where: {
+            userId: ctx.user.id,
+            startTime: {
+              gte: weekStart,
+              lte: weekEnd,
+            },
+            class: {
+              is: null,
+            },
+          },
+          include: {
+            class: true,
+          },
+        }),
+        // Get class events
+        prisma.event.findMany({
+          where: {
+            class: {
+              OR: [
+                {
+                  teachers: {
+                    some: {
+                      id: ctx.user.id,
+                    },
+                  },
+                },
+                {
+                  students: {
+                    some: {
+                      id: ctx.user.id,
+                    },
+                  },
+                },
+              ],
+            },
+            startTime: {
+              gte: weekStart,
+              lte: weekEnd,
+            },
+          },
+          include: {
+            class: true,
+          },
+        }),
+      ]);
+
+      return {
+        events: {
+          personal: personalEvents,
+          class: classEvents,
+        },
+      };
+    }),
+}); 

package/src/routers/announcement.ts

@@ -0,0 +1,134 @@
+import { z } from "zod";
+import { createTRPCRouter, protectedClassMemberProcedure, protectedTeacherProcedure, protectedProcedure } from "../trpc";
+import { prisma } from "../lib/prisma";
+import { TRPCError } from "@trpc/server";
+
+const AnnouncementSelect = {
+    id: true,
+    teacher: {
+        select: {
+            id: true,
+            username: true,
+        },
+    },
+    remarks: true,
+    createdAt: true,
+};
+
+export const announcementRouter = createTRPCRouter({
+    getAll: protectedClassMemberProcedure
+        .input(z.object({
+            classId: z.string(),
+        }))
+        .query(async ({ ctx, input }) => {
+            const announcements = await prisma.announcement.findMany({
+                where: {
+                    classId: input.classId,
+                },
+                select: AnnouncementSelect,
+                orderBy: {
+                    createdAt: 'desc',
+                },
+            });
+
+            return {
+                announcements,
+            };
+        }),
+
+    create: protectedTeacherProcedure
+        .input(z.object({
+            classId: z.string(),
+            remarks: z.string(),
+        }))
+        .mutation(async ({ ctx, input }) => {
+            const announcement = await prisma.announcement.create({
+                data: {
+                    remarks: input.remarks,
+                    teacher: {
+                        connect: {
+                            id: ctx.user?.id,
+                        },
+                    },
+                    class: {
+                        connect: {
+                            id: input.classId,
+                        },
+                    },
+                },
+                select: AnnouncementSelect,
+            });
+
+            return {
+                announcement,
+            };
+        }),
+
+    update: protectedProcedure
+        .input(z.object({
+            id: z.string(),
+            data: z.object({
+                content: z.string(),
+            }),
+        }))
+        .mutation(async ({ ctx, input }) => {
+
+            const announcement = await prisma.announcement.findUnique({
+                where: { id: input.id },
+                include: {
+                    class: {
+                        include: {
+                            teachers: true,
+                        },
+                    },
+                },
+            });
+
+            if (!announcement) {
+                throw new TRPCError({
+                    code: "NOT_FOUND",
+                    message: "Announcement not found",
+                });
+            }
+
+            const updatedAnnouncement = await prisma.announcement.update({
+                where: { id: input.id },
+                data: {
+                    remarks: input.data.content,
+                },
+            });
+
+            return { announcement: updatedAnnouncement };
+        }),
+
+    delete: protectedProcedure
+        .input(z.object({
+            id: z.string(),
+        }))
+        .mutation(async ({ ctx, input }) => {
+
+            const announcement = await prisma.announcement.findUnique({
+                where: { id: input.id },
+                include: {
+                    class: {
+                        include: {
+                            teachers: true,
+                        },
+                    },
+                },
+            });
+
+            if (!announcement) {
+                throw new TRPCError({
+                    code: "NOT_FOUND",
+                    message: "Announcement not found",
+                });
+            }
+
+            await prisma.announcement.delete({
+                where: { id: input.id },
+            });
+
+            return { success: true };
+        }),
+});