npm - @studious-lms/server - Versions diffs - 1.1.24 → 1.2.6 - Mend

@studious-lms/server 1.1.24 → 1.2.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (485) hide show

package/.coderabbit.yaml +9 -0
package/.env.example +53 -0
package/.env.test.example +37 -0
package/README.md +34 -7
package/dist/exportType.d.ts.map +1 -1
package/dist/exportType.js +4 -0
package/dist/exportType.js.map +1 -0
package/dist/index.d.ts +1 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +212 -51
package/dist/index.js.map +1 -0
package/dist/instrument.d.ts +2 -0
package/dist/instrument.d.ts.map +1 -0
package/dist/instrument.js +18 -0
package/dist/instrument.js.map +1 -0
package/dist/lib/config/env.d.ts +190 -0
package/dist/lib/config/env.d.ts.map +1 -0
package/dist/lib/config/env.js +121 -0
package/dist/lib/config/env.js.map +1 -0
package/dist/lib/fileUpload.d.ts +2 -2
package/dist/lib/fileUpload.d.ts.map +1 -1
package/dist/lib/fileUpload.js +82 -15
package/dist/lib/fileUpload.js.map +1 -0
package/dist/lib/googleCloudStorage.d.ts +13 -0
package/dist/lib/googleCloudStorage.d.ts.map +1 -1
package/dist/lib/googleCloudStorage.js +45 -6
package/dist/lib/googleCloudStorage.js.map +1 -0
package/dist/lib/jsonConversion.d.ts.map +1 -1
package/dist/lib/jsonConversion.js +16 -14
package/dist/lib/jsonConversion.js.map +1 -0
package/dist/lib/jsonStyles.d.ts.map +1 -1
package/dist/lib/jsonStyles.js +4 -0
package/dist/lib/jsonStyles.js.map +1 -0
package/dist/lib/notificationHandler.d.ts +25 -0
package/dist/lib/notificationHandler.d.ts.map +1 -0
package/dist/lib/notificationHandler.js +32 -0
package/dist/lib/notificationHandler.js.map +1 -0
package/dist/lib/prisma.d.ts +2 -2
package/dist/lib/prisma.d.ts.map +1 -1
package/dist/lib/prisma.js +24 -1
package/dist/lib/prisma.js.map +1 -0
package/dist/lib/pusher.d.ts +4 -1
package/dist/lib/pusher.d.ts.map +1 -1
package/dist/lib/pusher.js +14 -6
package/dist/lib/pusher.js.map +1 -0
package/dist/lib/redis.d.ts +5 -0
package/dist/lib/redis.d.ts.map +1 -0
package/dist/lib/redis.js +53 -0
package/dist/lib/redis.js.map +1 -0
package/dist/lib/thumbnailGenerator.d.ts +0 -21
package/dist/lib/thumbnailGenerator.d.ts.map +1 -1
package/dist/lib/thumbnailGenerator.js +159 -158
package/dist/lib/thumbnailGenerator.js.map +1 -0
package/dist/middleware/auth.d.ts.map +1 -1
package/dist/middleware/auth.js +41 -93
package/dist/middleware/auth.js.map +1 -0
package/dist/middleware/logging.d.ts.map +1 -1
package/dist/middleware/logging.js +4 -0
package/dist/middleware/logging.js.map +1 -0
package/dist/middleware/security.d.ts +5 -0
package/dist/middleware/security.d.ts.map +1 -0
package/dist/middleware/security.js +77 -0
package/dist/middleware/security.js.map +1 -0
package/dist/models/agenda.d.ts +97 -0
package/dist/models/agenda.d.ts.map +1 -0
package/dist/models/agenda.js +40 -0
package/dist/models/agenda.js.map +1 -0
package/dist/models/announcement.d.ts +223 -0
package/dist/models/announcement.d.ts.map +1 -0
package/dist/models/announcement.js +120 -0
package/dist/models/announcement.js.map +1 -0
package/dist/models/assignment.d.ts +1292 -0
package/dist/models/assignment.d.ts.map +1 -0
package/dist/models/assignment.js +309 -0
package/dist/models/assignment.js.map +1 -0
package/dist/models/attendance.d.ts +180 -0
package/dist/models/attendance.d.ts.map +1 -0
package/dist/models/attendance.js +188 -0
package/dist/models/attendance.js.map +1 -0
package/dist/models/auth.d.ts +153 -0
package/dist/models/auth.d.ts.map +1 -0
package/dist/models/auth.js +217 -0
package/dist/models/auth.js.map +1 -0
package/dist/models/class.d.ts +439 -0
package/dist/models/class.d.ts.map +1 -0
package/dist/models/class.js +546 -0
package/dist/models/class.js.map +1 -0
package/dist/models/comment.d.ts +171 -0
package/dist/models/comment.d.ts.map +1 -0
package/dist/models/comment.js +138 -0
package/dist/models/comment.js.map +1 -0
package/dist/models/conversation.d.ts +164 -0
package/dist/models/conversation.d.ts.map +1 -0
package/dist/models/conversation.js +175 -0
package/dist/models/conversation.js.map +1 -0
package/dist/models/event.d.ts +295 -0
package/dist/models/event.d.ts.map +1 -0
package/dist/models/event.js +145 -0
package/dist/models/event.js.map +1 -0
package/dist/models/file.d.ts +536 -0
package/dist/models/file.d.ts.map +1 -0
package/dist/models/file.js +126 -0
package/dist/models/file.js.map +1 -0
package/dist/models/folder.d.ts +295 -0
package/dist/models/folder.d.ts.map +1 -0
package/dist/models/folder.js +202 -0
package/dist/models/folder.js.map +1 -0
package/dist/models/labChat.d.ts +243 -0
package/dist/models/labChat.d.ts.map +1 -0
package/dist/models/labChat.js +204 -0
package/dist/models/labChat.js.map +1 -0
package/dist/models/marketing.d.ts +72 -0
package/dist/models/marketing.d.ts.map +1 -0
package/dist/models/marketing.js +26 -0
package/dist/models/marketing.js.map +1 -0
package/dist/models/message.d.ts +100 -0
package/dist/models/message.d.ts.map +1 -0
package/dist/models/message.js +131 -0
package/dist/models/message.js.map +1 -0
package/dist/models/newtonChat.d.ts +72 -0
package/dist/models/newtonChat.d.ts.map +1 -0
package/dist/models/newtonChat.js +61 -0
package/dist/models/newtonChat.js.map +1 -0
package/dist/models/notification.d.ts +65 -0
package/dist/models/notification.d.ts.map +1 -0
package/dist/models/notification.js +46 -0
package/dist/models/notification.js.map +1 -0
package/dist/models/section.d.ts +102 -0
package/dist/models/section.d.ts.map +1 -0
package/dist/models/section.js +83 -0
package/dist/models/section.js.map +1 -0
package/dist/models/user.d.ts +39 -0
package/dist/models/user.d.ts.map +1 -0
package/dist/models/user.js +38 -0
package/dist/models/user.js.map +1 -0
package/dist/models/worksheet.d.ts +460 -0
package/dist/models/worksheet.d.ts.map +1 -0
package/dist/models/worksheet.js +200 -0
package/dist/models/worksheet.js.map +1 -0
package/dist/pipelines/aiLabChat.d.ts +21 -0
package/dist/pipelines/aiLabChat.d.ts.map +1 -0
package/dist/pipelines/aiLabChat.js +460 -0
package/dist/pipelines/aiLabChat.js.map +1 -0
package/dist/pipelines/aiNewtonChat.d.ts +30 -0
package/dist/pipelines/aiNewtonChat.d.ts.map +1 -0
package/dist/pipelines/aiNewtonChat.js +289 -0
package/dist/pipelines/aiNewtonChat.js.map +1 -0
package/dist/pipelines/gradeWorksheet.d.ts +30 -0
package/dist/pipelines/gradeWorksheet.d.ts.map +1 -0
package/dist/pipelines/gradeWorksheet.js +252 -0
package/dist/pipelines/gradeWorksheet.js.map +1 -0
package/dist/routers/_app.d.ts +6403 -3741
package/dist/routers/_app.d.ts.map +1 -1
package/dist/routers/_app.js +10 -0
package/dist/routers/_app.js.map +1 -0
package/dist/routers/agenda.d.ts +58 -6
package/dist/routers/agenda.d.ts.map +1 -1
package/dist/routers/agenda.js +6 -58
package/dist/routers/agenda.js.map +1 -0
package/dist/routers/announcement.d.ts +325 -6
package/dist/routers/announcement.d.ts.map +1 -1
package/dist/routers/announcement.js +547 -57
package/dist/routers/announcement.js.map +1 -0
package/dist/routers/assignment.d.ts +431 -318
package/dist/routers/assignment.d.ts.map +1 -1
package/dist/routers/assignment.js +104 -1559
package/dist/routers/assignment.js.map +1 -0
package/dist/routers/attendance.d.ts +20 -9
package/dist/routers/attendance.d.ts.map +1 -1
package/dist/routers/attendance.js +10 -263
package/dist/routers/attendance.js.map +1 -0
package/dist/routers/auth.d.ts +21 -1
package/dist/routers/auth.d.ts.map +1 -1
package/dist/routers/auth.js +37 -241
package/dist/routers/auth.js.map +1 -0
package/dist/routers/class.d.ts +198 -68
package/dist/routers/class.d.ts.map +1 -1
package/dist/routers/class.js +88 -909
package/dist/routers/class.js.map +1 -0
package/dist/routers/comment.d.ts +153 -0
package/dist/routers/comment.d.ts.map +1 -0
package/dist/routers/comment.js +58 -0
package/dist/routers/comment.js.map +1 -0
package/dist/routers/conversation.d.ts +73 -3
package/dist/routers/conversation.d.ts.map +1 -1
package/dist/routers/conversation.js +23 -265
package/dist/routers/conversation.js.map +1 -0
package/dist/routers/event.d.ts +46 -37
package/dist/routers/event.d.ts.map +1 -1
package/dist/routers/event.js +15 -431
package/dist/routers/event.js.map +1 -0
package/dist/routers/file.d.ts +4 -2
package/dist/routers/file.d.ts.map +1 -1
package/dist/routers/file.js +11 -295
package/dist/routers/file.js.map +1 -0
package/dist/routers/folder.d.ts +21 -14
package/dist/routers/folder.d.ts.map +1 -1
package/dist/routers/folder.js +36 -743
package/dist/routers/folder.js.map +1 -0
package/dist/routers/labChat.d.ts +12 -9
package/dist/routers/labChat.d.ts.map +1 -1
package/dist/routers/labChat.js +21 -877
package/dist/routers/labChat.js.map +1 -0
package/dist/routers/marketing.d.ts +2 -2
package/dist/routers/marketing.d.ts.map +1 -1
package/dist/routers/marketing.js +9 -54
package/dist/routers/marketing.js.map +1 -0
package/dist/routers/message.d.ts +2 -1
package/dist/routers/message.d.ts.map +1 -1
package/dist/routers/message.js +29 -519
package/dist/routers/message.js.map +1 -0
package/dist/routers/newtonChat.d.ts +55 -0
package/dist/routers/newtonChat.d.ts.map +1 -0
package/dist/routers/newtonChat.js +22 -0
package/dist/routers/newtonChat.js.map +1 -0
package/dist/routers/notifications.d.ts +8 -8
package/dist/routers/notifications.d.ts.map +1 -1
package/dist/routers/notifications.js +20 -81
package/dist/routers/notifications.js.map +1 -0
package/dist/routers/section.d.ts +37 -6
package/dist/routers/section.d.ts.map +1 -1
package/dist/routers/section.js +26 -167
package/dist/routers/section.js.map +1 -0
package/dist/routers/user.d.ts +1 -1
package/dist/routers/user.d.ts.map +1 -1
package/dist/routers/user.js +34 -204
package/dist/routers/user.js.map +1 -0
package/dist/routers/worksheet.d.ts +362 -0
package/dist/routers/worksheet.d.ts.map +1 -0
package/dist/routers/worksheet.js +153 -0
package/dist/routers/worksheet.js.map +1 -0
package/dist/seedDatabase.d.ts +2 -3
package/dist/seedDatabase.d.ts.map +1 -1
package/dist/seedDatabase.js +311 -289
package/dist/seedDatabase.js.map +1 -0
package/dist/server/pipelines/aiLabChat.d.ts +21 -0
package/dist/server/pipelines/aiLabChat.d.ts.map +1 -0
package/dist/server/pipelines/aiLabChat.js +456 -0
package/dist/server/pipelines/aiLabChat.js.map +1 -0
package/dist/server/pipelines/aiNewtonChat.d.ts +30 -0
package/dist/server/pipelines/aiNewtonChat.d.ts.map +1 -0
package/dist/server/pipelines/aiNewtonChat.js +285 -0
package/dist/server/pipelines/aiNewtonChat.js.map +1 -0
package/dist/server/pipelines/gradeWorksheet.d.ts +30 -0
package/dist/server/pipelines/gradeWorksheet.d.ts.map +1 -0
package/dist/server/pipelines/gradeWorksheet.js +248 -0
package/dist/server/pipelines/gradeWorksheet.js.map +1 -0
package/dist/services/agenda.d.ts +100 -0
package/dist/services/agenda.d.ts.map +1 -0
package/dist/services/agenda.js +21 -0
package/dist/services/agenda.js.map +1 -0
package/dist/services/announcement.d.ts +135 -0
package/dist/services/announcement.d.ts.map +1 -0
package/dist/services/announcement.js +223 -0
package/dist/services/announcement.js.map +1 -0
package/dist/services/assignment.d.ts +1462 -0
package/dist/services/assignment.d.ts.map +1 -0
package/dist/services/assignment.js +898 -0
package/dist/services/assignment.js.map +1 -0
package/dist/services/attendance.d.ts +93 -0
package/dist/services/attendance.d.ts.map +1 -0
package/dist/services/attendance.js +61 -0
package/dist/services/attendance.js.map +1 -0
package/dist/services/auth.d.ts +68 -0
package/dist/services/auth.d.ts.map +1 -0
package/dist/services/auth.js +218 -0
package/dist/services/auth.js.map +1 -0
package/dist/services/class.d.ts +621 -0
package/dist/services/class.d.ts.map +1 -0
package/dist/services/class.js +474 -0
package/dist/services/class.js.map +1 -0
package/dist/services/comment.d.ts +100 -0
package/dist/services/comment.d.ts.map +1 -0
package/dist/services/comment.js +83 -0
package/dist/services/comment.js.map +1 -0
package/dist/services/conversation.d.ts +159 -0
package/dist/services/conversation.d.ts.map +1 -0
package/dist/services/conversation.js +138 -0
package/dist/services/conversation.js.map +1 -0
package/dist/services/event.d.ts +216 -0
package/dist/services/event.d.ts.map +1 -0
package/dist/services/event.js +168 -0
package/dist/services/event.js.map +1 -0
package/dist/services/file.d.ts +74 -0
package/dist/services/file.d.ts.map +1 -0
package/dist/services/file.js +133 -0
package/dist/services/file.js.map +1 -0
package/dist/services/folder.d.ts +239 -0
package/dist/services/folder.d.ts.map +1 -0
package/dist/services/folder.js +248 -0
package/dist/services/folder.js.map +1 -0
package/dist/services/labChat.d.ts +165 -0
package/dist/services/labChat.d.ts.map +1 -0
package/dist/services/labChat.js +289 -0
package/dist/services/labChat.js.map +1 -0
package/dist/services/marketing.d.ts +50 -0
package/dist/services/marketing.d.ts.map +1 -0
package/dist/services/marketing.js +32 -0
package/dist/services/marketing.js.map +1 -0
package/dist/services/message.d.ts +95 -0
package/dist/services/message.d.ts.map +1 -0
package/dist/services/message.js +350 -0
package/dist/services/message.js.map +1 -0
package/dist/services/newtonChat.d.ts +22 -0
package/dist/services/newtonChat.d.ts.map +1 -0
package/dist/services/newtonChat.js +174 -0
package/dist/services/newtonChat.js.map +1 -0
package/dist/services/notification.d.ts +65 -0
package/dist/services/notification.d.ts.map +1 -0
package/dist/services/notification.js +33 -0
package/dist/services/notification.js.map +1 -0
package/dist/services/section.d.ts +53 -0
package/dist/services/section.d.ts.map +1 -0
package/dist/services/section.js +199 -0
package/dist/services/section.js.map +1 -0
package/dist/services/user.d.ts +48 -0
package/dist/services/user.d.ts.map +1 -0
package/dist/services/user.js +141 -0
package/dist/services/user.js.map +1 -0
package/dist/services/worksheet.d.ts +239 -0
package/dist/services/worksheet.d.ts.map +1 -0
package/dist/services/worksheet.js +235 -0
package/dist/services/worksheet.js.map +1 -0
package/dist/socket/handlers.d.ts.map +1 -1
package/dist/socket/handlers.js +4 -0
package/dist/socket/handlers.js.map +1 -0
package/dist/trpc.d.ts.map +1 -1
package/dist/trpc.js +4 -0
package/dist/trpc.js.map +1 -0
package/dist/types/trpc.d.ts.map +1 -1
package/dist/types/trpc.js +4 -0
package/dist/types/trpc.js.map +1 -0
package/dist/utils/aiUser.d.ts +1 -3
package/dist/utils/aiUser.d.ts.map +1 -1
package/dist/utils/aiUser.js +8 -3
package/dist/utils/aiUser.js.map +1 -0
package/dist/utils/email.d.ts +12 -1
package/dist/utils/email.d.ts.map +1 -1
package/dist/utils/email.js +26 -4
package/dist/utils/email.js.map +1 -0
package/dist/utils/generateInviteCode.d.ts +1 -2
package/dist/utils/generateInviteCode.d.ts.map +1 -1
package/dist/utils/generateInviteCode.js +5 -2
package/dist/utils/generateInviteCode.js.map +1 -0
package/dist/utils/inference.d.ts +8 -0
package/dist/utils/inference.d.ts.map +1 -1
package/dist/utils/inference.js +78 -10
package/dist/utils/inference.js.map +1 -0
package/dist/utils/logger.d.ts +4 -0
package/dist/utils/logger.d.ts.map +1 -1
package/dist/utils/logger.js +35 -3
package/dist/utils/logger.js.map +1 -0
package/dist/utils/prismaErrorHandler.d.ts.map +1 -1
package/dist/utils/prismaErrorHandler.js +7 -0
package/dist/utils/prismaErrorHandler.js.map +1 -0
package/dist/utils/prismaWrapper.d.ts +1 -0
package/dist/utils/prismaWrapper.d.ts.map +1 -1
package/dist/utils/prismaWrapper.js +8 -0
package/dist/utils/prismaWrapper.js.map +1 -0
package/docker-compose.yml +19 -0
package/package.json +21 -4
package/prisma/migrations/20251109122857_annuoncements_comments/migration.sql +30 -0
package/prisma/migrations/20251109135555_reactions_announcements_comments/migration.sql +35 -0
package/prisma/schema.prisma +180 -12
package/scripts/test-pre-push.ts +14 -0
package/src/index.ts +247 -52
package/src/instrument.ts +15 -0
package/src/lib/config/env.ts +132 -0
package/src/lib/fileUpload.ts +81 -16
package/src/lib/googleCloudStorage.ts +42 -6
package/src/lib/jsonConversion.ts +12 -14
package/src/lib/prisma.ts +23 -2
package/src/lib/pusher.ts +11 -6
package/src/lib/redis.ts +56 -0
package/src/lib/thumbnailGenerator.ts +170 -168
package/src/middleware/auth.ts +86 -137
package/src/middleware/security.ts +80 -0
package/src/models/agenda.ts +46 -0
package/src/models/announcement.ts +134 -0
package/src/models/assignment.ts +322 -0
package/src/models/attendance.ts +208 -0
package/src/models/auth.ts +247 -0
package/src/models/class.ts +598 -0
package/src/models/comment.ts +152 -0
package/src/models/conversation.ts +200 -0
package/src/models/event.ts +177 -0
package/src/models/file.ts +129 -0
package/src/models/folder.ts +225 -0
package/src/models/labChat.ts +213 -0
package/src/models/marketing.ts +45 -0
package/src/models/message.ts +153 -0
package/src/models/newtonChat.ts +70 -0
package/src/models/notification.ts +54 -0
package/src/models/section.ts +98 -0
package/src/models/user.ts +47 -0
package/src/models/worksheet.ts +294 -0
package/src/pipelines/aiLabChat.ts +511 -0
package/src/pipelines/aiNewtonChat.ts +347 -0
package/src/pipelines/gradeWorksheet.ts +286 -0
package/src/routers/_app.ts +6 -0
package/src/routers/agenda.ts +3 -61
package/src/routers/announcement.ts +622 -57
package/src/routers/assignment.ts +157 -1688
package/src/routers/attendance.ts +16 -277
package/src/routers/auth.ts +79 -313
package/src/routers/class.ts +265 -1038
package/src/routers/comment.ts +76 -0
package/src/routers/conversation.ts +53 -284
package/src/routers/event.ts +50 -481
package/src/routers/file.ts +45 -341
package/src/routers/folder.ts +107 -836
package/src/routers/labChat.ts +29 -960
package/src/routers/marketing.ts +35 -77
package/src/routers/message.ts +45 -571
package/src/routers/newtonChat.ts +36 -0
package/src/routers/notifications.ts +32 -82
package/src/routers/section.ts +58 -200
package/src/routers/user.ts +49 -226
package/src/routers/worksheet.ts +252 -0
package/src/seedDatabase.ts +330 -290
package/src/services/agenda.ts +21 -0
package/src/services/announcement.ts +290 -0
package/src/services/assignment.ts +1198 -0
package/src/services/attendance.ts +85 -0
package/src/services/auth.ts +277 -0
package/src/services/class.ts +622 -0
package/src/services/comment.ts +106 -0
package/src/services/conversation.ts +213 -0
package/src/services/event.ts +231 -0
package/src/services/file.ts +167 -0
package/src/services/folder.ts +316 -0
package/src/services/labChat.ts +352 -0
package/src/services/marketing.ts +57 -0
package/src/services/message.ts +461 -0
package/src/services/newtonChat.ts +222 -0
package/src/services/notification.ts +50 -0
package/src/services/section.ts +283 -0
package/src/services/user.ts +172 -0
package/src/services/worksheet.ts +358 -0
package/src/trpc.ts +4 -0
package/src/utils/aiUser.ts +4 -3
package/src/utils/email.ts +33 -4
package/src/utils/generateInviteCode.ts +1 -3
package/src/utils/inference.ts +89 -10
package/src/utils/logger.ts +33 -3
package/src/utils/prismaErrorHandler.ts +3 -0
package/src/utils/prismaWrapper.ts +4 -0
package/tests/globalSetup.ts +62 -0
package/tests/helpers.ts +22 -0
package/tests/middleware/security.test.ts +42 -0
package/tests/routers/agenda.test.ts +138 -0
package/tests/routers/announcement.test.ts +490 -0
package/tests/routers/assignment.test.ts +837 -0
package/tests/routers/attendance.test.ts +160 -0
package/tests/routers/auth.test.ts +171 -0
package/tests/{class.test.ts → routers/class.test.ts} +163 -92
package/tests/routers/comment.test.ts +126 -0
package/tests/routers/conversation.test.ts +145 -0
package/tests/routers/event.test.ts +289 -0
package/tests/routers/folder.test.ts +178 -0
package/tests/routers/labChat.test.ts +115 -0
package/tests/routers/marketing.test.ts +59 -0
package/tests/routers/message.test.ts +123 -0
package/tests/routers/notification.test.ts +69 -0
package/tests/routers/section.test.ts +208 -0
package/tests/server/rateLimit.test.ts +73 -0
package/tests/setup.ts +39 -65
package/tests/user.test.ts +136 -0
package/tests/utils/aiUser.test.ts +22 -0
package/tests/utils/generateInviteCode.test.ts +24 -0
package/tests/utils/logger.test.ts +74 -0
package/tests/utils/prismaErrorHandler.test.ts +101 -0
package/tests/utils/prismaWrapper.test.ts +82 -0
package/tests/worksheet.test.ts +181 -0
package/tsconfig.json +9 -2
package/vitest.config.ts +30 -1
package/vitest.unit.config.ts +21 -0
package/API_SPECIFICATION.md +0 -1597
package/BASE64_REMOVAL_SUMMARY.md +0 -164
package/CHAT_API_SPEC.md +0 -579
package/LAB_CHAT_API_SPEC.md +0 -518
package/dist/routers/school.d.ts +0 -208
package/dist/routers/school.d.ts.map +0 -1
package/dist/routers/school.js +0 -481
package/tests/auth.test.ts +0 -25

package/src/index.ts CHANGED Viewed

@@ -11,52 +11,64 @@ import { logger } from './utils/logger.js';
 import { setupSocketHandlers } from './socket/handlers.js';
 import { bucket } from './lib/googleCloudStorage.js';
 import { prisma } from './lib/prisma.js';
+import { pusher } from './lib/pusher.js';
+import { connectRedis, disconnectRedis } from './lib/redis.js';
-dotenv.config();
+import { authLimiter, generalLimiter, helmetConfig, uploadLimiter } from './middleware/security.js';
+import * as Sentry from "@sentry/node";
+import { env } from './lib/config/env.js';
+import compression from 'compression';
+import { v4 as uuidv4 } from 'uuid';
+import "./instrument.js";
+import { openAIClient } from './utils/inference.js';
 const app = express();
+app.use(helmetConfig);
+app.use(compression());
+app.use(express.json());
+app.use(express.urlencoded({ extended: true }));
+app.use((req, res, next) => {
+  const requestId = uuidv4();
+  res.setHeader('X-Request-ID', requestId);
+  next();
+});
+const allowedOrigins = env.NODE_ENV === 'production'
+? [
+    'https://www.studious.sh',
+    'https://studious.sh',
+    'https://dev.studious.sh',
+    'https://www.dev.studious.sh',
+    env.NEXT_PUBLIC_APP_URL,
+    'http://localhost:3000',
+  ].filter(Boolean)
+: [
+    'http://localhost:3000',
+    'http://localhost:3001',
+    'http://127.0.0.1:3000',
+    'http://127.0.0.1:3001',
+    env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
+  ];
 // CORS middleware
 app.use(cors({
-  origin: [
-    'http://localhost:3000',  // Frontend development server
-    'http://localhost:3001',  // Server port
-    'http://127.0.0.1:3000',  // Alternative localhost
-    'http://127.0.0.1:3001',  // Alternative localhost
-    'https://www.studious.sh',  // Production frontend
-    'https://studious.sh',     // Production frontend (without www)
-    process.env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
-  ],
+  origin: allowedOrigins,
   credentials: true,
   methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
   allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With', 'x-user'],
-  optionsSuccessStatus: 200
+  preflightContinue: false, // Important: stop further handling of OPTIONS
+  optionsSuccessStatus: 204, // Recommended for modern browsers
 }));
-// Handle preflight OPTIONS requests
-app.options('*', (req, res) => {
-  const allowedOrigins = [
-    'http://localhost:3000',
-    'http://localhost:3001',
-    'http://127.0.0.1:3000',
-    'http://127.0.0.1:3001',
-    'https://www.studious.sh',  // Production frontend
-    'https://studious.sh',     // Production frontend (without www)
-    process.env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
-  ];
-  const origin = req.headers.origin;
-  if (origin && allowedOrigins.includes(origin)) {
-    res.header('Access-Control-Allow-Origin', origin);
-  } else {
-    res.header('Access-Control-Allow-Origin', 'http://localhost:3000');
-  }
-  res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
-  res.header('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-Requested-With, x-user');
-  res.header('Access-Control-Allow-Credentials', 'true');
-  res.sendStatus(200);
-});
+app.use(generalLimiter);
 // CORS debugging middleware
 app.use((req, res, next) => {
@@ -86,11 +98,146 @@ app.use((req, res, next) => {
   next();
 });
+// app.use("/panel", async (_, res) => {
+//   if (env.NODE_ENV !== "development") {
+//     return res.status(404).send("Not Found");
+//   }
+//   // Dynamically import renderTrpcPanel only in development
+//   const { renderTrpcPanel } = await import("trpc-ui");
+//   return res.send(
+//     renderTrpcPanel(appRouter, {
+//       url: "/trpc", // Base url of your trpc server
+//       meta: {
+//         title: "Studious Backend",
+//         description:
+//           "This is the backend for the Studious application.",
+//       },
+//     })
+//   );
+// });
 // Create HTTP server
 const httpServer = createServer(app);
-app.get('/health', (req, res) => {
-  res.status(200).json({ message: 'OK' });
+app.get('/health', async (req, res) => {
+  try {
+    // Check database connectivity
+    await prisma.$queryRaw`SELECT 1`;
+    res.status(200).json({
+      status: 'OK',
+      timestamp: new Date().toISOString(),
+      uptime: process.uptime(),
+      database: 'connected'
+    });
+  } catch (error) {
+    res.status(503).json({
+      status: 'ERROR',
+      database: 'disconnected',
+      error: error instanceof Error ? error.message : 'Unknown error'
+    });
+  }
+});
+// Pusher channel auth (for private-* and presence-* channels)
+// Token from: x-user header, or cookie (same-origin requests send cookies automatically)
+app.post('/api/pusher/auth', async (req, res) => {
+  try {
+    let token = req.headers['x-user'] as string | undefined;
+    if (!token && req.headers.cookie) {
+      const cookieName = env.PUSHER_AUTH_COOKIE_NAME || 'token';
+      const match = req.headers.cookie.match(new RegExp(`${cookieName}=([^;]+)`));
+      token = match?.[1]?.trim();
+    }
+    const { socket_id, channel_name } = req.body as { socket_id?: string; channel_name?: string };
+    if (!socket_id || !channel_name) {
+      return res.status(400).json({ error: 'socket_id and channel_name required' });
+    }
+    if (!token) {
+      return res.status(401).json({ error: 'Authentication required' });
+    }
+    const user = await prisma.user.findFirst({
+      where: { sessions: { some: { id: token } } },
+      select: { id: true, username: true },
+    });
+    if (!user) {
+      return res.status(401).json({ error: 'Invalid or expired session' });
+    }
+    // Verify channel access for private-conversation-* channels
+    if (channel_name.startsWith('private-conversation-')) {
+      const conversationId = channel_name.replace('private-conversation-', '');
+      const member = await prisma.conversationMember.findFirst({
+        where: { conversationId, userId: user.id },
+      });
+      if (!member) {
+        return res.status(403).json({ error: 'Not a member of this conversation' });
+      }
+    }
+    if (channel_name.startsWith('private-worksheet-')) {
+      const worksheetId = channel_name.replace('private-worksheet-', '');
+      const worksheet = await prisma.studentWorksheetResponse.findFirst({
+        where: { id: worksheetId, OR: [
+          { studentId: user.id },
+          { submission: { assignment: { class: { teachers: { some: { id: user.id } } } } } },
+        ] },
+      });
+      if (!worksheet) {
+        return res.status(403).json({ error: 'No access to this worksheet' });
+      }
+    }
+    if (channel_name.startsWith('private-teacher-')) {
+      const classId = channel_name.replace('private-teacher-', '');
+      const isTeacher = await prisma.class.findFirst({
+        where: { id: classId, teachers: { some: { id: user.id } } },
+      });
+      if (!isTeacher) {
+        return res.status(403).json({ error: 'Not a teacher of this class' });
+      }
+    }
+    // Verify channel access for private-class-* channels
+    // if (channel_name.startsWith('private-class-')) {
+    //   const classId = channel_name.replace('private-class-', '');
+    //   const isMember = await prisma.class.findFirst({
+    //     where: {
+    //       id: classId,
+    //       OR: [
+    //         { students: { some: { id: user.id } } },
+    //         { teachers: { some: { id: user.id } } },
+    //       ],
+    //     },
+    //   });
+    //   if (!isMember) {
+    //     return res.status(403).json({ error: 'Not a member of this class' });
+    //   }
+    // }
+    if (channel_name.startsWith('presence-')) {
+      const authResponse = pusher.authorizeChannel(socket_id, channel_name, {
+        user_id: user.id,
+        user_info: { username: user.username },
+      });
+      return res.json(authResponse);
+    }
+    const authResponse = pusher.authorizeChannel(socket_id, channel_name);
+    return res.json(authResponse);
+  } catch (error) {
+    logger.error('Pusher auth error', { error });
+    return res.status(500).json({ error: 'Authentication failed' });
+  }
 });
 // Setup Socket.IO
@@ -103,7 +250,7 @@ const io = new Server(httpServer, {
       'http://127.0.0.1:3001',  // Alternative localhost
       'https://www.studious.sh',  // Production frontend
       'https://studious.sh',     // Production frontend (without www)
-      process.env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
+      env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
     ],
     methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
     credentials: true,
@@ -326,12 +473,15 @@ app.get('/api/files/:fileId', async (req, res) => {
   }
 });
+app.use('/trpc/auth.login', authLimiter);
+app.use('/trpc/auth.register', authLimiter);
 // File upload endpoint for secure file uploads (supports both POST and PUT)
-app.post('/api/upload/:filePath', async (req, res) => {
+app.post('/api/upload/:filePath', uploadLimiter, async (req, res) => {
   handleFileUpload(req, res);
 });
-app.put('/api/upload/:filePath', async (req, res) => {
+app.put('/api/upload/:filePath', uploadLimiter, async (req, res) => {
   handleFileUpload(req, res);
 });
@@ -348,7 +498,7 @@ function handleFileUpload(req: any, res: any) {
       'http://127.0.0.1:3001',
       'https://www.studious.sh',  // Production frontend
       'https://studious.sh',     // Production frontend (without www)
-      process.env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
+      env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
     ];
     if (origin && allowedOrigins.includes(origin)) {
@@ -411,21 +561,35 @@ app.use(
   })
 );
-const PORT = process.env.PORT || 3001;
+// IMPORTANT: Sentry error handler must be added AFTER all other middleware and routes
+// but BEFORE any other error handlers
+Sentry.setupExpressErrorHandler(app);
+// app.use(function onError(err, req, res, next) {
+//   // The error id is attached to `res.sentry` to be returned
+//   // and optionally displayed to the user for support.
+//   res.statusCode = 500;
+//   res.end(res.sentry + "\n");
+// });
-httpServer.listen(PORT, () => {
-  logger.info(`Server running on port ${PORT}`, {
-    port: PORT,
-    services: ['tRPC', 'Socket.IO']
+const PORT = env.PORT || 3001;
+connectRedis().then(() => {
+  httpServer.listen(PORT, () => {
+    logger.info(`Server running on port ${PORT}`, {
+      port: PORT,
+      services: ['tRPC', 'Socket.IO', env.REDIS_URL ? 'Redis' : null].filter(Boolean),
+    });
   });
 });
 // log all env variables
 logger.info('Configurations', {
-  NODE_ENV: process.env.NODE_ENV,
-  PORT: process.env.PORT,
-  NEXT_PUBLIC_APP_URL: process.env.NEXT_PUBLIC_APP_URL,
-  LOG_MODE: process.env.LOG_MODE,
+  NODE_ENV: env.NODE_ENV,
+  PORT: env.PORT,
+  NEXT_PUBLIC_APP_URL: env.NEXT_PUBLIC_APP_URL,
+  LOG_MODE: env.LOG_MODE,
 });
 // Log CORS configuration
@@ -435,6 +599,37 @@ logger.info('CORS Configuration', {
     'http://localhost:3001',
     'http://127.0.0.1:3000',
     'http://127.0.0.1:3001',
-    process.env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
+    env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
   ]
-});
+});
+const gracefulShutdown = (signal: string) => {
+  logger.info(`Received ${signal}, shutting down gracefully`);
+  httpServer.close(() => {
+    logger.info('HTTP server closed');
+    io.close(() => {
+      logger.info('Socket.IO server closed');
+      disconnectRedis().then(() =>
+        prisma.$disconnect().then(() => {
+          logger.info('Database connections closed');
+          process.exit(0);
+        }).catch((err) => {
+          logger.error('Error disconnecting from database', { error: err });
+          process.exit(1);
+        })
+      );
+    });
+  });
+  // Force shutdown after 10 seconds
+  setTimeout(() => {
+    logger.error('Forced shutdown after timeout');
+    process.exit(1);
+  }, 10000);
+};
+process.on('SIGTERM', () => gracefulShutdown('SIGTERM'));
+process.on('SIGINT', () => gracefulShutdown('SIGINT'));

package/src/instrument.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import * as Sentry from "@sentry/node";
+import { env } from "./lib/config/env.js";
+// Only initialize Sentry in non-test environments
+if (env.NODE_ENV !== 'test') {
+  Sentry.init({
+    dsn: env.SENTRY_DSN,
+    environment: env.NODE_ENV || 'development',
+    // Setting this option to true will send default PII data to Sentry.
+    // For example, automatic IP address collection on events
+    sendDefaultPii: true,
+    // @todo: disable in test environment
+    enabled: true, // Explicitly disable in test environment
+  });
+}

package/src/lib/config/env.ts ADDED Viewed

@@ -0,0 +1,132 @@
+import { z } from 'zod';
+import dotenv from 'dotenv';
+import { resolve } from 'path';
+import { logger } from '../../utils/logger.js';
+// Determine which env file to load based on NODE_ENV
+const nodeEnv = process.env.NODE_ENV || 'development';
+const envFileMap: Record<string, string> = {
+  test: '.env.test',
+  development: '.env.development',
+  production: '.env.production',
+};
+// Load the appropriate env file
+const envFile = envFileMap[nodeEnv] || '.env';
+const envPath = resolve(process.cwd(), envFile);
+// Load environment variables from the correct file
+// First load .env (base), then override with environment-specific file
+dotenv.config(); // Load .env first (base config)
+dotenv.config({ path: envPath, override: true }); // Override with env-specific
+const isTest = nodeEnv === 'test';
+const isProduction = nodeEnv === 'production';
+// Base schema with required vars for all environments
+const baseSchema = z.object({
+  NODE_ENV: z.enum(['development', 'production', 'test']).default('development'),
+  PORT: z.string().transform(Number).default('3001'),
+  DATABASE_URL: z.string().url('DATABASE_URL must be a valid URL'),
+});
+// Production/development schema with all required vars
+const fullSchema = baseSchema.extend({
+  NEXT_PUBLIC_APP_URL: z.string().url().default('http://localhost:3000'),
+  BACKEND_URL: z.string().url().default('http://localhost:3001'),
+  SENTRY_DSN: z.string().url().optional(),
+  EMAIL_HOST: z.string().min(1, 'EMAIL_HOST is required'),
+  EMAIL_PORT: z.string().transform(Number).default('587'),
+  EMAIL_USER: z.string().email('EMAIL_USER must be a valid email'),
+  EMAIL_PASS: z.string().min(1, 'EMAIL_PASS is required'),
+  EMAIL_DRY_RUN: z.string().optional().default('false'),
+  GOOGLE_CLOUD_PROJECT_ID: z.string().min(1, 'GOOGLE_CLOUD_PROJECT_ID is required'),
+  GOOGLE_CLOUD_CLIENT_EMAIL: z.string().email('GOOGLE_CLOUD_CLIENT_EMAIL must be a valid email'),
+  GOOGLE_CLOUD_PRIVATE_KEY: z.string().min(1, 'GOOGLE_CLOUD_PRIVATE_KEY is required'),
+  GOOGLE_CLOUD_BUCKET_NAME: z.string().min(1, 'GOOGLE_CLOUD_BUCKET_NAME is required'),
+  PUSHER_APP_ID: z.string().min(1, 'PUSHER_APP_ID is required'),
+  PUSHER_KEY: z.string().min(1, 'PUSHER_KEY is required'),
+  PUSHER_SECRET: z.string().min(1, 'PUSHER_SECRET is required'),
+  PUSHER_CLUSTER: z.string().min(1, 'PUSHER_CLUSTER is required'),
+  PUSHER_AUTH_COOKIE_NAME: z.string().optional(), // Cookie name for session token (default: 'token')
+  REDIS_URL: z.string().url().optional(), // Redis connection URL (e.g. redis://localhost:6379)
+  INFERENCE_API_KEY: z.string().optional(),
+  INFERENCE_API_BASE_URL: z.string().url().optional(),
+  OPENAI_API_KEY: z.string().optional(),
+  LOG_MODE: z.enum(['normal', 'verbose', 'quiet']).default('normal'),
+});
+// Test schema - only require what's needed for tests
+const testSchema = baseSchema.extend({
+  NEXT_PUBLIC_APP_URL: z.string().url().optional().default('http://localhost:3000'),
+  BACKEND_URL: z.string().url().optional().default('http://localhost:3001'),
+  SENTRY_DSN: z.string().url().optional(),
+  EMAIL_HOST: z.string().optional().default('smtp.test.com'),
+  EMAIL_PORT: z.string().transform(Number).default('587'),
+  EMAIL_USER: z.string().email().optional().default('test@test.com'),
+  EMAIL_PASS: z.string().optional().default('test'),
+  EMAIL_DRY_RUN: z.string().optional().default('false'),
+  GOOGLE_CLOUD_PROJECT_ID: z.string().optional().default('test-project'),
+  GOOGLE_CLOUD_CLIENT_EMAIL: z.string().email().optional().default('test@test.iam.gserviceaccount.com'),
+  GOOGLE_CLOUD_PRIVATE_KEY: z.string().optional().default('test-key'),
+  GOOGLE_CLOUD_BUCKET_NAME: z.string().optional().default('test-bucket'),
+  PUSHER_APP_ID: z.string().optional().default('test-app-id'),
+  PUSHER_KEY: z.string().optional().default('test-key'),
+  PUSHER_SECRET: z.string().optional().default('test-secret'),
+  PUSHER_CLUSTER: z.string().optional().default('us2'),
+  PUSHER_AUTH_COOKIE_NAME: z.string().optional(),
+  REDIS_URL: z.string().url().optional(),
+  INFERENCE_API_KEY: z.string().optional(),
+  OPENAI_API_KEY: z.string().optional(),
+  INFERENCE_API_BASE_URL: z.string().url().optional(),
+  LOG_MODE: z.enum(['normal', 'verbose', 'quiet']).default('quiet'),
+});
+// Use test schema in test mode, full schema otherwise
+const envSchema = isTest ? testSchema : fullSchema;
+// Validate environment variables
+function validateEnv() {
+  try {
+    const parsed = envSchema.parse(process.env);
+    // Only exit on validation failure in production
+    if (isProduction && !parsed.DATABASE_URL) {
+      logger.error('DATABASE_URL is required in production');
+      process.exit(1);
+    }
+    return parsed;
+  } catch (error) {
+    if (error instanceof z.ZodError) {
+      const missingVars = error.errors.map(err => ({
+        path: err.path.join('.'),
+        message: err.message,
+      }));
+      logger.error('Environment variable validation failed', {
+        envFile,
+        missingVars,
+      });
+      // Only exit in production - in test/dev, log warning but continue
+      if (isProduction) {
+        logger.error(`Please check your ${envFile} file and ensure all required variables are set.`);
+        process.exit(1);
+      } else {
+        logger.warn('Continuing with defaults - some features may not work correctly', {
+          envFile,
+        });
+        // Return parsed with defaults for non-production
+        return envSchema.parse({ ...process.env });
+      }
+    }
+    throw error;
+  }
+}
+// Export validated environment variables
+export const env = validateEnv();
+// Type-safe environment access
+export type Env = z.infer<typeof envSchema>;

package/src/lib/fileUpload.ts CHANGED Viewed

@@ -1,9 +1,9 @@
 import { TRPCError } from "@trpc/server";
 import { v4 as uuidv4 } from "uuid";
-import { getSignedUrl } from "./googleCloudStorage.js";
-import { generateMediaThumbnail } from "./thumbnailGenerator.js";
+import { getSignedUrl, objectExists } from "./googleCloudStorage.js";
 import { prisma } from "./prisma.js";
 import { logger } from "../utils/logger.js";
+import { env } from "./config/env.js";
 export interface FileData {
   name: string;
@@ -102,7 +102,8 @@ export async function createDirectUploadFile(
   userId: string,
   directory?: string,
   assignmentId?: string,
-  submissionId?: string
+  submissionId?: string,
+  announcementId?: string
 ): Promise<DirectUploadFile> {
   try {
     // Validate file extension matches MIME type
@@ -135,7 +136,7 @@ export async function createDirectUploadFile(
     const uploadSessionId = uuidv4();
     // Generate backend proxy upload URL (not direct GCS)
-    const baseUrl = process.env.BACKEND_URL || 'http://localhost:3001';
+    const baseUrl = env.BACKEND_URL || 'http://localhost:3001';
     const uploadUrl = `${baseUrl}/api/upload/${encodeURIComponent(filePath)}`;
     const uploadExpiresAt = new Date(Date.now() + 15 * 60 * 1000); // 15 minutes from now
@@ -167,6 +168,11 @@ export async function createDirectUploadFile(
           submission: {
             connect: { id: submissionId }
           }
+        }),
+        ...(announcementId && {
+          announcement: {
+            connect: { id: announcementId }
+          }
         })
       },
     });
@@ -182,7 +188,11 @@ export async function createDirectUploadFile(
       uploadSessionId
     };
   } catch (error) {
-    console.error('Error creating direct upload file:', error);
+    logger.error('Error creating direct upload file:', {error: error instanceof Error ? {
+      name: error.name,
+      message: error.message,
+      stack: error.stack,
+    } : error});
     throw new TRPCError({
       code: 'INTERNAL_SERVER_ERROR',
       message: 'Failed to create direct upload file',
@@ -202,17 +212,53 @@ export async function confirmDirectUpload(
   errorMessage?: string
 ): Promise<void> {
   try {
+    // First fetch the file record to get the object path
+    const fileRecord = await prisma.file.findUnique({
+      where: { id: fileId },
+      select: { path: true }
+    });
+    if (!fileRecord) {
+      throw new TRPCError({
+        code: 'NOT_FOUND',
+        message: 'File record not found',
+      });
+    }
+    let actualUploadSuccess = uploadSuccess;
+    let actualErrorMessage = errorMessage;
+    // If uploadSuccess is true, verify the object actually exists in GCS
+    if (uploadSuccess) {
+      try {
+        const exists = await objectExists(env.GOOGLE_CLOUD_BUCKET_NAME!, fileRecord.path);
+        if (!exists) {
+          actualUploadSuccess = false;
+          actualErrorMessage = 'File upload reported as successful but object not found in Google Cloud Storage';
+          logger.error(`File upload verification failed for ${fileId}: object ${fileRecord.path} not found in GCS`);
+        }
+      } catch (error) {
+        logger.error(`Error verifying file existence in GCS for ${fileId}:`, {error: error instanceof Error ? {
+          name: error.name,
+          message: error.message,
+          stack: error.stack,
+        } : error});
+        actualUploadSuccess = false;
+        actualErrorMessage = 'Failed to verify file existence in Google Cloud Storage';
+      }
+    }
     const updateData: any = {
-      uploadStatus: uploadSuccess ? 'COMPLETED' : 'FAILED',
-      uploadProgress: uploadSuccess ? 100 : 0,
+      uploadStatus: actualUploadSuccess ? 'COMPLETED' : 'FAILED',
+      uploadProgress: actualUploadSuccess ? 100 : 0,
     };
-    if (!uploadSuccess && errorMessage) {
-      updateData.uploadError = errorMessage;
+    if (!actualUploadSuccess && actualErrorMessage) {
+      updateData.uploadError = actualErrorMessage;
       updateData.uploadRetryCount = { increment: 1 };
     }
-    if (uploadSuccess) {
+    if (actualUploadSuccess) {
       updateData.uploadedAt = new Date();
     }
@@ -221,7 +267,7 @@ export async function confirmDirectUpload(
       data: updateData
     });
   } catch (error) {
-    console.error('Error confirming direct upload:', error);
+    logger.error('Error confirming direct upload:', {error});
     throw new TRPCError({
       code: 'INTERNAL_SERVER_ERROR',
       message: 'Failed to confirm upload',
@@ -239,15 +285,29 @@ export async function updateUploadProgress(
   progress: number
 ): Promise<void> {
   try {
+    // await prisma.file.update({
+    //   where: { id: fileId },
+    //   data: {
+    //     uploadStatus: 'UPLOADING',
+    //     uploadProgress: Math.min(100, Math.max(0, progress))
+    //   }
+    // });
+    const current = await prisma.file.findUnique({ where: { id: fileId }, select: { uploadStatus: true } });
+    if (!current || ['COMPLETED','FAILED','CANCELLED'].includes(current.uploadStatus as string)) return;
+    const clamped = Math.min(100, Math.max(0, progress));
     await prisma.file.update({
       where: { id: fileId },
       data: {
         uploadStatus: 'UPLOADING',
-        uploadProgress: Math.min(100, Math.max(0, progress))
+        uploadProgress: clamped
       }
     });
   } catch (error) {
-    console.error('Error updating upload progress:', error);
+    logger.error('Error updating upload progress:', {error: error instanceof Error ? {
+      name: error.name,
+      message: error.message,
+      stack: error.stack,
+    } : error});
     throw new TRPCError({
       code: 'INTERNAL_SERVER_ERROR',
       message: 'Failed to update upload progress',
@@ -269,15 +329,20 @@ export async function createDirectUploadFiles(
   userId: string,
   directory?: string,
   assignmentId?: string,
-  submissionId?: string
+  submissionId?: string,
+  announcementId?: string
 ): Promise<DirectUploadFile[]> {
   try {
     const uploadPromises = files.map(file =>
-      createDirectUploadFile(file, userId, directory, assignmentId, submissionId)
+      createDirectUploadFile(file, userId, directory, assignmentId, submissionId, announcementId)
     );
     return await Promise.all(uploadPromises);
   } catch (error) {
-    console.error('Error creating direct upload files:', error);
+    logger.error('Error creating direct upload files:', {error: error instanceof Error ? {
+      name: error.name,
+      message: error.message,
+      stack: error.stack,
+    } : error});
     throw new TRPCError({
       code: 'INTERNAL_SERVER_ERROR',
       message: 'Failed to create direct upload files',