npm - @studious-lms/server - Versions diffs - 1.1.26 → 1.2.6 - Mend

@studious-lms/server 1.1.26 → 1.2.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (486) hide show

package/.coderabbit.yaml +9 -0
package/.env.example +53 -0
package/.env.test.example +37 -0
package/README.md +34 -7
package/dist/exportType.d.ts.map +1 -1
package/dist/exportType.js +4 -0
package/dist/exportType.js.map +1 -0
package/dist/index.d.ts +1 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +212 -51
package/dist/index.js.map +1 -0
package/dist/instrument.d.ts +2 -0
package/dist/instrument.d.ts.map +1 -0
package/dist/instrument.js +18 -0
package/dist/instrument.js.map +1 -0
package/dist/lib/config/env.d.ts +190 -0
package/dist/lib/config/env.d.ts.map +1 -0
package/dist/lib/config/env.js +121 -0
package/dist/lib/config/env.js.map +1 -0
package/dist/lib/fileUpload.d.ts +2 -2
package/dist/lib/fileUpload.d.ts.map +1 -1
package/dist/lib/fileUpload.js +15 -5
package/dist/lib/fileUpload.js.map +1 -0
package/dist/lib/googleCloudStorage.d.ts +6 -0
package/dist/lib/googleCloudStorage.d.ts.map +1 -1
package/dist/lib/googleCloudStorage.js +26 -6
package/dist/lib/googleCloudStorage.js.map +1 -0
package/dist/lib/jsonConversion.d.ts.map +1 -1
package/dist/lib/jsonConversion.js +16 -14
package/dist/lib/jsonConversion.js.map +1 -0
package/dist/lib/jsonStyles.d.ts.map +1 -1
package/dist/lib/jsonStyles.js +4 -0
package/dist/lib/jsonStyles.js.map +1 -0
package/dist/lib/notificationHandler.d.ts +2 -2
package/dist/lib/notificationHandler.d.ts.map +1 -1
package/dist/lib/notificationHandler.js +4 -0
package/dist/lib/notificationHandler.js.map +1 -0
package/dist/lib/prisma.d.ts +2 -2
package/dist/lib/prisma.d.ts.map +1 -1
package/dist/lib/prisma.js +24 -1
package/dist/lib/prisma.js.map +1 -0
package/dist/lib/pusher.d.ts +4 -1
package/dist/lib/pusher.d.ts.map +1 -1
package/dist/lib/pusher.js +14 -6
package/dist/lib/pusher.js.map +1 -0
package/dist/lib/redis.d.ts +5 -0
package/dist/lib/redis.d.ts.map +1 -0
package/dist/lib/redis.js +53 -0
package/dist/lib/redis.js.map +1 -0
package/dist/lib/thumbnailGenerator.d.ts +0 -21
package/dist/lib/thumbnailGenerator.d.ts.map +1 -1
package/dist/lib/thumbnailGenerator.js +159 -158
package/dist/lib/thumbnailGenerator.js.map +1 -0
package/dist/middleware/auth.d.ts.map +1 -1
package/dist/middleware/auth.js +41 -93
package/dist/middleware/auth.js.map +1 -0
package/dist/middleware/logging.d.ts.map +1 -1
package/dist/middleware/logging.js +4 -0
package/dist/middleware/logging.js.map +1 -0
package/dist/middleware/security.d.ts +5 -0
package/dist/middleware/security.d.ts.map +1 -0
package/dist/middleware/security.js +77 -0
package/dist/middleware/security.js.map +1 -0
package/dist/models/agenda.d.ts +97 -0
package/dist/models/agenda.d.ts.map +1 -0
package/dist/models/agenda.js +40 -0
package/dist/models/agenda.js.map +1 -0
package/dist/models/announcement.d.ts +223 -0
package/dist/models/announcement.d.ts.map +1 -0
package/dist/models/announcement.js +120 -0
package/dist/models/announcement.js.map +1 -0
package/dist/models/assignment.d.ts +1292 -0
package/dist/models/assignment.d.ts.map +1 -0
package/dist/models/assignment.js +309 -0
package/dist/models/assignment.js.map +1 -0
package/dist/models/attendance.d.ts +180 -0
package/dist/models/attendance.d.ts.map +1 -0
package/dist/models/attendance.js +188 -0
package/dist/models/attendance.js.map +1 -0
package/dist/models/auth.d.ts +153 -0
package/dist/models/auth.d.ts.map +1 -0
package/dist/models/auth.js +217 -0
package/dist/models/auth.js.map +1 -0
package/dist/models/class.d.ts +439 -0
package/dist/models/class.d.ts.map +1 -0
package/dist/models/class.js +546 -0
package/dist/models/class.js.map +1 -0
package/dist/models/comment.d.ts +171 -0
package/dist/models/comment.d.ts.map +1 -0
package/dist/models/comment.js +138 -0
package/dist/models/comment.js.map +1 -0
package/dist/models/conversation.d.ts +164 -0
package/dist/models/conversation.d.ts.map +1 -0
package/dist/models/conversation.js +175 -0
package/dist/models/conversation.js.map +1 -0
package/dist/models/event.d.ts +295 -0
package/dist/models/event.d.ts.map +1 -0
package/dist/models/event.js +145 -0
package/dist/models/event.js.map +1 -0
package/dist/models/file.d.ts +536 -0
package/dist/models/file.d.ts.map +1 -0
package/dist/models/file.js +126 -0
package/dist/models/file.js.map +1 -0
package/dist/models/folder.d.ts +295 -0
package/dist/models/folder.d.ts.map +1 -0
package/dist/models/folder.js +202 -0
package/dist/models/folder.js.map +1 -0
package/dist/models/labChat.d.ts +243 -0
package/dist/models/labChat.d.ts.map +1 -0
package/dist/models/labChat.js +204 -0
package/dist/models/labChat.js.map +1 -0
package/dist/models/marketing.d.ts +72 -0
package/dist/models/marketing.d.ts.map +1 -0
package/dist/models/marketing.js +26 -0
package/dist/models/marketing.js.map +1 -0
package/dist/models/message.d.ts +100 -0
package/dist/models/message.d.ts.map +1 -0
package/dist/models/message.js +131 -0
package/dist/models/message.js.map +1 -0
package/dist/models/newtonChat.d.ts +72 -0
package/dist/models/newtonChat.d.ts.map +1 -0
package/dist/models/newtonChat.js +61 -0
package/dist/models/newtonChat.js.map +1 -0
package/dist/models/notification.d.ts +65 -0
package/dist/models/notification.d.ts.map +1 -0
package/dist/models/notification.js +46 -0
package/dist/models/notification.js.map +1 -0
package/dist/models/section.d.ts +102 -0
package/dist/models/section.d.ts.map +1 -0
package/dist/models/section.js +83 -0
package/dist/models/section.js.map +1 -0
package/dist/models/user.d.ts +39 -0
package/dist/models/user.d.ts.map +1 -0
package/dist/models/user.js +38 -0
package/dist/models/user.js.map +1 -0
package/dist/models/worksheet.d.ts +460 -0
package/dist/models/worksheet.d.ts.map +1 -0
package/dist/models/worksheet.js +200 -0
package/dist/models/worksheet.js.map +1 -0
package/dist/pipelines/aiLabChat.d.ts +21 -0
package/dist/pipelines/aiLabChat.d.ts.map +1 -0
package/dist/pipelines/aiLabChat.js +460 -0
package/dist/pipelines/aiLabChat.js.map +1 -0
package/dist/pipelines/aiNewtonChat.d.ts +30 -0
package/dist/pipelines/aiNewtonChat.d.ts.map +1 -0
package/dist/pipelines/aiNewtonChat.js +289 -0
package/dist/pipelines/aiNewtonChat.js.map +1 -0
package/dist/pipelines/gradeWorksheet.d.ts +30 -0
package/dist/pipelines/gradeWorksheet.d.ts.map +1 -0
package/dist/pipelines/gradeWorksheet.js +252 -0
package/dist/pipelines/gradeWorksheet.js.map +1 -0
package/dist/routers/_app.d.ts +6438 -3910
package/dist/routers/_app.d.ts.map +1 -1
package/dist/routers/_app.js +10 -0
package/dist/routers/_app.js.map +1 -0
package/dist/routers/agenda.d.ts +58 -6
package/dist/routers/agenda.d.ts.map +1 -1
package/dist/routers/agenda.js +6 -58
package/dist/routers/agenda.js.map +1 -0
package/dist/routers/announcement.d.ts +325 -6
package/dist/routers/announcement.d.ts.map +1 -1
package/dist/routers/announcement.js +543 -77
package/dist/routers/announcement.js.map +1 -0
package/dist/routers/assignment.d.ts +419 -357
package/dist/routers/assignment.d.ts.map +1 -1
package/dist/routers/assignment.js +100 -1689
package/dist/routers/assignment.js.map +1 -0
package/dist/routers/attendance.d.ts +20 -9
package/dist/routers/attendance.d.ts.map +1 -1
package/dist/routers/attendance.js +10 -263
package/dist/routers/attendance.js.map +1 -0
package/dist/routers/auth.d.ts +21 -1
package/dist/routers/auth.d.ts.map +1 -1
package/dist/routers/auth.js +37 -241
package/dist/routers/auth.js.map +1 -0
package/dist/routers/class.d.ts +198 -68
package/dist/routers/class.d.ts.map +1 -1
package/dist/routers/class.js +88 -909
package/dist/routers/class.js.map +1 -0
package/dist/routers/comment.d.ts +153 -0
package/dist/routers/comment.d.ts.map +1 -0
package/dist/routers/comment.js +58 -0
package/dist/routers/comment.js.map +1 -0
package/dist/routers/conversation.d.ts +73 -3
package/dist/routers/conversation.d.ts.map +1 -1
package/dist/routers/conversation.js +23 -265
package/dist/routers/conversation.js.map +1 -0
package/dist/routers/event.d.ts +46 -37
package/dist/routers/event.d.ts.map +1 -1
package/dist/routers/event.js +15 -431
package/dist/routers/event.js.map +1 -0
package/dist/routers/file.d.ts +4 -2
package/dist/routers/file.d.ts.map +1 -1
package/dist/routers/file.js +11 -298
package/dist/routers/file.js.map +1 -0
package/dist/routers/folder.d.ts +21 -14
package/dist/routers/folder.d.ts.map +1 -1
package/dist/routers/folder.js +36 -743
package/dist/routers/folder.js.map +1 -0
package/dist/routers/labChat.d.ts +12 -9
package/dist/routers/labChat.d.ts.map +1 -1
package/dist/routers/labChat.js +21 -885
package/dist/routers/labChat.js.map +1 -0
package/dist/routers/marketing.d.ts +2 -2
package/dist/routers/marketing.d.ts.map +1 -1
package/dist/routers/marketing.js +9 -54
package/dist/routers/marketing.js.map +1 -0
package/dist/routers/message.d.ts +2 -1
package/dist/routers/message.d.ts.map +1 -1
package/dist/routers/message.js +29 -519
package/dist/routers/message.js.map +1 -0
package/dist/routers/newtonChat.d.ts +55 -0
package/dist/routers/newtonChat.d.ts.map +1 -0
package/dist/routers/newtonChat.js +22 -0
package/dist/routers/newtonChat.js.map +1 -0
package/dist/routers/notifications.d.ts +8 -8
package/dist/routers/notifications.d.ts.map +1 -1
package/dist/routers/notifications.js +20 -81
package/dist/routers/notifications.js.map +1 -0
package/dist/routers/section.d.ts +23 -8
package/dist/routers/section.d.ts.map +1 -1
package/dist/routers/section.js +23 -273
package/dist/routers/section.js.map +1 -0
package/dist/routers/user.d.ts +1 -1
package/dist/routers/user.d.ts.map +1 -1
package/dist/routers/user.js +34 -204
package/dist/routers/user.js.map +1 -0
package/dist/routers/worksheet.d.ts +362 -0
package/dist/routers/worksheet.d.ts.map +1 -0
package/dist/routers/worksheet.js +153 -0
package/dist/routers/worksheet.js.map +1 -0
package/dist/seedDatabase.d.ts +2 -3
package/dist/seedDatabase.d.ts.map +1 -1
package/dist/seedDatabase.js +309 -288
package/dist/seedDatabase.js.map +1 -0
package/dist/server/pipelines/aiLabChat.d.ts +21 -0
package/dist/server/pipelines/aiLabChat.d.ts.map +1 -0
package/dist/server/pipelines/aiLabChat.js +456 -0
package/dist/server/pipelines/aiLabChat.js.map +1 -0
package/dist/server/pipelines/aiNewtonChat.d.ts +30 -0
package/dist/server/pipelines/aiNewtonChat.d.ts.map +1 -0
package/dist/server/pipelines/aiNewtonChat.js +285 -0
package/dist/server/pipelines/aiNewtonChat.js.map +1 -0
package/dist/server/pipelines/gradeWorksheet.d.ts +30 -0
package/dist/server/pipelines/gradeWorksheet.d.ts.map +1 -0
package/dist/server/pipelines/gradeWorksheet.js +248 -0
package/dist/server/pipelines/gradeWorksheet.js.map +1 -0
package/dist/services/agenda.d.ts +100 -0
package/dist/services/agenda.d.ts.map +1 -0
package/dist/services/agenda.js +21 -0
package/dist/services/agenda.js.map +1 -0
package/dist/services/announcement.d.ts +135 -0
package/dist/services/announcement.d.ts.map +1 -0
package/dist/services/announcement.js +223 -0
package/dist/services/announcement.js.map +1 -0
package/dist/services/assignment.d.ts +1462 -0
package/dist/services/assignment.d.ts.map +1 -0
package/dist/services/assignment.js +898 -0
package/dist/services/assignment.js.map +1 -0
package/dist/services/attendance.d.ts +93 -0
package/dist/services/attendance.d.ts.map +1 -0
package/dist/services/attendance.js +61 -0
package/dist/services/attendance.js.map +1 -0
package/dist/services/auth.d.ts +68 -0
package/dist/services/auth.d.ts.map +1 -0
package/dist/services/auth.js +218 -0
package/dist/services/auth.js.map +1 -0
package/dist/services/class.d.ts +621 -0
package/dist/services/class.d.ts.map +1 -0
package/dist/services/class.js +474 -0
package/dist/services/class.js.map +1 -0
package/dist/services/comment.d.ts +100 -0
package/dist/services/comment.d.ts.map +1 -0
package/dist/services/comment.js +83 -0
package/dist/services/comment.js.map +1 -0
package/dist/services/conversation.d.ts +159 -0
package/dist/services/conversation.d.ts.map +1 -0
package/dist/services/conversation.js +138 -0
package/dist/services/conversation.js.map +1 -0
package/dist/services/event.d.ts +216 -0
package/dist/services/event.d.ts.map +1 -0
package/dist/services/event.js +168 -0
package/dist/services/event.js.map +1 -0
package/dist/services/file.d.ts +74 -0
package/dist/services/file.d.ts.map +1 -0
package/dist/services/file.js +133 -0
package/dist/services/file.js.map +1 -0
package/dist/services/folder.d.ts +239 -0
package/dist/services/folder.d.ts.map +1 -0
package/dist/services/folder.js +248 -0
package/dist/services/folder.js.map +1 -0
package/dist/services/labChat.d.ts +165 -0
package/dist/services/labChat.d.ts.map +1 -0
package/dist/services/labChat.js +289 -0
package/dist/services/labChat.js.map +1 -0
package/dist/services/marketing.d.ts +50 -0
package/dist/services/marketing.d.ts.map +1 -0
package/dist/services/marketing.js +32 -0
package/dist/services/marketing.js.map +1 -0
package/dist/services/message.d.ts +95 -0
package/dist/services/message.d.ts.map +1 -0
package/dist/services/message.js +350 -0
package/dist/services/message.js.map +1 -0
package/dist/services/newtonChat.d.ts +22 -0
package/dist/services/newtonChat.d.ts.map +1 -0
package/dist/services/newtonChat.js +174 -0
package/dist/services/newtonChat.js.map +1 -0
package/dist/services/notification.d.ts +65 -0
package/dist/services/notification.d.ts.map +1 -0
package/dist/services/notification.js +33 -0
package/dist/services/notification.js.map +1 -0
package/dist/services/section.d.ts +53 -0
package/dist/services/section.d.ts.map +1 -0
package/dist/services/section.js +199 -0
package/dist/services/section.js.map +1 -0
package/dist/services/user.d.ts +48 -0
package/dist/services/user.d.ts.map +1 -0
package/dist/services/user.js +141 -0
package/dist/services/user.js.map +1 -0
package/dist/services/worksheet.d.ts +239 -0
package/dist/services/worksheet.d.ts.map +1 -0
package/dist/services/worksheet.js +235 -0
package/dist/services/worksheet.js.map +1 -0
package/dist/socket/handlers.d.ts.map +1 -1
package/dist/socket/handlers.js +4 -0
package/dist/socket/handlers.js.map +1 -0
package/dist/trpc.d.ts.map +1 -1
package/dist/trpc.js +4 -0
package/dist/trpc.js.map +1 -0
package/dist/types/trpc.d.ts.map +1 -1
package/dist/types/trpc.js +4 -0
package/dist/types/trpc.js.map +1 -0
package/dist/utils/aiUser.d.ts +1 -3
package/dist/utils/aiUser.d.ts.map +1 -1
package/dist/utils/aiUser.js +8 -3
package/dist/utils/aiUser.js.map +1 -0
package/dist/utils/email.d.ts +12 -1
package/dist/utils/email.d.ts.map +1 -1
package/dist/utils/email.js +26 -4
package/dist/utils/email.js.map +1 -0
package/dist/utils/generateInviteCode.d.ts +1 -2
package/dist/utils/generateInviteCode.d.ts.map +1 -1
package/dist/utils/generateInviteCode.js +5 -2
package/dist/utils/generateInviteCode.js.map +1 -0
package/dist/utils/inference.d.ts +8 -0
package/dist/utils/inference.d.ts.map +1 -1
package/dist/utils/inference.js +78 -10
package/dist/utils/inference.js.map +1 -0
package/dist/utils/logger.d.ts +3 -0
package/dist/utils/logger.d.ts.map +1 -1
package/dist/utils/logger.js +8 -1
package/dist/utils/logger.js.map +1 -0
package/dist/utils/prismaErrorHandler.d.ts.map +1 -1
package/dist/utils/prismaErrorHandler.js +7 -0
package/dist/utils/prismaErrorHandler.js.map +1 -0
package/dist/utils/prismaWrapper.d.ts +1 -0
package/dist/utils/prismaWrapper.d.ts.map +1 -1
package/dist/utils/prismaWrapper.js +8 -0
package/dist/utils/prismaWrapper.js.map +1 -0
package/docker-compose.yml +19 -0
package/package.json +21 -4
package/prisma/migrations/20251109122857_annuoncements_comments/migration.sql +30 -0
package/prisma/migrations/20251109135555_reactions_announcements_comments/migration.sql +35 -0
package/prisma/schema.prisma +180 -12
package/scripts/test-pre-push.ts +14 -0
package/src/index.ts +247 -52
package/src/instrument.ts +15 -0
package/src/lib/config/env.ts +132 -0
package/src/lib/fileUpload.ts +13 -6
package/src/lib/googleCloudStorage.ts +23 -6
package/src/lib/jsonConversion.ts +12 -14
package/src/lib/prisma.ts +23 -2
package/src/lib/pusher.ts +11 -6
package/src/lib/redis.ts +56 -0
package/src/lib/thumbnailGenerator.ts +170 -168
package/src/middleware/auth.ts +86 -137
package/src/middleware/security.ts +80 -0
package/src/models/agenda.ts +46 -0
package/src/models/announcement.ts +134 -0
package/src/models/assignment.ts +322 -0
package/src/models/attendance.ts +208 -0
package/src/models/auth.ts +247 -0
package/src/models/class.ts +598 -0
package/src/models/comment.ts +152 -0
package/src/models/conversation.ts +200 -0
package/src/models/event.ts +177 -0
package/src/models/file.ts +129 -0
package/src/models/folder.ts +225 -0
package/src/models/labChat.ts +213 -0
package/src/models/marketing.ts +45 -0
package/src/models/message.ts +153 -0
package/src/models/newtonChat.ts +70 -0
package/src/models/notification.ts +54 -0
package/src/models/section.ts +98 -0
package/src/models/user.ts +47 -0
package/src/models/worksheet.ts +294 -0
package/src/pipelines/aiLabChat.ts +511 -0
package/src/pipelines/aiNewtonChat.ts +347 -0
package/src/pipelines/gradeWorksheet.ts +286 -0
package/src/routers/_app.ts +6 -0
package/src/routers/agenda.ts +3 -61
package/src/routers/announcement.ts +616 -79
package/src/routers/assignment.ts +148 -1827
package/src/routers/attendance.ts +16 -277
package/src/routers/auth.ts +79 -313
package/src/routers/class.ts +265 -1038
package/src/routers/comment.ts +76 -0
package/src/routers/conversation.ts +53 -284
package/src/routers/event.ts +50 -481
package/src/routers/file.ts +45 -344
package/src/routers/folder.ts +107 -836
package/src/routers/labChat.ts +29 -969
package/src/routers/marketing.ts +35 -77
package/src/routers/message.ts +45 -571
package/src/routers/newtonChat.ts +36 -0
package/src/routers/notifications.ts +32 -82
package/src/routers/section.ts +58 -322
package/src/routers/user.ts +49 -226
package/src/routers/worksheet.ts +252 -0
package/src/seedDatabase.ts +328 -289
package/src/services/agenda.ts +21 -0
package/src/services/announcement.ts +290 -0
package/src/services/assignment.ts +1198 -0
package/src/services/attendance.ts +85 -0
package/src/services/auth.ts +277 -0
package/src/services/class.ts +622 -0
package/src/services/comment.ts +106 -0
package/src/services/conversation.ts +213 -0
package/src/services/event.ts +231 -0
package/src/services/file.ts +167 -0
package/src/services/folder.ts +316 -0
package/src/services/labChat.ts +352 -0
package/src/services/marketing.ts +57 -0
package/src/services/message.ts +461 -0
package/src/services/newtonChat.ts +222 -0
package/src/services/notification.ts +50 -0
package/src/services/section.ts +283 -0
package/src/services/user.ts +172 -0
package/src/services/worksheet.ts +358 -0
package/src/trpc.ts +4 -0
package/src/utils/aiUser.ts +4 -3
package/src/utils/email.ts +33 -4
package/src/utils/generateInviteCode.ts +1 -3
package/src/utils/inference.ts +89 -10
package/src/utils/logger.ts +4 -1
package/src/utils/prismaErrorHandler.ts +3 -0
package/src/utils/prismaWrapper.ts +4 -0
package/tests/globalSetup.ts +62 -0
package/tests/helpers.ts +22 -0
package/tests/middleware/security.test.ts +42 -0
package/tests/routers/agenda.test.ts +138 -0
package/tests/routers/announcement.test.ts +490 -0
package/tests/routers/assignment.test.ts +837 -0
package/tests/routers/attendance.test.ts +160 -0
package/tests/routers/auth.test.ts +171 -0
package/tests/{class.test.ts → routers/class.test.ts} +163 -92
package/tests/routers/comment.test.ts +126 -0
package/tests/routers/conversation.test.ts +145 -0
package/tests/routers/event.test.ts +289 -0
package/tests/routers/folder.test.ts +178 -0
package/tests/routers/labChat.test.ts +115 -0
package/tests/routers/marketing.test.ts +59 -0
package/tests/routers/message.test.ts +123 -0
package/tests/routers/notification.test.ts +69 -0
package/tests/routers/section.test.ts +208 -0
package/tests/server/rateLimit.test.ts +73 -0
package/tests/setup.ts +39 -59
package/tests/user.test.ts +136 -0
package/tests/utils/aiUser.test.ts +22 -0
package/tests/utils/generateInviteCode.test.ts +24 -0
package/tests/utils/logger.test.ts +74 -0
package/tests/utils/prismaErrorHandler.test.ts +101 -0
package/tests/utils/prismaWrapper.test.ts +82 -0
package/tests/worksheet.test.ts +181 -0
package/tsconfig.json +9 -2
package/vitest.config.ts +30 -1
package/vitest.unit.config.ts +21 -0
package/API_SPECIFICATION.md +0 -1597
package/BASE64_REMOVAL_SUMMARY.md +0 -164
package/CHAT_API_SPEC.md +0 -579
package/LAB_CHAT_API_SPEC.md +0 -518
package/dist/routers/school.d.ts +0 -208
package/dist/routers/school.d.ts.map +0 -1
package/dist/routers/school.js +0 -481
package/src/lib/notificationHandler.ts +0 -36
package/tests/auth.test.ts +0 -25

package/src/index.ts CHANGED Viewed

@@ -11,52 +11,64 @@ import { logger } from './utils/logger.js';
 import { setupSocketHandlers } from './socket/handlers.js';
 import { bucket } from './lib/googleCloudStorage.js';
 import { prisma } from './lib/prisma.js';
+import { pusher } from './lib/pusher.js';
+import { connectRedis, disconnectRedis } from './lib/redis.js';
-dotenv.config();
+import { authLimiter, generalLimiter, helmetConfig, uploadLimiter } from './middleware/security.js';
+import * as Sentry from "@sentry/node";
+import { env } from './lib/config/env.js';
+import compression from 'compression';
+import { v4 as uuidv4 } from 'uuid';
+import "./instrument.js";
+import { openAIClient } from './utils/inference.js';
 const app = express();
+app.use(helmetConfig);
+app.use(compression());
+app.use(express.json());
+app.use(express.urlencoded({ extended: true }));
+app.use((req, res, next) => {
+  const requestId = uuidv4();
+  res.setHeader('X-Request-ID', requestId);
+  next();
+});
+const allowedOrigins = env.NODE_ENV === 'production'
+? [
+    'https://www.studious.sh',
+    'https://studious.sh',
+    'https://dev.studious.sh',
+    'https://www.dev.studious.sh',
+    env.NEXT_PUBLIC_APP_URL,
+    'http://localhost:3000',
+  ].filter(Boolean)
+: [
+    'http://localhost:3000',
+    'http://localhost:3001',
+    'http://127.0.0.1:3000',
+    'http://127.0.0.1:3001',
+    env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
+  ];
 // CORS middleware
 app.use(cors({
-  origin: [
-    'http://localhost:3000',  // Frontend development server
-    'http://localhost:3001',  // Server port
-    'http://127.0.0.1:3000',  // Alternative localhost
-    'http://127.0.0.1:3001',  // Alternative localhost
-    'https://www.studious.sh',  // Production frontend
-    'https://studious.sh',     // Production frontend (without www)
-    process.env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
-  ],
+  origin: allowedOrigins,
   credentials: true,
   methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
   allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With', 'x-user'],
-  optionsSuccessStatus: 200
+  preflightContinue: false, // Important: stop further handling of OPTIONS
+  optionsSuccessStatus: 204, // Recommended for modern browsers
 }));
-// Handle preflight OPTIONS requests
-app.options('*', (req, res) => {
-  const allowedOrigins = [
-    'http://localhost:3000',
-    'http://localhost:3001',
-    'http://127.0.0.1:3000',
-    'http://127.0.0.1:3001',
-    'https://www.studious.sh',  // Production frontend
-    'https://studious.sh',     // Production frontend (without www)
-    process.env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
-  ];
-  const origin = req.headers.origin;
-  if (origin && allowedOrigins.includes(origin)) {
-    res.header('Access-Control-Allow-Origin', origin);
-  } else {
-    res.header('Access-Control-Allow-Origin', 'http://localhost:3000');
-  }
-  res.header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
-  res.header('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-Requested-With, x-user');
-  res.header('Access-Control-Allow-Credentials', 'true');
-  res.sendStatus(200);
-});
+app.use(generalLimiter);
 // CORS debugging middleware
 app.use((req, res, next) => {
@@ -86,11 +98,146 @@ app.use((req, res, next) => {
   next();
 });
+// app.use("/panel", async (_, res) => {
+//   if (env.NODE_ENV !== "development") {
+//     return res.status(404).send("Not Found");
+//   }
+//   // Dynamically import renderTrpcPanel only in development
+//   const { renderTrpcPanel } = await import("trpc-ui");
+//   return res.send(
+//     renderTrpcPanel(appRouter, {
+//       url: "/trpc", // Base url of your trpc server
+//       meta: {
+//         title: "Studious Backend",
+//         description:
+//           "This is the backend for the Studious application.",
+//       },
+//     })
+//   );
+// });
 // Create HTTP server
 const httpServer = createServer(app);
-app.get('/health', (req, res) => {
-  res.status(200).json({ message: 'OK' });
+app.get('/health', async (req, res) => {
+  try {
+    // Check database connectivity
+    await prisma.$queryRaw`SELECT 1`;
+    res.status(200).json({
+      status: 'OK',
+      timestamp: new Date().toISOString(),
+      uptime: process.uptime(),
+      database: 'connected'
+    });
+  } catch (error) {
+    res.status(503).json({
+      status: 'ERROR',
+      database: 'disconnected',
+      error: error instanceof Error ? error.message : 'Unknown error'
+    });
+  }
+});
+// Pusher channel auth (for private-* and presence-* channels)
+// Token from: x-user header, or cookie (same-origin requests send cookies automatically)
+app.post('/api/pusher/auth', async (req, res) => {
+  try {
+    let token = req.headers['x-user'] as string | undefined;
+    if (!token && req.headers.cookie) {
+      const cookieName = env.PUSHER_AUTH_COOKIE_NAME || 'token';
+      const match = req.headers.cookie.match(new RegExp(`${cookieName}=([^;]+)`));
+      token = match?.[1]?.trim();
+    }
+    const { socket_id, channel_name } = req.body as { socket_id?: string; channel_name?: string };
+    if (!socket_id || !channel_name) {
+      return res.status(400).json({ error: 'socket_id and channel_name required' });
+    }
+    if (!token) {
+      return res.status(401).json({ error: 'Authentication required' });
+    }
+    const user = await prisma.user.findFirst({
+      where: { sessions: { some: { id: token } } },
+      select: { id: true, username: true },
+    });
+    if (!user) {
+      return res.status(401).json({ error: 'Invalid or expired session' });
+    }
+    // Verify channel access for private-conversation-* channels
+    if (channel_name.startsWith('private-conversation-')) {
+      const conversationId = channel_name.replace('private-conversation-', '');
+      const member = await prisma.conversationMember.findFirst({
+        where: { conversationId, userId: user.id },
+      });
+      if (!member) {
+        return res.status(403).json({ error: 'Not a member of this conversation' });
+      }
+    }
+    if (channel_name.startsWith('private-worksheet-')) {
+      const worksheetId = channel_name.replace('private-worksheet-', '');
+      const worksheet = await prisma.studentWorksheetResponse.findFirst({
+        where: { id: worksheetId, OR: [
+          { studentId: user.id },
+          { submission: { assignment: { class: { teachers: { some: { id: user.id } } } } } },
+        ] },
+      });
+      if (!worksheet) {
+        return res.status(403).json({ error: 'No access to this worksheet' });
+      }
+    }
+    if (channel_name.startsWith('private-teacher-')) {
+      const classId = channel_name.replace('private-teacher-', '');
+      const isTeacher = await prisma.class.findFirst({
+        where: { id: classId, teachers: { some: { id: user.id } } },
+      });
+      if (!isTeacher) {
+        return res.status(403).json({ error: 'Not a teacher of this class' });
+      }
+    }
+    // Verify channel access for private-class-* channels
+    // if (channel_name.startsWith('private-class-')) {
+    //   const classId = channel_name.replace('private-class-', '');
+    //   const isMember = await prisma.class.findFirst({
+    //     where: {
+    //       id: classId,
+    //       OR: [
+    //         { students: { some: { id: user.id } } },
+    //         { teachers: { some: { id: user.id } } },
+    //       ],
+    //     },
+    //   });
+    //   if (!isMember) {
+    //     return res.status(403).json({ error: 'Not a member of this class' });
+    //   }
+    // }
+    if (channel_name.startsWith('presence-')) {
+      const authResponse = pusher.authorizeChannel(socket_id, channel_name, {
+        user_id: user.id,
+        user_info: { username: user.username },
+      });
+      return res.json(authResponse);
+    }
+    const authResponse = pusher.authorizeChannel(socket_id, channel_name);
+    return res.json(authResponse);
+  } catch (error) {
+    logger.error('Pusher auth error', { error });
+    return res.status(500).json({ error: 'Authentication failed' });
+  }
 });
 // Setup Socket.IO
@@ -103,7 +250,7 @@ const io = new Server(httpServer, {
       'http://127.0.0.1:3001',  // Alternative localhost
       'https://www.studious.sh',  // Production frontend
       'https://studious.sh',     // Production frontend (without www)
-      process.env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
+      env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
     ],
     methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
     credentials: true,
@@ -326,12 +473,15 @@ app.get('/api/files/:fileId', async (req, res) => {
   }
 });
+app.use('/trpc/auth.login', authLimiter);
+app.use('/trpc/auth.register', authLimiter);
 // File upload endpoint for secure file uploads (supports both POST and PUT)
-app.post('/api/upload/:filePath', async (req, res) => {
+app.post('/api/upload/:filePath', uploadLimiter, async (req, res) => {
   handleFileUpload(req, res);
 });
-app.put('/api/upload/:filePath', async (req, res) => {
+app.put('/api/upload/:filePath', uploadLimiter, async (req, res) => {
   handleFileUpload(req, res);
 });
@@ -348,7 +498,7 @@ function handleFileUpload(req: any, res: any) {
       'http://127.0.0.1:3001',
       'https://www.studious.sh',  // Production frontend
       'https://studious.sh',     // Production frontend (without www)
-      process.env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
+      env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
     ];
     if (origin && allowedOrigins.includes(origin)) {
@@ -411,21 +561,35 @@ app.use(
   })
 );
-const PORT = process.env.PORT || 3001;
+// IMPORTANT: Sentry error handler must be added AFTER all other middleware and routes
+// but BEFORE any other error handlers
+Sentry.setupExpressErrorHandler(app);
+// app.use(function onError(err, req, res, next) {
+//   // The error id is attached to `res.sentry` to be returned
+//   // and optionally displayed to the user for support.
+//   res.statusCode = 500;
+//   res.end(res.sentry + "\n");
+// });
-httpServer.listen(PORT, () => {
-  logger.info(`Server running on port ${PORT}`, {
-    port: PORT,
-    services: ['tRPC', 'Socket.IO']
+const PORT = env.PORT || 3001;
+connectRedis().then(() => {
+  httpServer.listen(PORT, () => {
+    logger.info(`Server running on port ${PORT}`, {
+      port: PORT,
+      services: ['tRPC', 'Socket.IO', env.REDIS_URL ? 'Redis' : null].filter(Boolean),
+    });
   });
 });
 // log all env variables
 logger.info('Configurations', {
-  NODE_ENV: process.env.NODE_ENV,
-  PORT: process.env.PORT,
-  NEXT_PUBLIC_APP_URL: process.env.NEXT_PUBLIC_APP_URL,
-  LOG_MODE: process.env.LOG_MODE,
+  NODE_ENV: env.NODE_ENV,
+  PORT: env.PORT,
+  NEXT_PUBLIC_APP_URL: env.NEXT_PUBLIC_APP_URL,
+  LOG_MODE: env.LOG_MODE,
 });
 // Log CORS configuration
@@ -435,6 +599,37 @@ logger.info('CORS Configuration', {
     'http://localhost:3001',
     'http://127.0.0.1:3000',
     'http://127.0.0.1:3001',
-    process.env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
+    env.NEXT_PUBLIC_APP_URL || 'http://localhost:3000'
   ]
-});
+});
+const gracefulShutdown = (signal: string) => {
+  logger.info(`Received ${signal}, shutting down gracefully`);
+  httpServer.close(() => {
+    logger.info('HTTP server closed');
+    io.close(() => {
+      logger.info('Socket.IO server closed');
+      disconnectRedis().then(() =>
+        prisma.$disconnect().then(() => {
+          logger.info('Database connections closed');
+          process.exit(0);
+        }).catch((err) => {
+          logger.error('Error disconnecting from database', { error: err });
+          process.exit(1);
+        })
+      );
+    });
+  });
+  // Force shutdown after 10 seconds
+  setTimeout(() => {
+    logger.error('Forced shutdown after timeout');
+    process.exit(1);
+  }, 10000);
+};
+process.on('SIGTERM', () => gracefulShutdown('SIGTERM'));
+process.on('SIGINT', () => gracefulShutdown('SIGINT'));

package/src/instrument.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import * as Sentry from "@sentry/node";
+import { env } from "./lib/config/env.js";
+// Only initialize Sentry in non-test environments
+if (env.NODE_ENV !== 'test') {
+  Sentry.init({
+    dsn: env.SENTRY_DSN,
+    environment: env.NODE_ENV || 'development',
+    // Setting this option to true will send default PII data to Sentry.
+    // For example, automatic IP address collection on events
+    sendDefaultPii: true,
+    // @todo: disable in test environment
+    enabled: true, // Explicitly disable in test environment
+  });
+}

package/src/lib/config/env.ts ADDED Viewed

@@ -0,0 +1,132 @@
+import { z } from 'zod';
+import dotenv from 'dotenv';
+import { resolve } from 'path';
+import { logger } from '../../utils/logger.js';
+// Determine which env file to load based on NODE_ENV
+const nodeEnv = process.env.NODE_ENV || 'development';
+const envFileMap: Record<string, string> = {
+  test: '.env.test',
+  development: '.env.development',
+  production: '.env.production',
+};
+// Load the appropriate env file
+const envFile = envFileMap[nodeEnv] || '.env';
+const envPath = resolve(process.cwd(), envFile);
+// Load environment variables from the correct file
+// First load .env (base), then override with environment-specific file
+dotenv.config(); // Load .env first (base config)
+dotenv.config({ path: envPath, override: true }); // Override with env-specific
+const isTest = nodeEnv === 'test';
+const isProduction = nodeEnv === 'production';
+// Base schema with required vars for all environments
+const baseSchema = z.object({
+  NODE_ENV: z.enum(['development', 'production', 'test']).default('development'),
+  PORT: z.string().transform(Number).default('3001'),
+  DATABASE_URL: z.string().url('DATABASE_URL must be a valid URL'),
+});
+// Production/development schema with all required vars
+const fullSchema = baseSchema.extend({
+  NEXT_PUBLIC_APP_URL: z.string().url().default('http://localhost:3000'),
+  BACKEND_URL: z.string().url().default('http://localhost:3001'),
+  SENTRY_DSN: z.string().url().optional(),
+  EMAIL_HOST: z.string().min(1, 'EMAIL_HOST is required'),
+  EMAIL_PORT: z.string().transform(Number).default('587'),
+  EMAIL_USER: z.string().email('EMAIL_USER must be a valid email'),
+  EMAIL_PASS: z.string().min(1, 'EMAIL_PASS is required'),
+  EMAIL_DRY_RUN: z.string().optional().default('false'),
+  GOOGLE_CLOUD_PROJECT_ID: z.string().min(1, 'GOOGLE_CLOUD_PROJECT_ID is required'),
+  GOOGLE_CLOUD_CLIENT_EMAIL: z.string().email('GOOGLE_CLOUD_CLIENT_EMAIL must be a valid email'),
+  GOOGLE_CLOUD_PRIVATE_KEY: z.string().min(1, 'GOOGLE_CLOUD_PRIVATE_KEY is required'),
+  GOOGLE_CLOUD_BUCKET_NAME: z.string().min(1, 'GOOGLE_CLOUD_BUCKET_NAME is required'),
+  PUSHER_APP_ID: z.string().min(1, 'PUSHER_APP_ID is required'),
+  PUSHER_KEY: z.string().min(1, 'PUSHER_KEY is required'),
+  PUSHER_SECRET: z.string().min(1, 'PUSHER_SECRET is required'),
+  PUSHER_CLUSTER: z.string().min(1, 'PUSHER_CLUSTER is required'),
+  PUSHER_AUTH_COOKIE_NAME: z.string().optional(), // Cookie name for session token (default: 'token')
+  REDIS_URL: z.string().url().optional(), // Redis connection URL (e.g. redis://localhost:6379)
+  INFERENCE_API_KEY: z.string().optional(),
+  INFERENCE_API_BASE_URL: z.string().url().optional(),
+  OPENAI_API_KEY: z.string().optional(),
+  LOG_MODE: z.enum(['normal', 'verbose', 'quiet']).default('normal'),
+});
+// Test schema - only require what's needed for tests
+const testSchema = baseSchema.extend({
+  NEXT_PUBLIC_APP_URL: z.string().url().optional().default('http://localhost:3000'),
+  BACKEND_URL: z.string().url().optional().default('http://localhost:3001'),
+  SENTRY_DSN: z.string().url().optional(),
+  EMAIL_HOST: z.string().optional().default('smtp.test.com'),
+  EMAIL_PORT: z.string().transform(Number).default('587'),
+  EMAIL_USER: z.string().email().optional().default('test@test.com'),
+  EMAIL_PASS: z.string().optional().default('test'),
+  EMAIL_DRY_RUN: z.string().optional().default('false'),
+  GOOGLE_CLOUD_PROJECT_ID: z.string().optional().default('test-project'),
+  GOOGLE_CLOUD_CLIENT_EMAIL: z.string().email().optional().default('test@test.iam.gserviceaccount.com'),
+  GOOGLE_CLOUD_PRIVATE_KEY: z.string().optional().default('test-key'),
+  GOOGLE_CLOUD_BUCKET_NAME: z.string().optional().default('test-bucket'),
+  PUSHER_APP_ID: z.string().optional().default('test-app-id'),
+  PUSHER_KEY: z.string().optional().default('test-key'),
+  PUSHER_SECRET: z.string().optional().default('test-secret'),
+  PUSHER_CLUSTER: z.string().optional().default('us2'),
+  PUSHER_AUTH_COOKIE_NAME: z.string().optional(),
+  REDIS_URL: z.string().url().optional(),
+  INFERENCE_API_KEY: z.string().optional(),
+  OPENAI_API_KEY: z.string().optional(),
+  INFERENCE_API_BASE_URL: z.string().url().optional(),
+  LOG_MODE: z.enum(['normal', 'verbose', 'quiet']).default('quiet'),
+});
+// Use test schema in test mode, full schema otherwise
+const envSchema = isTest ? testSchema : fullSchema;
+// Validate environment variables
+function validateEnv() {
+  try {
+    const parsed = envSchema.parse(process.env);
+    // Only exit on validation failure in production
+    if (isProduction && !parsed.DATABASE_URL) {
+      logger.error('DATABASE_URL is required in production');
+      process.exit(1);
+    }
+    return parsed;
+  } catch (error) {
+    if (error instanceof z.ZodError) {
+      const missingVars = error.errors.map(err => ({
+        path: err.path.join('.'),
+        message: err.message,
+      }));
+      logger.error('Environment variable validation failed', {
+        envFile,
+        missingVars,
+      });
+      // Only exit in production - in test/dev, log warning but continue
+      if (isProduction) {
+        logger.error(`Please check your ${envFile} file and ensure all required variables are set.`);
+        process.exit(1);
+      } else {
+        logger.warn('Continuing with defaults - some features may not work correctly', {
+          envFile,
+        });
+        // Return parsed with defaults for non-production
+        return envSchema.parse({ ...process.env });
+      }
+    }
+    throw error;
+  }
+}
+// Export validated environment variables
+export const env = validateEnv();
+// Type-safe environment access
+export type Env = z.infer<typeof envSchema>;

package/src/lib/fileUpload.ts CHANGED Viewed

@@ -1,9 +1,9 @@
 import { TRPCError } from "@trpc/server";
 import { v4 as uuidv4 } from "uuid";
 import { getSignedUrl, objectExists } from "./googleCloudStorage.js";
-import { generateMediaThumbnail } from "./thumbnailGenerator.js";
 import { prisma } from "./prisma.js";
 import { logger } from "../utils/logger.js";
+import { env } from "./config/env.js";
 export interface FileData {
   name: string;
@@ -102,7 +102,8 @@ export async function createDirectUploadFile(
   userId: string,
   directory?: string,
   assignmentId?: string,
-  submissionId?: string
+  submissionId?: string,
+  announcementId?: string
 ): Promise<DirectUploadFile> {
   try {
     // Validate file extension matches MIME type
@@ -135,7 +136,7 @@ export async function createDirectUploadFile(
     const uploadSessionId = uuidv4();
     // Generate backend proxy upload URL (not direct GCS)
-    const baseUrl = process.env.BACKEND_URL || 'http://localhost:3001';
+    const baseUrl = env.BACKEND_URL || 'http://localhost:3001';
     const uploadUrl = `${baseUrl}/api/upload/${encodeURIComponent(filePath)}`;
     const uploadExpiresAt = new Date(Date.now() + 15 * 60 * 1000); // 15 minutes from now
@@ -167,6 +168,11 @@ export async function createDirectUploadFile(
           submission: {
             connect: { id: submissionId }
           }
+        }),
+        ...(announcementId && {
+          announcement: {
+            connect: { id: announcementId }
+          }
         })
       },
     });
@@ -225,7 +231,7 @@ export async function confirmDirectUpload(
     // If uploadSuccess is true, verify the object actually exists in GCS
     if (uploadSuccess) {
       try {
-        const exists = await objectExists(process.env.GOOGLE_CLOUD_BUCKET_NAME!, fileRecord.path);
+        const exists = await objectExists(env.GOOGLE_CLOUD_BUCKET_NAME!, fileRecord.path);
         if (!exists) {
           actualUploadSuccess = false;
           actualErrorMessage = 'File upload reported as successful but object not found in Google Cloud Storage';
@@ -323,11 +329,12 @@ export async function createDirectUploadFiles(
   userId: string,
   directory?: string,
   assignmentId?: string,
-  submissionId?: string
+  submissionId?: string,
+  announcementId?: string
 ): Promise<DirectUploadFile[]> {
   try {
     const uploadPromises = files.map(file =>
-      createDirectUploadFile(file, userId, directory, assignmentId, submissionId)
+      createDirectUploadFile(file, userId, directory, assignmentId, submissionId, announcementId)
     );
     return await Promise.all(uploadPromises);
   } catch (error) {

package/src/lib/googleCloudStorage.ts CHANGED Viewed

@@ -1,17 +1,17 @@
-import dotenv from 'dotenv';
-dotenv.config();
 import { Storage } from '@google-cloud/storage';
 import { TRPCError } from '@trpc/server';
+import { env } from './config/env.js';
 const storage = new Storage({
-  projectId: process.env.GOOGLE_CLOUD_PROJECT_ID,
+  projectId: env.GOOGLE_CLOUD_PROJECT_ID,
   credentials: {
-    client_email: process.env.GOOGLE_CLOUD_CLIENT_EMAIL,
-    private_key: process.env.GOOGLE_CLOUD_PRIVATE_KEY?.replace(/\\n/g, '\n'),
+    client_email: env.GOOGLE_CLOUD_CLIENT_EMAIL,
+    private_key: env.GOOGLE_CLOUD_PRIVATE_KEY?.replace(/\\n/g, '\n'),
   },
 });
-export const bucket = storage.bucket(process.env.GOOGLE_CLOUD_BUCKET_NAME!);
+export const bucket = storage.bucket(env.GOOGLE_CLOUD_BUCKET_NAME!);
 // Short expiration time for signed URLs (5 minutes)
 const SIGNED_URL_EXPIRATION = 5 * 60 * 1000;
@@ -81,4 +81,21 @@ export async function objectExists(bucketName: string, objectPath: string): Prom
       message: 'Failed to check object existence',
     });
   }
+}
+/**
+ * Copies a file within the same bucket to a new path
+ * @param sourcePath The GCS path of the source file
+ * @param destPath The GCS path for the destination
+ */
+export async function copyFile(sourcePath: string, destPath: string): Promise<void> {
+  try {
+    await bucket.file(sourcePath).copy(destPath);
+  } catch (error) {
+    console.error('Error copying file in Google Cloud Storage:', error);
+    throw new TRPCError({
+      code: 'INTERNAL_SERVER_ERROR',
+      message: 'Failed to copy file in storage',
+    });
+  }
 }