@vue-skuilder/express 0.1.1

package/src/client-requests/course-requests.ts

@@ -0,0 +1,188 @@
+import { log } from 'util';
+import { CreateCourse } from '@vue-skuilder/common';
+import CouchDB, { SecurityObject } from '../couchdb/index.js';
+import { postProcessCourse } from '../attachment-preprocessing/index.js';
+import AsyncProcessQueue, { Result } from '../utils/processQueue.js';
+import nano from 'nano';
+
+import logger from '../logger.js';
+import { CourseLookup } from '@vue-skuilder/db';
+import { courseDBDesignDocs } from '../design-docs.js';
+
+function getCourseDBName(courseID: string): string {
+  return `coursedb-${courseID}`;
+}
+
+/**
+ * Inserts a design document into a course database.
+ * @param courseID - The ID of the course database.
+ * @param doc
+ */
+function insertDesignDoc(
+  courseID: string,
+  doc: {
+    _id: string;
+  }
+): void {
+  const courseDB = CouchDB.use(courseID);
+
+  courseDB
+    .get(doc._id)
+    .then((priorDoc) => {
+      void courseDB.insert({
+        ...doc,
+        _rev: priorDoc._rev,
+      });
+    })
+    .catch(() => {
+      void courseDB
+        .insert(doc)
+        .catch((e) => {
+          log(
+            `Error inserting design doc ${doc._id} in course-${courseID}: ${e}`
+          );
+        })
+        .then((resp) => {
+          if (resp && resp.ok) {
+            log(`CourseDB design doc inserted into course-${courseID}`);
+          }
+        });
+    });
+}
+
+export async function initCourseDBDesignDocInsert(): Promise<void> {
+  const courses = await CourseLookup.allCourses();
+  courses.forEach((c) => {
+    // Insert design docs
+    courseDBDesignDocs.forEach((dd) => {
+      insertDesignDoc(getCourseDBName(c._id), dd);
+    });
+
+    // Update security object for public courses
+    const courseDB = CouchDB.use<CourseConfig>(getCourseDBName(c._id));
+    courseDB
+      .get('CourseConfig')
+      .then((configDoc) => {
+        if (configDoc.public === true) {
+          const secObj: SecurityObject = {
+            admins: {
+              names: [],
+              roles: [],
+            },
+            members: {
+              names: [], // Empty array for public courses to allow all users access
+              roles: [],
+            },
+          };
+          courseDB
+            // @ts-expect-error allow insertion of _security document.
+            //                  db scoped as ConfigDoc to make the read easier.
+            .insert(secObj as nano.MaybeDocument, '_security')
+            .then(() => {
+              logger.info(
+                `Updated security settings for public course ${c._id}`
+              );
+            })
+            .catch((e) => {
+              logger.error(
+                `Error updating security for public course ${c._id}: ${e}`
+              );
+            });
+        }
+      })
+      .catch((e) => {
+        logger.error(`Error getting CourseConfig for ${c._id}: ${e}`);
+      });
+  });
+}
+
+type CourseConfig = CreateCourse['data'];
+
+async function createCourse(cfg: CourseConfig): Promise<Result> {
+  cfg.courseID = await CourseLookup.add(cfg.name);
+
+  if (!cfg.courseID) {
+    throw new Error('Course ID not found');
+  }
+
+  const courseDBName: string = getCourseDBName(cfg.courseID);
+  const dbCreation = await CouchDB.db.create(courseDBName);
+
+  if (dbCreation.ok) {
+    const courseDB = CouchDB.use(courseDBName);
+
+    courseDB
+      .insert({
+        _id: 'CourseConfig',
+        ...cfg,
+      })
+      .catch((e) => {
+        logger.error(
+          `Error inserting CourseConfig for course ${cfg.courseID}:`,
+          e
+        );
+      });
+
+    // insert the tags, elo, etc view docs
+    courseDBDesignDocs.forEach((doc) => {
+      courseDB.insert(doc).catch((e) => {
+        logger.error(
+          `Error inserting design doc for course ${cfg.courseID}:`,
+          e
+        );
+      });
+    });
+
+    // Configure security for both public and private courses
+    const secObj: SecurityObject = {
+      admins: {
+        names: [],
+        roles: [],
+      },
+      members: {
+        names: cfg.public ? [] : [cfg.creator], // Empty array for public courses to allow all users access
+        roles: [],
+      },
+    };
+
+    courseDB
+      .insert(secObj as nano.MaybeDocument, '_security')
+      .then(() => {
+        logger.info(
+          `Successfully set security for ${
+            cfg.public ? 'public' : 'private'
+          } course ${cfg.courseID}`
+        );
+      })
+      .catch((e) => {
+        logger.error(
+          `Error inserting security object for course ${cfg.courseID}:`,
+          e
+        );
+      });
+
+    // Design documents including validation are inserted via courseDBDesignDocs
+    logger.info(
+      `Validation design document will be inserted for course ${cfg.courseID}`
+    );
+  }
+
+  // follow the course so that user-uploaded content goes through
+  // post-processing
+  postProcessCourse(cfg.courseID);
+
+  return {
+    ok: dbCreation.ok ?? false,
+    status: 'ok',
+    // @ts-expect-error courseID required for runtime but not in Result interface - see sideQuest.md
+    courseID: cfg.courseID,
+  };
+}
+
+export type CreateCourseResp = CreateCourse['response'];
+
+export const CourseCreationQueue = new AsyncProcessQueue<
+  // @ts-expect-error [I do not know why this thinks is is broken or why it works.]
+  CreateCourse['data'],
+  CreateCourse['response']
+>(createCourse);

package/src/client.ts

@@ -0,0 +1,97 @@
+import axios, { AxiosBasicCredentials, AxiosResponse } from 'axios';
+import {
+  AddCourseDataPayload,
+  CourseConfig,
+  CreateCourse,
+  ServerRequestType,
+} from '@vue-skuilder/common';
+import { CreateCourseResp } from './client-requests/course-requests.js';
+
+export default class SkldrClient {
+  server: string;
+
+  constructor(server: string) {
+    this.server = server;
+  }
+
+  /**
+   * Create a new course.
+   */
+  async createCourse(
+    cfg: CourseConfig,
+    auth?: AxiosBasicCredentials
+  ): Promise<AxiosResponse<CreateCourseResp>> {
+    const request: CreateCourse = {
+      type: ServerRequestType.CREATE_COURSE,
+      data: cfg,
+      user: 'apiClient',
+      response: null,
+    };
+
+    const resp = await axios.post<CreateCourse, AxiosResponse<CreateCourseResp>>(
+      `${this.server}`,
+      request,
+      {
+        auth: auth,
+      }
+    );
+
+    return resp;
+  }
+
+  /**
+   * Creates a client to interact with the specified course.
+   */
+  getCourseClient(id: string): SkldrCourseClient {
+    return new SkldrCourseClient(this.server, id);
+  }
+
+  /**
+   * @returns a list of all courses on the server in `id - name` format.
+   */
+  async getCourses(): Promise<string[]> {
+    const resp = await axios.get(`${this.server}/courses`);
+    return resp.data;
+  }
+  async getVersion(): Promise<string> {
+    const resp = await axios.get(`${this.server}/version`);
+    return resp.data;
+  }
+  async getRoles(): Promise<string[]> {
+    const resp = await axios.get(`${this.server}/roles`);
+    return resp.data;
+  }
+}
+
+class SkldrCourseClient {
+  id: string;
+  server: string;
+
+  constructor(server: string, id: string) {
+    this.server = server;
+    this.id = id;
+  }
+
+  addData(data: AddCourseDataPayload): Promise<Express.Response> {
+    return axios.post(`${this.server}/${this.id}`, {
+      method: 'POST',
+      body: data,
+    });
+  }
+
+  async deleteCourse(auth?: AxiosBasicCredentials): Promise<Express.Response> {
+    // [ ] Consider auth / permanence of "destructive" actions
+    return axios.delete(`${this.server}/course/${this.id}`, {
+      auth,
+    });
+
+    // [ ] remove also from the `coursedb-lookup` database (?)
+  }
+
+  async getConfig(): Promise<CourseConfig> {
+    const resp = await axios.get<void, AxiosResponse<CourseConfig>>(
+      `${this.server}/course/${this.id}/config`
+    );
+    return resp.data;
+  }
+}

package/src/couchdb/authentication.ts

@@ -0,0 +1,85 @@
+import Nano from 'nano';
+import { COUCH_URL_WITH_PROTOCOL } from './index.js';
+import { VueClientRequest } from '../app.js';
+import logger from '../logger.js';
+
+interface CouchSession {
+  info: {
+    authenticated: string;
+    authentication_db: string;
+    authentication_handlers: string[];
+  };
+  ok: boolean;
+  userCtx: {
+    name: string;
+    roles: string[];
+  };
+}
+
+export async function requestIsAdminAuthenticated(req: VueClientRequest) {
+  logRequest(req);
+
+  const username = req.body.user;
+  const authCookie: string = req.cookies.AuthSession ? req.cookies.AuthSession : 'null';
+
+  if (authCookie === 'null') {
+    return false;
+  } else {
+    return await Nano({
+      cookie: 'AuthSession=' + authCookie,
+      url: COUCH_URL_WITH_PROTOCOL,
+    })
+      .session()
+      .then((s: CouchSession) => {
+        logger.info(`AuthUser: ${JSON.stringify(s)}`);
+        const isAdmin = s.userCtx.roles.indexOf('_admin') !== -1;
+        const isLoggedInUser = s.userCtx.name === username;
+        return isAdmin && isLoggedInUser;
+      })
+      .catch((_err) => {
+        return false;
+      });
+  }
+}
+
+function logRequest(req: VueClientRequest) {
+  logger.info(`${req.body.type} request from ${req.body.user}...`);
+}
+
+export async function requestIsAuthenticated(req: VueClientRequest) {
+  logRequest(req);
+
+  if (req.headers.authorization) {
+    const auth = Buffer.from(req.headers.authorization.split(' ')[1], 'base64')
+      .toString('ascii')
+      .split(':');
+    const username = auth[0];
+    const password = auth[1];
+
+    const authResult = await Nano({
+      url: COUCH_URL_WITH_PROTOCOL,
+    }).auth(username, password);
+
+    return authResult.ok;
+  }
+
+  const username = req.body.user;
+  const authCookie: string = req.cookies.AuthSession ? req.cookies.AuthSession : 'null';
+
+  if (authCookie === 'null') {
+    return false;
+  } else {
+    return await Nano({
+      cookie: 'AuthSession=' + authCookie,
+      url: COUCH_URL_WITH_PROTOCOL,
+    })
+      .session()
+      .then((s: CouchSession) => {
+        logger.info(`AuthUser: ${JSON.stringify(s)}`);
+        return s.userCtx.name === username;
+      })
+      .catch((_err) => {
+        return false;
+      });
+  }
+}

package/src/couchdb/index.ts

@@ -0,0 +1,76 @@
+import Nano from 'nano';
+import process from 'process';
+import ENV from '../utils/env.js'; 
+import logger from '../logger.js';
+
+const url = ENV.COUCHDB_SERVER;
+const protocol: string = ENV.COUCHDB_PROTOCOL;
+
+const admin = {
+  username: ENV.COUCHDB_ADMIN,
+  password: ENV.COUCHDB_PASSWORD,
+};
+const credentialCouchURL = `${protocol}://${admin.username}:${admin.password}@${url}`;
+
+logger.info('WORKING DIRECTORY: ' + process.cwd());
+logger.info(
+  `CouchDB url: ${url}
+    protocol: ${protocol}
+    credentials:
+    \tusername: ${admin.username}
+    \tpassword: *****
+    credUrl: ${protocol}://${admin.username}:*****@${url}
+    `
+);
+
+const CouchDB = Nano(credentialCouchURL);
+
+export async function useOrCreateCourseDB(courseID: string): Promise<Nano.DocumentScope<unknown>> {
+  return useOrCreateDB(`coursedb-${courseID}`);
+}
+
+interface NanoError extends Error {
+  statusCode?: number;
+}
+
+export async function useOrCreateDB<T>(dbName: string): Promise<Nano.DocumentScope<T>> {
+  const ret = CouchDB.use<T>(dbName);
+
+  try {
+    await ret.info();
+    return ret;
+  } catch {
+    try {
+      await CouchDB.db.create(dbName);
+      return ret;
+      } catch (error: unknown) {
+        const createErr = error as NanoError;
+        // If error is "database already exists", return existing db
+        if (createErr.statusCode === 412) {
+        return ret;
+      }
+      throw createErr;
+    }
+  }
+}
+
+export async function docCount(dbName: string): Promise<number> {
+  const db = await useOrCreateDB(dbName);
+  const info = await db.info();
+  return info.doc_count;
+}
+
+export interface SecurityObject extends Nano.MaybeDocument {
+  admins: {
+    names: string[];
+    roles: string[];
+  };
+  members: {
+    names: string[];
+    roles: string[];
+  };
+}
+
+export const COUCH_URL_WITH_PROTOCOL = protocol + '://' + process.env.COUCHDB_SERVER;
+
+export default CouchDB;

package/src/design-docs.ts

@@ -0,0 +1,107 @@
+import { CardData, DocType } from '@vue-skuilder/db';
+import * as fileSystem from 'fs';
+
+/**
+ * Fake fcn to allow usage in couchdb map fcns which, after passing
+ * through `.toString()`, are applied to all courses
+ */
+function emit(key?: unknown, value?: unknown): [unknown, unknown] {
+  return [key, value];
+}
+
+// Load design documents
+export const classroomDbDesignDoc = fileSystem.readFileSync(
+  './assets/classroomDesignDoc.js',
+  'utf-8'
+);
+
+export const courseDBDesignDoc = fileSystem.readFileSync(
+  './assets/get-tagsDesignDoc.json',
+  'utf-8'
+);
+
+export const courseValidateDocUpdate = fileSystem.readFileSync(
+  './assets/courseValidateDocUpdate.js',
+  'utf-8'
+);
+
+export const elodoc = {
+  _id: '_design/elo',
+  views: {
+    elo: {
+      map: `function (doc) {
+                if (doc.docType && doc.docType === 'CARD') {
+                    if (doc.elo && typeof(doc.elo) === 'number') {
+                        emit(doc.elo, doc._id);
+                    } else if (doc.elo && doc.elo.global) {
+                        emit(doc.elo.global.score, doc._id);
+                    } else if (doc.elo) {
+                        emit(doc.elo.score, doc._id);
+                    } else {
+                        const randElo = 995 + Math.round(10 * Math.random());
+                        emit(randElo, doc._id);
+                    }
+                }
+            }`,
+    },
+  },
+  language: 'javascript',
+};
+
+export const tagsDoc = {
+  _id: '_design/getTags',
+  views: {
+    getTags: {
+      map: `function (doc) {
+                if (doc.docType && doc.docType === "TAG") {
+                    for (var cardIndex in doc.taggedCards) {
+                        emit(doc.taggedCards[cardIndex], {
+                            docType: doc.docType,
+                            name: doc.name,
+                            snippit: doc.snippit,
+                            wiki: '',
+                            taggedCards: []
+                        });
+                    }
+                }
+            }`,
+    },
+  },
+  language: 'javascript',
+};
+
+export const cardsByInexperienceDoc = {
+  _id: '_design/cardsByInexperience',
+  views: {
+    cardsByInexperience: {
+      map: function (doc: CardData) {
+        if (doc.docType && doc.docType === DocType.CARD) {
+          if (
+            doc.elo &&
+            doc.elo.global &&
+            typeof doc.elo.global.count == 'number'
+          ) {
+            emit(doc.elo.global.count, doc.elo);
+          } else if (doc.elo && typeof doc.elo == 'number') {
+            emit(0, doc.elo);
+          } else {
+            emit(0, 995 + Math.floor(10 * Math.random()));
+          }
+        }
+      }.toString(),
+    },
+  },
+  language: 'javascript',
+};
+
+export const authDesignDoc = {
+  _id: '_design/_auth',
+  validate_doc_update: courseValidateDocUpdate,
+};
+
+export const courseDBDesignDocs = [
+  elodoc,
+  tagsDoc,
+  cardsByInexperienceDoc,
+  authDesignDoc,
+];

package/src/logger.ts

@@ -0,0 +1,75 @@
+import { createLogger, format, transports } from 'winston';
+import DailyRotateFile from 'winston-daily-rotate-file';
+
+const callerFormat = format((info) => {
+  const error = new Error();
+  const stackLines = error.stack?.split('\n');
+
+  if (stackLines) {
+    // Find the first line that isn't from node_modules or internal Winston code
+    const callerLine = stackLines.find((line) => {
+      return (
+        line.includes('(') &&
+        !line.includes('node_modules') &&
+        !line.includes('logger.ts') &&
+        !line.includes('winston')
+      );
+    });
+
+    if (callerLine) {
+      // Try to extract function name and location
+      const match = callerLine.match(
+        /at (?:(?:Object|Module)\.)?([a-zA-Z0-9_$.]+)? \((.+?):(\d+):(\d+)\)/
+      );
+
+      if (match) {
+        const [, functionName = '<anonymous>', file, line] = match;
+        // Clean up the file path - get just filename
+        const fileName = file.split('/').pop() || file;
+        info.caller = `${functionName} (${fileName}:${line})`;
+      } else {
+        // Handle edge cases (like anonymous functions)
+        const basicMatch = callerLine.match(/\((.+?):(\d+):(\d+)\)$/);
+        if (basicMatch) {
+          const [, file, line] = basicMatch;
+          const fileName = file.split('/').pop() || file;
+          info.caller = `<anonymous> (${fileName}:${line})`;
+        }
+      }
+    }
+  }
+
+  return info;
+});
+
+const logger = createLogger({
+  level: 'info',
+  format: format.combine(callerFormat(), format.timestamp(), format.json()),
+  transports: [
+    new transports.Console({
+      format: format.combine(
+        callerFormat(),
+        format.timestamp(),
+        format.printf(({ level, message, timestamp, caller, ...rest }) => {
+          const meta = Object.keys(rest).length ? JSON.stringify(rest) : '';
+          return `${timestamp} [${level}] ${caller || 'unknown'} - ${message} ${meta}`;
+        })
+      ),
+    }),
+    new DailyRotateFile({
+      filename: 'logs/error-%DATE%.log',
+      datePattern: 'YYYY-MM-DD',
+      level: 'error',
+      maxFiles: '7d',
+      maxSize: '20m',
+    }),
+    new DailyRotateFile({
+      filename: 'logs/combined-%DATE%.log',
+      datePattern: 'YYYY-MM-DD',
+      maxFiles: '7d',
+      maxSize: '20m',
+    }),
+  ],
+});
+
+export default logger;