Cleanup, start preaparing for React frontend (#254)

.eslintrc

@@ -17,6 +17,7 @@
 		"no-console": "off",
 		"no-empty-function": "error",
 		"no-floating-decimal": "error",
+		"no-explicit-any": "off",
 		"no-inline-comments": "error",
 		"no-lonely-if": "error",
 		"no-multi-spaces": "error",

package.json

@@ -28,15 +28,14 @@
     },
     "dependencies": {
         "bcryptjs": "^2.4.3",
-        "body-parser": "^1.20.2",
         "cors": "^2.8.5",
         "express": "^4.18.2",
         "express-rate-limit": "^7.0.1",
-        "helmet": "^7.0.0",
+        "express-session": "^1.17.3",
+        "googleapis": "^129.0.0",
         "jsonwebtoken": "^9.0.2",
         "mongo-sanitize": "^1.1.0",
         "mongoose": "^7.5.2",
-        "morgan": "^1.10.0",
         "swagger-jsdoc": "^6.2.8",
         "swagger-ui-express": "^5.0.0",
         "uuid": "^9.0.1"
@@ -45,9 +44,9 @@
         "@types/bcryptjs": "^2.4.4",
         "@types/cors": "^2.8.17",
         "@types/express": "^4.17.15",
+        "@types/express-session": "^1.17.10",
         "@types/jsonwebtoken": "^9.0.4",
         "@types/mongo-sanitize": "^1.0.3",
-        "@types/morgan": "^1.9.5",
         "@types/node": "^20.8.6",
         "@types/swagger-jsdoc": "^6.0.4",
         "@types/swagger-ui-express": "^4.1.3",

src/main/typescript/config.example.json

@@ -6,5 +6,10 @@
     "account_settings": {
         "account_limit": 3,
         "default_account_currency": "$"
-    }
+    },
+    "session_secret": "secret",
+    "google_oauth_client_id": "clientid",
+    "google_oauth_client_secret": "secret",
+    "frontend_url": "http://localhost:3000",
+    "development_mode": true
 }

src/main/typescript/models/user.model.ts

@@ -11,7 +11,7 @@ const UserSchema: Schema = new Schema({
     },
     password: {
         type: String,
-        required: true,
+        required: false,
     },
 });
 

src/main/typescript/oauthhelper.ts

@@ -0,0 +1,30 @@
+import { Auth } from 'googleapis';
+import { google_oauth_client_id, google_oauth_client_secret } from './config.json';
+import { Application } from 'express';
+
+const oAuth2Client = new Auth.OAuth2Client({
+        clientId: google_oauth_client_id,
+        clientSecret: google_oauth_client_secret,
+        redirectUri: 'postmessage',
+    },
+);
+
+export function registerOAuthRoutes(app: Application) {
+    app.post('/auth/google', async (req, res) => {
+        // exchange code for tokens
+        const { tokens } = await oAuth2Client.getToken(req.body.code);
+        console.log(tokens);
+        res.json(tokens);
+    });
+
+    app.post('/auth/google/refresh-token', async (req, res) => {
+        const user = new Auth.UserRefreshClient(
+            google_oauth_client_id,
+            google_oauth_client_secret,
+            req.body.refreshToken,
+        );
+        // optain new tokens
+        const { credentials } = await user.refreshAccessToken();
+        res.json(credentials);
+    });
+}

src/main/typescript/routes/auth.routes.ts

@@ -2,10 +2,13 @@ import { signup, signin, checkUser, checkToken } from '../controllers/auth.contr
 import { verifySignUp } from '../middlewares/verifySignUp';
 import { Application } from 'express';
 
+
 /**
  * Do NOT use Swagger for authentication API
  */
 
+
+
 function registerAuthSignup(app: Application) {
     app.post('/auth/signup', verifySignUp.checkDuplicateEmail, signup);
     app.get('/auth/signup', (req, res) => {

src/main/typescript/server.ts

@@ -3,11 +3,9 @@
  */
 import express, { Application } from 'express';
 import ratelimit from 'express-rate-limit';
-import bodyParser from 'body-parser';
 import cors from 'cors';
-import helmet from 'helmet';
-import morgan from 'morgan';
 import mongoose from 'mongoose';
+import session from 'express-session';
 
 /**
  * Required internal modules
@@ -22,18 +20,26 @@ import { registerAuthRoutes } from './routes/auth.routes';
 import { registerAccountRoutes } from './routes/accounts.routes';
 import { registerCategoryRoutes } from './routes/categories.routes';
 import { registerIncomeRoutes } from './routes/income.routes';
+import { registerExpenseRoutes } from './routes/expense.routes';
+import { registerOAuthRoutes } from './oauthhelper';
 
 /**
  * Required configuration sections
  */
-import { website_port, mongodb_auth_url } from './config.json';
-import { registerExpenseRoutes } from './routes/expense.routes';
+import { website_port, mongodb_auth_url, session_secret, frontend_url, development_mode } from './config.json';
 
 /**
  * App Variables
  */
 const app: Application = express();
-export const rootPath = __dirname;
+const oneDay = 1000 * 60 * 60 * 24;
+
+declare module 'express-session' {
+    interface Session {
+        userId: string;
+        accessToken: string;
+    }
+}
 
 /**
  * Database connection
@@ -45,16 +51,27 @@ mongoose.connect(mongodb_auth_url).then(() => info('Connected to mongodb')).catc
 /**
  * App Configuration
  */
-app.disable('x-powered-by');
+app.use(cors({
+    origin: frontend_url,
+    credentials: true,
+}));
 app.use(express.json());
-app.use(helmet());
-app.use(bodyParser.json());
-app.use(cors({ origin: '*' }));
-app.use(morgan('combined'));
+app.use(session({
+    resave: false,
+    saveUninitialized: false,
+    secret: session_secret,
+    cookie: {
+        maxAge: oneDay,
+        sameSite: development_mode ? 'lax' : 'none',
+        secure: !development_mode,
+    },
+}));
+
 app.use(ratelimit({ windowMs: 60 * 1000, max: 60 }));
 app.use(express.static(__dirname + '/public'));
 app.set('trust proxy', true);
 
+
 // Setup header to allow access-token
 app.use(function (req, res, next) {
     res.header(
@@ -81,6 +98,7 @@ registerAccountRoutes(app);
 registerCategoryRoutes(app);
 registerIncomeRoutes(app);
 registerExpenseRoutes(app);
+registerOAuthRoutes(app);
 
 registerSwaggerUI(app);
 
@@ -89,10 +107,11 @@ app.use(function (req, res) {
     res.status(404).send('404 Not found');
 });
 
-
 /**
  * Server Activation
  */
 app.listen(website_port, () => {
-    info(`Listening to requests at 127.0.0.1:${website_port}`);
+    info(`Listening to requests at Port ${website_port}. 
+    Development mode: ${development_mode}
+    Frontend-URL: ${frontend_url}`);
 });

src/main/typescript/tools/logmanager.ts

@@ -4,7 +4,7 @@ import { debug_log } from '../config.json';
 * If debug_log is enabled in config.json file, print out debug message to console
 * @param {string} msg The message to log
 */
-export function debug(msg: string): void {
+export function debug(msg: any): void {
     if (debug_log) {
         console.log(`[DEBUG] ${msg}`);
     }
@@ -14,19 +14,19 @@ export function debug(msg: string): void {
  * Print out info message to console
  * @param {string} msg The message to log
  */
-export function info(msg: string): void {
+export function info(msg: any): void {
     console.log(`[INFO] ${msg}`);
 }
 
 /**
  * Print out error message to console
  * @param {string} msg The error message to log
  */
-export function error(msg: string): void {
+export function error(msg: any): void {
     console.log(`[ERROR] ${msg}`);
 }
 
-export function errorWithError(msg: string, err: Error): void {
+export function errorWithError(msg: any, err: Error): void {
     console.log(`[ERROR] ${msg}`);
     console.error(err);
 }