Merge branch 'main' into dev/jacob/s3-flexible

ReflectionsProjections · Jul 15, 2024 · efdf434 · efdf434
2 parents 41bae16 + 1308987
commit efdf434
Show file tree

Hide file tree

Showing 13 changed files with 412 additions and 257 deletions.
diff --git a/package.json b/package.json
@@ -52,6 +52,7 @@
         "body-parser": "^1.20.2",
         "cors": "^2.8.5",
         "crypto": "^1.0.1",
+        "datetime": "^0.0.3",
         "dotenv": "^16.4.5",
         "express": "^4.19.1",
         "express-rate-limit": "^6.0.0",

diff --git a/scripts/install_dependencies.sh b/scripts/install_dependencies.sh
@@ -2,13 +2,11 @@
 cd /home/ubuntu/rp-api
 sudo yarn
 
-sudo pm2 describe appname 2>&1 /dev/null
+
+sudo pm2 describe RP_API 2>&1 /dev/null
 RUNNING=$?
 
 
-if [ "${RUNNING}" -eq 0 ]; then
-sudo pm2 start build/app.js --name RP_API -i 2 --wait-ready --listen-timeout 10000
+if [ "${RUNNING}" -eq 1 ]; then
+sudo pm2 start build/src/app.js --name RP_API -i 2 --wait-ready --listen-timeout 10000
 fi;
-
-
-
diff --git a/src/app.ts b/src/app.ts
@@ -11,6 +11,7 @@ import bodyParser from "body-parser";
 import errorHandler from "./middleware/error-handler";
 
 import attendeeRouter from "./services/attendee/attendee-router";
+import checkinRouter from "./services/checkin/checkin-router";
 import authRouter from "./services/auth/auth-router";
 import eventsRouter from "./services/events/events-router";
 import notificationsRouter from "./services/notifications/notifications-router";
@@ -38,6 +39,7 @@ app.use("/", bodyParser.json());
 // API routes
 app.use("/attendee", databaseMiddleware, attendeeRouter);
 app.use("/auth", databaseMiddleware, authRouter);
+app.use("/checkin", databaseMiddleware, checkinRouter);
 app.use("/events", databaseMiddleware, eventsRouter);
 app.use("/notifications", databaseMiddleware, notificationsRouter);
 app.use("/registration", databaseMiddleware, registrationRouter);

diff --git a/src/services/attendee/attendee-utils.ts b/src/services/attendee/attendee-utils.ts
diff --git a/src/services/checkin/checkin-router.ts b/src/services/checkin/checkin-router.ts
@@ -0,0 +1,36 @@
+import { Router } from "express";
+import { StatusCodes } from "http-status-codes";
+import { ScanValidator } from "./checkin-schema";
+import RoleChecker from "../../middleware/role-checker";
+import { Role } from "../auth/auth-models";
+import { validateQrHash } from "./checkin-utils";
+import { checkInUserToEvent } from "./checkin-utils";
+
+const checkinRouter = Router();
+
+checkinRouter.post(
+    "/scan/staff",
+    RoleChecker([Role.Enum.ADMIN]),
+    async (req, res, next) => {
+        try {
+            const { eventId, qrCode } = ScanValidator.parse(req.body);
+            console.log("Event ID:", eventId);
+
+            const { userId, expTime } = validateQrHash(qrCode);
+
+            if (Date.now() / 1000 > expTime) {
+                return res
+                    .status(StatusCodes.UNAUTHORIZED)
+                    .json({ error: "QR code has expired" });
+            }
+
+            await checkInUserToEvent(eventId, userId, true);
+
+            return res.status(StatusCodes.OK).json(userId);
+        } catch (error) {
+            next(error);
+        }
+    }
+);
+
+export default checkinRouter;
diff --git a/src/services/checkin/checkin-schema.ts b/src/services/checkin/checkin-schema.ts
@@ -0,0 +1,8 @@
+import { z } from "zod";
+
+const ScanValidator = z.object({
+    eventId: z.string(),
+    qrCode: z.string(),
+});
+
+export { ScanValidator };
diff --git a/src/services/checkin/checkin-utils.ts b/src/services/checkin/checkin-utils.ts
@@ -0,0 +1,107 @@
+import { Database } from "../../database";
+import crypto from "crypto";
+import { Config } from "../../config";
+
+function getCurrentDay() {
+    const currDate = new Date();
+    const dayString = new Intl.DateTimeFormat("en-US", {
+        timeZone: "America/Chicago",
+        weekday: "short",
+    }).format(currDate);
+    return dayString;
+}
+
+async function checkEventAndAttendeeExist(eventId: string, userId: string) {
+    const [event, attendee] = await Promise.all([
+        Database.EVENTS.exists({ eventId }),
+        Database.ATTENDEE.exists({ userId }),
+    ]);
+
+    if (!event || !attendee) {
+        throw new Error("Event or Attendee not found");
+    }
+
+    return Promise.resolve();
+}
+
+async function checkForDuplicateAttendance(eventId: string, userId: string) {
+    const [isRepeatEvent, isRepeatAttendee] = await Promise.all([
+        Database.EVENTS_ATTENDANCE.exists({ eventId, attendees: userId }),
+        Database.ATTENDEE_ATTENDANCE.exists({
+            userId,
+            eventsAttended: eventId,
+        }),
+    ]);
+
+    if (isRepeatEvent || isRepeatAttendee) {
+        throw new Error("Is Duplicate");
+    }
+}
+
+// Update attendee priority for the current day
+async function updateAttendeePriority(userId: string) {
+    const day = getCurrentDay();
+    await Database.ATTENDEE.findOneAndUpdate(
+        { userId },
+        { $set: { [`hasPriority.${day}`]: true } }
+    );
+}
+
+async function updateAttendanceRecords(eventId: string, userId: string) {
+    await Promise.all([
+        Database.EVENTS_ATTENDANCE.findOneAndUpdate(
+            { eventId },
+            { $addToSet: { attendees: userId } },
+            { new: true, upsert: true }
+        ),
+        Database.ATTENDEE_ATTENDANCE.findOneAndUpdate(
+            { userId },
+            { $addToSet: { eventsAttended: eventId } },
+            { new: true, upsert: true }
+        ),
+    ]);
+}
+
+export async function checkInUserToEvent(
+    eventId: string,
+    userId: string,
+    isCheckin: boolean = false
+) {
+    await checkEventAndAttendeeExist(eventId, userId);
+    await checkForDuplicateAttendance(eventId, userId);
+
+    if (!isCheckin) {
+        await updateAttendeePriority(userId);
+    }
+
+    await updateAttendanceRecords(eventId, userId);
+}
+
+export function generateQrHash(userId: string, expTime: number) {
+    let hashStr = userId + "#" + expTime;
+    const hashIterations = Config.QR_HASH_ITERATIONS;
+    const hashSecret = Config.QR_HASH_SECRET;
+
+    const hmac = crypto.createHmac("sha256", hashSecret);
+    hashStr = hmac.update(hashStr).digest("hex");
+
+    for (let i = 0; i < hashIterations; i++) {
+        const hash = crypto.createHash("sha256");
+        hashStr = hash.update(hashSecret + "#" + hashStr).digest("hex");
+    }
+
+    return `${hashStr}#${expTime}#${userId}`;
+}
+
+export function validateQrHash(qrCode: string) {
+    const parts = qrCode.split("#");
+    const userId = parts[2];
+    const expTime = parseInt(parts[1]);
+    const generatedHash = generateQrHash(userId, expTime);
+
+    if (generatedHash.split("#")[0] !== parts[0]) {
+        throw new Error("Invalid QR code");
+    }
+
+    return { userId, expTime };
+}
diff --git a/src/services/events/events-router.ts b/src/services/events/events-router.ts
@@ -4,7 +4,6 @@ import { Router } from "express";
 import { StatusCodes } from "http-status-codes";
 import { publicEventValidator, privateEventValidator } from "./events-schema";
 import { Database } from "../../database";
-import { checkInUserToEvent } from "./events-utils";
 import RoleChecker from "../../middleware/role-checker";
 import { Role } from "../auth/auth-models";
 import { isAdmin, isStaff } from "../auth/auth-utils";
@@ -154,27 +153,4 @@ eventsRouter.delete(
     }
 );
 
-eventsRouter.post(
-    "/check-in",
-    RoleChecker([Role.Enum.STAFF], true),
-    async (req, res, next) => {
-        // add RoleChecker for staff
-        try {
-            const { eventId, userId } = req.body;
-            const result = await checkInUserToEvent(eventId, userId);
-            if (result.success) {
-                return res
-                    .status(StatusCodes.OK)
-                    .json({ message: "Check-in successful" });
-            } else {
-                return res
-                    .status(StatusCodes.NOT_FOUND)
-                    .json({ error: result.message });
-            }
-        } catch (error) {
-            next(error);
-        }
-    }
-);
-
 export default eventsRouter;
diff --git a/src/services/events/events-utils.ts b/src/services/events/events-utils.ts
diff --git a/src/services/s3/s3-router.ts b/src/services/s3/s3-router.ts
@@ -27,6 +27,7 @@ s3Router.get(
                 s3,
                 BucketName.RP_2024_RESUMES
             );
+
             return res.status(StatusCodes.OK).send({ url, fields });
         } catch (error) {
             next(error);
@@ -50,6 +51,7 @@ s3Router.get(
                 s3,
                 BucketName.RP_2024_RESUMES
             );
+
             return res.status(StatusCodes.OK).send({ url: downloadUrl });
         } catch (error) {
             next(error);
@@ -71,6 +73,7 @@ s3Router.get(
                 s3,
                 BucketName.RP_2024_RESUMES
             );
+
             return res.status(StatusCodes.OK).send({ url: downloadUrl });
         } catch (error) {
             next(error);

diff --git a/src/services/s3/s3-schema.ts b/src/services/s3/s3-schema.ts
@@ -0,0 +1,7 @@
+import { z } from "zod";
+
+const BatchResumeDownloadValidator = z.object({
+    userIds: z.string().array(),
+});
+
+export default BatchResumeDownloadValidator;
diff --git a/src/services/s3/s3-utils.ts b/src/services/s3/s3-utils.ts
@@ -24,13 +24,15 @@ export async function postResumeUrl(
     return { url, fields };
 }
 
+
 export async function getResumeUrl(
     userId: string,
     client: S3,
     bucketName: BucketName
 ) {
     const command = new GetObjectCommand({
         Bucket: bucketName,
+        Bucket: Config.S3_BUCKET_NAME,
         Key: `${userId}.pdf`,
     });