auth context + auth guard

apps/backend/src/applications/applications.controller.ts

@@ -1,31 +1,37 @@
-import { Controller, Get, Put, Post, Body, Param, Query } from '@nestjs/common';
+import { Controller, UseGuards, Get, Put, Post, Body, Param, Query } from '@nestjs/common';
+import { AuthGuard } from '@nestjs/passport';
 import { ApplicationsService } from './applications.service';
 import { ApplicationsModel } from './applications.model';
 import { ApplicationStatus } from './applications.model';
 import { NewApplicationInput } from '../dtos/newApplicationsDTO';
+import { ApiTags } from '@nestjs/swagger'
 
-
+@ApiTags('Applications')
 @Controller('applications')
 export class ApplicationsController {
   constructor(private applicationsService: ApplicationsService) {}
 
+  @UseGuards(AuthGuard('jwt'))
   @Get('applicationsInfo')
   public async getApplications(): Promise<ApplicationsModel[]> {
     return this.applicationsService.getApplications();
   }
 
+  @UseGuards(AuthGuard('jwt'))
   @Get('getNonFirstApplications')
   public async getNonFirstTimeApplications(): Promise<ApplicationsModel[]> {
     return (await this.applicationsService.getApplications()).filter(
       (app) => app.isFirstApplication === false,
     );
   }
 
+  @UseGuards(AuthGuard('jwt'))
   @Get('getFirstApplications')
   public async getFirstApplications(): Promise<ApplicationsModel[]> {
     return this.applicationsService.getFirstApplications();
   }
 
+  @UseGuards(AuthGuard('jwt'))
   @Put('editApplication/:appId')
   public async changeApplicationStatus(
     @Param('appId') appId: number,
@@ -39,7 +45,8 @@ export class ApplicationsController {
     return this.applicationsService.updateApplicationStatus(appId, appStatus);
   }
 
-   @Post()
+  @UseGuards(AuthGuard('jwt'))
+  @Post()
   public async postApplication(@Body() applicationData: NewApplicationInput) {
       return this.applicationsService.postApplication(applicationData);
   }

apps/backend/src/auth/auth.controller.ts

@@ -4,19 +4,18 @@ import {
     Controller,
     Post
 } from '@nestjs/common';
+import { ApiTags } from '@nestjs/swagger';
 import { SignInDto } from '../dtos/sign-in.dto';
 import { SignUpDto } from '../dtos/sign-up.dto';
 import { AuthService } from './auth.service';
-import { UserService } from '../user/user.service';
 import { SignInResponseDto } from '../dtos/sign-in-response.dto';
-import { ApiTags } from '@nestjs/swagger';
+
 
 @ApiTags('Auth')
 @Controller('auth')
 export class AuthController {
     constructor(
         private authService: AuthService,
-        private userService: UserService,
     ) {}
 
     @Post('/signup')

apps/backend/src/auth/auth.service.ts

@@ -1,6 +1,7 @@
 import { Injectable } from '@nestjs/common';
 import {
   AdminInitiateAuthCommand,
+  AdminGetUserCommand,
   AttributeType,
   CognitoIdentityProviderClient,
   ListUsersCommand,
@@ -78,10 +79,22 @@ export class AuthService {
 
     const response = await this.providerClient.send(signInCommand);
 
+    const getUserCommand = new AdminGetUserCommand({
+      UserPoolId: CognitoAuthConfig.userPoolId,
+      Username: email,
+    });
+    const userResponse = await this.providerClient.send(getUserCommand);
+
+    // Find userId in the user's custom attributes
+    const userId = userResponse.UserAttributes?.find(
+      (attr) => attr.Name === 'custom:userId'
+    )?.Value;
+
     return {
       accessToken: response.AuthenticationResult.AccessToken,
       refreshToken: response.AuthenticationResult.RefreshToken,
       idToken: response.AuthenticationResult.IdToken,
+      userId
     };
   }
 

apps/backend/src/dtos/sign-in-response.dto.ts

@@ -16,4 +16,5 @@ export class SignInResponseDto {
      * @example eyJ...
      */
     idToken: string;
+    userId: string;
 }

apps/backend/src/main.ts

@@ -6,7 +6,11 @@ import { AppModule } from './app/app.module';
 
 async function bootstrap() {
   const app = await NestFactory.create(AppModule);
-  app.enableCors();
+  app.enableCors({
+    origin: process.env.FRONTEND_APP_URL,
+    methods: 'GET,HEAD,PUT,PATCH,POST,DELETE',
+    credentials: true, 
+  });
 
   const globalPrefix = 'api';
   app.setGlobalPrefix('');

apps/backend/src/site/site.controller.ts

@@ -1,5 +1,6 @@
 import {
     Controller,
+    UseGuards,
     Delete,
     Get,
     Post,
@@ -9,11 +10,13 @@ import {
     Query
 } 
 from "@nestjs/common";
+import { AuthGuard } from '@nestjs/passport';
 import { SiteService } from "./site.service";
 import { SiteModel } from "./site.model";
 import { NewSiteInput } from "../dtos/newSiteDTO";
-import { ApiQuery } from "@nestjs/swagger";
+import { ApiQuery, ApiTags } from "@nestjs/swagger";
 
+@ApiTags('Sites')
 @Controller("sites")
 export class SiteController {
     constructor(private siteService: SiteService) {}
@@ -32,7 +35,6 @@ export class SiteController {
         return this.siteService.getSitesByStatus(status);
     }
 
-
 
     @Get("/symbolType/")
     @ApiQuery({ name: "symbolType", required: true })
@@ -50,24 +52,25 @@ export class SiteController {
         return this.siteService.getSite(siteId);
     }  
 
+    @UseGuards(AuthGuard('jwt'))
     @Post("/addSite")
     public async postSite(@Body() siteData: NewSiteInput) {
         return this.siteService.postSite(siteData);
     }
 
-
+    @UseGuards(AuthGuard('jwt'))
     @Delete("/deleteSite/:id")
     public async deleteSiteById(
         @Param("id") siteId: number
     ): Promise<void> {
         return this.siteService.deleteSite(siteId);
     }
 
+    @UseGuards(AuthGuard('jwt'))
     @Put("/adopt/:id")
     public async setSiteStatusAdopt(@Param("id") siteId: number): Promise<void> {
         return this.siteService.adoptSite(siteId);
     }
 
 
-
 }

apps/backend/src/user/user.controller.ts

@@ -1,74 +1,82 @@
 import {
-    Controller,
-    Get,
-    Post,
-    Body,
-    Param,
-    Put,
+  Controller,
+  UseGuards,
+  Get,
+  Post,
+  Body,
+  Param,
+  Put,
 } from "@nestjs/common";
+import { AuthGuard } from "@nestjs/passport";
 import { ApiParam } from '@nestjs/swagger';
 import { UserService } from "./user.service";
 import { NewUserInput } from "../dtos/newUserDTO";
 import { UserModel, UserStatus, EditUserModel, Role } from "./user.model";
+import { ApiTags } from '@nestjs/swagger';
 
 
 /**
  * The controller for user endpoints.
  */
+@ApiTags('Users')
 @Controller("users")
 export class UserController {
-    constructor(private userService: UserService) {}
+  constructor(private userService: UserService) { }
 
-    @Get(":id")
-    public async getUser(
-        @Param("id") userId?: number
-        ): Promise<UserModel> {
-            return this.userService.getUser(userId);
-        }
+  @UseGuards(AuthGuard('jwt'))
+  @Get(":id")
+  public async getUser(
+    @Param("id") userId?: number
+  ): Promise<UserModel> {
+    return this.userService.getUser(userId);
+  }
 
 
-    @Post("/addVolunteer")
-    public async addVolunteer( @Body() userData: NewUserInput) {
-        return this.userService.postUser(userData, Role.VOLUNTEER);
-    }
+  @UseGuards(AuthGuard('jwt'))
+  @Post("/addVolunteer")
+  public async addVolunteer(@Body() userData: NewUserInput) {
+    return this.userService.postUser(userData, Role.VOLUNTEER);
+  }
 
-    @Post('addAdmin')
-    public async addAdmin(@Body() userData: NewUserInput) {
-        return this.userService.postUser(userData, Role.ADMIN);
-    }
-
-    @Get(":id/sites")
-    public async getUserSites(@Param("id") userId?: number): Promise<any> {
-        return this.userService.getUserTables(userId);
-    }
+  @UseGuards(AuthGuard('jwt'))
+  @Post('addAdmin')
+  public async addAdmin(@Body() userData: NewUserInput) {
+    return this.userService.postUser(userData, Role.ADMIN);
+  }
 
+  @UseGuards(AuthGuard('jwt'))
+  @Get(":id/sites")
+  public async getUserSites(@Param("id") userId?: number): Promise<any> {
+    return this.userService.getUserTables(userId);
+  }
 
-    @Put("/editUser/:id")
-    public async editUser(
-        @Param("id") userId?: number, 
-        @Body() editUserModel?: EditUserModel
-    ): Promise<UserModel> {
-        return this.userService.editUser(userId, editUserModel);
-    }
-
-    /**
-     * Gets users by their status.
-     * @param status The status to filter users by (e.g., Approved, Pending, Denied).
-     * @returns A list of users with the specified status.
-     */
-    @Get("status/:status")
-    @ApiParam({
-        name: 'status',
-        description: 'The status to filter users by (e.g., Approved, Pending, Denied)',
-        enum: UserStatus,
-    })
-    public async getUserByStatus(
-        @Param("status") status: UserStatus
-    ): Promise<UserModel[]> {
-        console.log(status);
-        return this.userService.getUserByStatus(status);
-    }
+  @UseGuards(AuthGuard('jwt'))
+  @Put("/editUser/:id")
+  public async editUser(
+    @Param("id") userId?: number,
+    @Body() editUserModel?: EditUserModel
+  ): Promise<UserModel> {
+    return this.userService.editUser(userId, editUserModel);
+  }
 
+  /**
+   * Gets users by their status.
+   * @param status The status to filter users by (e.g., Approved, Pending, Denied).
+   * @returns A list of users with the specified status.
+   */
+  @UseGuards(AuthGuard('jwt'))
+  @Get("status/:status")
+  @ApiParam({
+    name: 'status',
+    description: 'The status to filter users by (e.g., Approved, Pending, Denied)',
+    enum: UserStatus,
+  })
+  public async getUserByStatus(
+    @Param("status") status: UserStatus
+  ): Promise<UserModel[]> {
+    console.log(status);
+    return this.userService.getUserByStatus(status);
+  }
 
 
 

apps/frontend/src/app/app.tsx

@@ -1,11 +1,7 @@
-import SampleMap from '../components/map/Map';
-
-
 const App: React.FC = () => {
 
   return (
-    <div>
-    </div>
+      <div />
   );
 };
 

apps/frontend/src/components/PrivateRoute.tsx

@@ -0,0 +1,11 @@
+import { Outlet, Navigate } from 'react-router-dom';
+import { useAuth } from '../context/AuthContext';
+
+
+const PrivateRoute = () => {
+  const { isAuthenticated } = useAuth();
+  console.log(isAuthenticated)
+  return isAuthenticated ? <Outlet /> : <Navigate to="/login" replace />;
+};
+
+export default PrivateRoute;