Merge pull request #1 from piddlingtuna/master

Merge with upstream master

Author: piddlingtuna

.gitignore

@@ -0,0 +1 @@
+.env

README.md

@@ -1,4 +1,27 @@
 # subcomp
-A project submission system for competitions.
 
-Originally used for the CSESoc Personal Projects Competition at [csesoc.tech](https://csesoc.tech)
+This is a project submission system for [CSESoc](https://csesoc.unsw.edu.au/)'s Personal Project Competition. It was written and first used in 2020 will no longer be maintained by its [original committer](https://github.com/piddlingtuna/subcomp/).
+
+## Authentication
+
+This project only lets users sign up using a [UNSW](https://www.unsw.edu.au/) zID. It does not hook into UNSW's authentication system, but instead verifies users by emailing their UNSW email address based on their zID. This is done when verifying users when they sign up and reseting users' password when requested.
+
+## Environment variables
+
+A `.env` file must exist in this directory _if you are using docker_. It must contain:
+
+- `POSTGRES_USER` = the name of a user in the database. This user must have permission to read/write to the database.
+- `POSTGRES_PASSWORD` = the password of the above user.
+- `POSTGRES_DB` = the name of the database.
+
+An example `.env` would look like:
+
+```
+POSTGRES_USER=postgres
+POSTGRES_PASSWORD=password
+POSTGRES_DB=subcomp
+```
+
+## Set Up
+
+See the guide [here](set_up.md)

backend/.gitignore

@@ -1,5 +1,5 @@
-public/
 .env
+public/
 
 # Generated by Cargo
 # will have compiled files and executables

backend/Cargo.toml

@@ -10,6 +10,7 @@ chrono = { version = "0.4.15", features = ["serde"] }
 argon2rs = "0.2.5"
 rocket = "0.4.5"
 rocket_contrib = { version = "0.4.5", features = ["json", "diesel_postgres_pool"] }
+rocket_cors = "0.5.1"
 diesel = { version = "1.4.5", features = ["postgres", "uuidv07", "chrono", "serde_json"] }
 dotenv = "0.15.0"
 serde = "1.0.115"

backend/Dockerfile

@@ -3,6 +3,6 @@ FROM rust:latest
 WORKDIR /backend
 COPY . .
 RUN rustup default nightly
-RUN cargo build --release
 RUN cargo install diesel_cli --no-default-features --features postgres
-CMD diesel setup && diesel migration run && ./target/release/backend
+RUN cargo build --release
+CMD diesel setup && ./target/release/backend

backend/README.md

@@ -0,0 +1,57 @@
+# Backend
+
+The backend server is written in Rust using the [Rocket](https://rocket.rs/) web framework and [Diesel](https://diesel.rs/) object relational mapping (ORM) and query builder.
+
+The database uses [PostgreSQL](https://www.postgresql.org/). Although fancy features aren't used, it has only been tested with PostgreSQL 14.4.
+
+Be a good person and run `cargo clippy --fix` every so often.
+
+## Documentation
+
+If you are new to Rust, take a look at the [Rust Book](https://doc.rust-lang.org/book/).
+
+[See Rocket documentation.](https://rocket.rs/v0.5-rc/guide//)
+
+[See Diesel documentation here.](https://diesel.rs/guides/)
+
+[See PostgreSQL 14 documentation here.](https://www.postgresql.org/docs/14/index.html)
+
+## Architecture
+
+`src/main.rs` launches the backend server, including connecting to the database. If you add another endpoint, you will need to mount it here.
+
+`src/api.rs` implements all API endpoints for the backend server, including defining the API parameters, request bodies, and response bodies. If you add another endpoint, you will need to implement it here.
+
+`src/responses.rs` defines helper methods to return API responses. It is unlikely you will need to modify this file.
+
+`src/handlers.rs` defines catchers to handle 4xx and 5xx errors. It is unlikely you will need to modify this file.
+
+`src/models.rs` defines the database schema in the database and implements methods to select, insert, update, and delete from the database. This is where you would modify the database schema and add functions to query the database.
+
+`src/schema.rs` is generated by Diesel based on `src/models.rs`. Do not modify this file.
+
+`src/database.rs` implements the pool manager to the database. It is unlikely you will need to modify this file.
+
+## Environment variables
+
+A `.env` file must exist in this directory. It must contain:
+
+- `DATABASE_URL` = A [connection URI](https://www.postgresql.org/docs/current/libpq-connect.html#LIBPQ-CONNSTRING) used by Diesel to find the database.
+- `PASSWORD_SALT` = [A random string used as an input when generating password bashes.](<https://en.wikipedia.org/wiki/Salt_(cryptography)>) Please use a long and complex string.
+- `DOMAIN` = The domain name used to host the frontend. When developing locally, this will be localhost with some port. When deploying, please use [HTTPS](https://en.wikipedia.org/wiki/HTTPS).
+- `SMTP_USERNAME` = An email address using [SMTP](https://en.wikipedia.org/wiki/Simple_Mail_Transfer_Protocol) under your control to send verification and password reset emails to user.
+- `SMTP_PASSWORD` = The password to the above email address.
+- `PROJECT_END` = A [RFC 3339](https://www.rfc-editor.org/rfc/rfc3339.txt) timestamp of when project submission ends.
+- `VOTE_END` = A [RFC 3339](https://www.rfc-editor.org/rfc/rfc3339.txt) timestamp of when voting ends.
+
+An example `.env` would look like:
+
+```
+DATABASE_URL=postgres://postgres:postgres@localhost/subcomp
+PASSWORD_SALT=VERY_LONG_AND_COMPLEX_STRING
+DOMAIN=http://localhost:3000
+[email protected]
+SMTP_PASSWORD=password
+PROJECT_END=1999-09-09T23:59:59+10:00
+VOTE_END=1999-09-19T23:59:59+10:00
+```

backend/Rocket.toml

@@ -0,0 +1,2 @@
+[production]
+address = "0.0.0.0"

backend/migrations/2020-09-07-091403_auth/up.sql

@@ -8,8 +8,8 @@ CREATE TABLE projects (
     summary TEXT NOT NULL,
     link TEXT NOT NULL,
     repo TEXT NOT NULL,
-    first_year BOOLEAN DEFAULT FALSE NOT NULL, 
-    postgraduate BOOLEAN DEFAULT FALSE NOT NULL
+    firstyear BOOLEAN DEFAULT FALSE NOT NULL, 
+    postgrad BOOLEAN DEFAULT FALSE NOT NULL
 );
 
 SELECT diesel_manage_updated_at('projects');
@@ -19,7 +19,7 @@ CREATE TABLE users (
     created_at TIMESTAMP DEFAULT current_timestamp NOT NULL,
     updated_at TIMESTAMP DEFAULT current_timestamp NOT NULL,
     zid CHAR(8) UNIQUE NOT NULL,
-    full_name TEXT NOT NULL,
+    name TEXT NOT NULL,
     password_hash BYTEA NOT NULL,
     project_id UUID DEFAULT NULL references projects(id)
 );
@@ -43,8 +43,8 @@ CREATE TABLE verifications (
     created_at TIMESTAMP DEFAULT current_timestamp NOT NULL,
     updated_at TIMESTAMP DEFAULT current_timestamp NOT NULL,
     token CHAR(32) UNIQUE NOT NULL,
-    zid CHAR(8) NOT NULL,
-    full_name TEXT NOT NULL,
+    zID CHAR(8) NOT NULL,
+    name TEXT NOT NULL,
     password_hash BYTEA NOT NULL
 );